Privacy Policy
1. Responsible and contact details
The company L8M software GmbH (hereinafter responsible) is responsible for the processing. L8M software GmbH processes the data provided by the data subject (hereinafter the customer) in accordance with the provisions of the European General Data Protection Regulation (hereinafter GDPR).
The contact details of the responsible are:
L8M software GmbH
Scharnweberstraße 23
10247 Berlin
Germany
Phone: +49 30 805.888.60
Fax: +49 30 805.888.61
E-mail: info@l8m.com
Managing Partner: Norbert Marks
2. Purpose and corresponding legal basis
2.1. Fulfillment of contract or implementation of pre-contractual measures:
298/5000 In order to fulfill a contract to which the customer is a party or to carry out pre-contractual measures that are carried out at the customer's request, the processing of the customer's personal data is necessary. The legal basis for this processing is Art. 6 para. 1 lit. b GDPR.
2.2. Advertising:
For marketing purposes, the customer's personal data is used for advertising with the help of postal letters for website creation, website maintenance, internet shops (e-commerce), SEO, SEA and SEM (direct advertising), if the customer's consent is available as the legal basis for this processing in accordance with Art. 6 para. 1 lit. a GDPR. The responsible points out the customer's right to object. The customer receives further information under point 6 of this declaration.
2.3. Contact:
If the customer uses the contact form or the callback request form or contacts the responsible by e-mail, phone, Whatsapp, fax, post or similar, the transmitted personal data will only be used or processed to process the customer's request. The legal basis for this processing is the customer's consent in accordance with Art. 6 para. 1 lit. a GDPR.
3. Recipient of personal data
The personal data transmitted by the customer to the responsible will be made available to the recipients as explained below:
3.1. Fulfillment of contract or implementation of pre-contractual measures:
The personal data transmitted to the responsible will be made available to the following recipients in order to fulfill the contract or to carry out pre-contractual measures:
3.1a
- Shipping service provider:
Depending on which shipping method is selected by the responsible, the data is available to:- Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany
- DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany
- To the email service provider or web hosting company:
- Host Europe GmbH, Hansestrasse 111, 51149 Köln, Germany
- To the telephone and fax providers:
- Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany
- Vodafone Kabel Deutschland GmbH, Betastraße 6-8, 85774 Unterföhring, Germany
- sipgate GmbH, Gladbacher Straße 74, 40219 Düsseldorf, Germany
- To the instant messaging service provider:
- WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
3.1b
- In the case of payment by bank transfer to:
- Berliner Sparkasse, Alexanderplatz 2, 10178 Berlin, Germany
- To the tax advisor:
- Steuerberater Matthias Strietzel, Parkstraße 76-77, 13086 Berlin, Germany
3.1c
- In the event of the customer's consent to the use of the third-party software Google Analytics by the responsible for the website, as described in „11. Analysis tool while the customer visits the website“:
- Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland
- In the event of the customer's consent to the use of the third-party software Google Maps by the responsible for the website, as described in „12.1 Google Maps (with the consent of the customer)“:
- Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland
- In the event of the customer's consent to the use of the third-party software Google StreetView by the responsible for the website, as described in „12.2 Google StreetView (with the consent of the customer)“:
- Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland
- In the event of the customer's consent to the use of the third-party software YouTube by the responsible for the website, as described in „12.3 YouTube mit erweitertem Datenschutz (with the consent of the customer)“:
- Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland
- In the event of the customer's consent to the use of the third-party software reCaptcha by the responsible for the website, as described in „12.4 Google reCAPTCHA (with the consent of the customer)“:
- Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland
3.2. Advertising with the help of postal letters as described in 2.2.:
- According to 3.1a, the responsible makes the personal data accessible to the shipping service provider.
3.3. Contact as described in 2.3.:
- By using the contact form the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By using the callback request form the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By contacting via e-mail E-Mail the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By contacting via phone the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By contacting via WhatsApp the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By contacting via fax the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
- By contacting via post the transmitted personal data of the customer to the responsible will be made available to the recipients in accordance with 3.1a.
