We process client and business partner data in compliance with data protection laws, which means it is used for very specific purposes and in accordance with the principles of data minimization. Obviously, all our employees are intimately familiar with the legal situation in regards to data protection and the associated measures in their day-to-day work.
Information on other areas can be found here:
- Information for Business Partners and Contact Persons
- Information for Sweepstakes/Raffles
- Information on DS-Doku
- Information on foxondo
- Information for online data protection training can be found directly on the respective training page
- Information on data processing in social networks can be found at the lower part of this page
Do you miss statements here? Feel free to ask us.
The following information applies to our main site fox-on.com as well as our landingpages online-datenschutz-schulung.de and foxondo.com:
Data processing on webpages which refer to this Privacy Notice
We process website user and newsletter recipient data for the following purposes:
- Server-Log data: Our provider and the system collects and stores information that your browser automatically transmits to us. Specifically, these are browser type and version, operating system used, referrer URL (the link you came from), host name of your computer, the requested files with date and time and the IP address.
This data will not be combined with other data sources.
The data processing is based on Art. 6 Para. 1 Letter f GDPR, which permits the processing of data on the basis of legitimate interests. In this case, there is a justified interest in a secure and problem-free operation of the web server. In order to ensure this, the administration must be able to recognise and trace attacks and malfunctions of the system via the server log files. To recognise attack patterns, access to the web server must be stored. As soon as this data is no longer needed, it is deleted. For technical reasons, the data is disclosed to the hosting service provider, who is who is bound to secrecy.
- Contact Forms: You can voluntarily contact us through our contact page and forms on our website. The obligatory information needed is stated. All other information can be provided on a voluntary basis. The data you enter will be used exclusively to contact you and to process your request. The data processing is based on your voluntarily consent in accordance with Art. 6 Para.1 Letter a GDPR. You can at any time withdraw your consent with effect for the future.
If you use our customer area, cookies are used to provide you with this function. The cookies are automatically deleted at the end of each current session; a cookie to store your language selection is deleted after one month. No third parties have access to the cookies.
Insofar as cookies contain personal data, their use is based on our legitimate interests pursuant to Art. 6 Para. 1 Letter f GDPR. Our legitimate interests are to be able to provide you with the described functions.
- Customer Area: The log-in data which are submitted to all of our clients are allocated to the entire company, not a single employee: It is impossible for us to track exactly which employee from a company entered the customer area of our website. The data processed when using the customer area are processed on the basis of Art. 6 Para.1 Letter f GDPR. The legitimate interest lies in the provision of information for a limited group of people.
- Newsletter: We might send information to employees at out clients and, when requested, other interested parties. You can unsubscribe from newsletters at any time via the link in the email footer. Opening emails or clicking on links in them is only recorded anonymously, if at all, i.e. without any possibility of assigning this action to specific persons. The data are only used to send newsletters and are only made available for technical delivery to contracted service providers. This data processing is based on Art. 6 Para. 1 Letter a GDPR (consent) and, in the case of our clients’ contact persons, on Art. 6 Para. 1 Letter f GDPR. Our legitimate interest lies in the fulfilment of the contractual duty to inform on data protection topics.
- Requesting access code for Data Protection Online Training: When you complete the web form to receive an access code for the demo Data Protection Online Training, you will need to provide your email address so that we can send you this code. Any other information you provide is voluntary. We need this information to enable access, to contact you if there are any questions about use, to get an overview over participants, and to track any misuse. The legal basis is Art. 6 Para. 1 Letters b and f GDPR. Your data will not be passed on to third parties. Only our IT service providers may be able to gain insight, but are obliged to maintain confidentiality. We store your data as long as the underlying purpose has not yet ceased to apply.
- Analysing-Tools und Third-Party-Tools are not used on our website.
The personal data are stored as long as they are necessary for the purposes mentioned above and as long as required by statutory retention periods.
Data processing in social networks
Please note that the Internet is not suitable for the transmission of confidential information – so please choose a different communication channel if necessary. We will not share confidential information with you via social networks but will use other communication channels for this purpose.
Processing users’ personal data is based on our legitimate interest in effective information of users and communication with users in accordance with Art. 6 Para. 1 Letter f GDPR.
If you visit us on Facebook, we point out that in this case your data may be processed outside the European Union. This could pose risks for users, for example by making it more difficult to enforce user rights.
Facebook and Xing generally also process user data for market research and advertising purposes. For example, user profiles can be created from the user behaviour and the resulting interests of the users. The user profiles can be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers to record the usage behaviour and interests of the users. Furthermore, data may also be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed description of the respective processing operations and the possibilities to object (opt-out), please refer to the general Facebook privacy statement at https://www.facebook.com/about/privacy/. You can find information on Insights Data here and here.
In the event of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted with the provider. Only the provider has access to the data of the users and can directly take appropriate measures and provide information.
As the data subject you have the following rights, provided the legal conditions are fulfilled:
- Right to Information, Art. 15 GDPR
- Right to Rectification of incorrect data, Art. 16 GDPR
- Right to Erasure of Data, Art. 17 GDPR
- Right to Restriction of Processing, Art. 18 GDPR
- Right to Data Portability, Art 20. GDPR
- Right to Objection, Art. 21 GDPR
Provided the data processing is based on your consent, you may revoke it at any time, with effect on the future
You also have the right to lodge a complaint with The Data Protection Supervisory Authority regarding the processing of your data.