The personal data will only be made available to other third parties with the prior written consent of the customer or if this has to be done due to legal requirements.
4. Storage period
The customer's data, which must be retained for legal reasons when the contract is fully executed, will be blocked. This data is no longer available for further use. After the legal reason ceases to exist, the blocked data will be deleted.
In the event that the customer contacts the responsible or uses the contact form or callback request form, the personal data will be used for the duration of the processing of the request. The data that must be kept for legal reasons is then blocked. This data is no longer available for further use.
The responsible is subject to various storage and documentation obligations, which result, among other things, from the Commercial Code (the german „HGB“) and the Tax Code (the german „AO“). The periods for storage and documentation specified there are two to ten years.
Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 ff. Of the German Civil Code (the german „BGB“) can usually be three years, but in some cases up to thirty years.
5. Data protection rights
Every customer has the right in accordance with article 15 GDPR in conjunction with § 34 BDSG to request information from the responsible about the own personal data processed by the responsible. In addition, the customer has the right to the information specified in article 15 para. 1 GDPR. The customer has the right to immediate correction of incorrect and incomplete personal data relating to him in accordance with article 16 GDPR. Furthermore, the customer has the right, in accordance with Article 17 GDPR in conjunction with § 35 BDSG to request the immediate deletion of personal data concerning him. The requirements and restrictions of the right to erasure derive from article 17 GDPR and § 35 BDSG. The customer also has the right to request that the processing of personal data concerning him be restricted in accordance with article 18 GDPR, if one of the requirements of article 18 para. 1 GDPR is met. In accordance with article 20 GDPR, the customer can request that the personal data provided by him, which the responsible processes based on the existing contract between him and the customer or his consent in an automated process, be received in a structured, common and machine-readable format. Obstacles to the transmission of this data by him to another responsible person are prohibited. The conditions and restrictions of the aforementioned rights can be found in article 20 GDPR. The above-mentioned notifications and measures requested by the customer are made available to the customer free of charge in accordance with article 12 para. 5 GDPR. Corresponding concerns are to be addressed to the address mentioned under point 1.
As an affected customer, the customer has in accordance with article 77 GDPR in conjunction with § 19 BDSG the right to lodge a complaint with a data protection supervisory authority.
6. Right to object and other rights
If the customer has given his consent to the processing of the personal data concerning him for one or more specific purposes, the customer has the option of revoking the consent with future effect.
In addition, the customer has the right to object to the processing of personal data for marketing purposes for advertising by means of postal letters for website creation, website maintenance, internet shops (e-commerce), SEO, SEA and SEM (direct advertising) at any time free of charge with effect for the future. The corresponding request is to be addressed to the address given under point 1.
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their residence, their place of work or the place of the alleged infringement, if the data subject believes that the processing of personal data concerning them Data violates this regulation.
A competent authority is e.g. the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, Germany. The customer can also choose another one.
7. Duty to provide data
The following information is mandatory (mandatory information):
7.1. For contract fulfillment or implementation of pre-contractual measures:
The following data is mandatory for the conclusion of a contract (mandatory information):
- Business name
- Name of the representative
- Address
- E-mail address
- Phone number
All other information is not required for the conclusion of the contract and is therefore voluntary.
If the mandatory information required for the conclusion of the contract is not given, no contract will be concluded. Failure to provide the voluntary information has no influence on the conclusion of the contract.
7.2. For contacting as described in 2.3.:
- The specification of the following data is mandatory for processing a contact request via the contact form (mandatory information):
- E-mail-Address
- Message
- Captcha
- Consent regarding the transmission of personal data
- The specification of the following data is mandatory for processing a callback request using the callback request form (mandatory information):
- Contact person / company
- Phone number
- Consent regarding the transmission of personal data
- The following data is mandatory for processing an inquiry by email (mandatory information):
- E-mail-Address
- To process a telephone inquiry, the following data must be provided (mandatory information):
- no
- To process a WhatsApp request, the following data must be provided (mandatory information):
- Phone number
- To process a request by fax, the following data must be provided (mandatory information):
- Fax number
- To process a postal request, the following data must be provided (mandatory information):
- Name
- Address
All other information is not required to process an inquiry and is therefore voluntary.
If the mandatory information required to process an inquiry is not given, the inquiry will not be processed. Failure to provide the voluntary information has no influence on the processing of the request.
8. Automated decision making
There is no automated decision-making, including profiling.
9. SSL- or TLS-encryption during the customer's visit to the website
The responsible for the website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http://" to "https://".
10. Cookies based on the customer's visit to the website
The responsible uses cookies to make visiting his website attractive for the customer and to enable the use of certain functions.
10.1 Transient Cookies
The person responsible uses transient cookies only for processes, in which this is technically necessary.
The customer can have a look on the configuration for the use of transient cookies on the cookie settings page.
10.2 Persistent Cookies
The person responsible only uses persistent cookies, if the customer has consented to the use of the or individual persistent cookies.
The customer can agree to the use of persistent cookies on the cookie settings page or revoke the use / creation.
Insofar as persistent cookies from third-party companies are used or for analysis purposes, if the customer has consented to their use, the responsible will provide separate information in the context of this data protection declaration.
The settings for the persistent website cookies can be changed at: https://www.l8m.com/en/cookie-settings.
11. Analysis tool while the customer visits the website
11.1 Google Analytics (with the consent of the customer)
The responsible for this website uses the functions of the web analytics service Google Analytics, if the customer has explicitly agreed beforehand on the settings page for third-party software and also the use / storage of persistent cookies by Google Analytics. The provider is the Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called „persistent cookies“. These are text files that are stored on the customer's device and that enable an analysis of the use of the website by the customer. The information generated by the cookie about the use of the customer of this website is usually transmitted to a Google server in the USA and stored there.
The storage of persistent Google Analytics cookies and the use of this analysis tool are based on art. 6 para. 1 lit. f GDPR. The responsible for the website has a legitimate interest in analyzing user behavior in order to optimize both their website and their advertising.
11.1a IP anonymization
The responsible for the website has activated the IP anonymization function. As a result, Google shortens the customer's IP address within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address will only be transmitted to a Google server in the USA and abbreviated there in exceptional cases. On behalf of the responsible for the website, Google will use this information to evaluate the use of the website by the customer, to compile reports on website activity and to provide other services related to website and internet use to the responsible for the website. The IP address transmitted by the customer's browser as part of Google Analytics will not be merged with other Google data.
11.1b Browser Plugin
The customer can prevent the storage of persistent cookies by setting the browser software accordingly. The customer can also prevent Google from collecting the data generated by the cookie and relating to the use of the website (including the IP address) and from processing this data by Google by using the browser available under the following link. Downloads and installs the plugin: https://tools.google.com/dlpage/gaoptout?hl=en.
11.1c Objection against data collection
The customer can prevent Google Analytics from collecting the data by revoking the consent to Google Analytics on the settings page of the third party software used on the website of the responsible. Of course, the customer can also withdraw their consent to the persistent Google Analytics cookies on the cookie settings page.
The settings for the persistent cookies on the website of the responsible can be changed at: https://www.l8m.com/en/cookie-settings.
Settings of third-party software used on the website of the responsible can be changed at: https://www.l8m.com/en/settings-to-third-party-software.
The customer can find more information on the handling of user data at Google Analytics in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=en.
11.1d Order processing
The responsible has concluded a contract for order processing with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
11.1e Demographic characteristics in Google Analytics
This website uses the „demographic features“ function of Google Analytics. This enables reports to be created that contain statements about the age, gender and interests of the customers. This data comes from interest-based advertising from Google and customer data from third-party providers. This data cannot be assigned to a specific person. The customer can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of data by Google Analytics as shown in point „11.1c Objection to data collection“.
11.1f Storage period
Data stored at Google at user and event level that are linked to persistent cookies, user IDs (e.g. User ID) or advertising IDs (e.g. persistent DoubleClick cookies, Android advertising ID) will be anonymized after 14 months or deleted. For details, see the following link: https://support.google.com/analytics/answer/7667196?hl=en.
12. Plugins and tools while the customer visits the website
12.1 Google Maps (with the consent of the customer)
The responsible for the website uses the Google Maps map service via an API, if the customer has previously explicitly consented to it on the third-party software settings page. Provider is the Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on the website, Google Maps is deactivated, when the customer enters this website for the first time. A direct connection to the Google servers will only be established if the customer independently activates YouTube (consent according to art. 6 para. 1 lit. a GDPR). This prevents the customer's data from being transferred to Google the first time the page is entered.
After activation, Google Maps will save the customer's IP address. This is then usually transferred to a Google server in the USA and stored there. The responsible for the website has no influence on this data transmission after activating Google Maps.
The customer can find more information on handling user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Settings of third-party software used on the website of the responsible can be changed at: https://www.l8m.com/en/settings-to-third-party-software.
12.2 Google StreetView (with the consent of the customer)
The responsible for the website uses the Google StreetView map service via an API, if the customer has previously explicitly consented to it on the third-party software settings page. Provider is the Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on the website, Google StreetView is deactivated, when the customer enters this website for the first time. A direct connection to the Google servers will only be established if the customer independently activates YouTube (consent according to art. 6 para. 1 lit. a GDPR). This prevents the customer's data from being transferred to Google the first time the page is entered.
After activation, Google StreetView will save the customer's IP address. This is then usually transferred to a Google server in the USA and stored there. The provider of this page has no influence on this data transfer after activating Google StreetView.
The customer can find more information on handling user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Settings of third-party software used on the website of the responsible can be changed at: https://www.l8m.com/en/settings-to-third-party-software.
12.3 YouTube mit erweitertem Datenschutz (with the consent of the customer)
This website integrates videos from the video portal YouTube, if the customer has previously explicitly consented to it on the third-party software settings page. The software is operated by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on the website, YouTube is deactivated, when the customer enters this website for the first time. A direct connection to the Google servers will only be established if the customer independently activates YouTube (consent according to art. 6 para. 1 lit. a GDPR). This prevents the customer's data from being transferred to Google the first time the page is entered.
The responsible for the website uses YouTube in the extended data protection mode. According to YouTube, this mode means that YouTube does not save any information about customers on the website before they watch the video. However, the extended data protection mode does not necessarily preclude the transfer of data to YouTube partners. So YouTube – regardless of whether the customer is watching a video – connects to the Google DoubleClick-network.
As soon as the customer starts a YouTube-video on the website, a connection to the YouTube servers is established. The YouTube server is informed which of the pages the customer has visited. If the customer is logged into the YouTube-account, YouTube is enabled to directly assign the customer's surfing behavior to their personal profile. The customer can prevent this by logging out of his YouTube-account.
Furthermore, YouTube can save various persistent cookies on the customer's device after starting a video. With the help of these persistent cookies, YouTube can receive information about customers of the website. This information is used, among other things, to collect video statistics, improve usability and prevent fraud. The persistent cookies remain on the device until they are deleted.
If necessary, further data processing processes can be triggered after the start of a YouTube-video, over which the responsible for the website has no influence.
YouTube is used in the interest of an attractive presentation of the online offer. This represents a legitimate interest within the meaning of art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested (e.g. consent to the storage of persistent cookies), the processing takes place exclusively on the basis of art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
The customer can find further information on data protection at YouTube in their data protection declaration from Google at: https://policies.google.com/privacy?hl=en.
Settings of third-party software used on the website of the responsible can be changed at: https://www.l8m.com/en/settings-to-third-party-software.
12.4 Google reCAPTCHA (with the consent of the customer)
The responsible for the website uses „Google reCAPTCHA“ (hereinafter „reCAPTCHA“) on the website, if the customer has previously explicitly consented to it on the third-party software settings page. Provider is the Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on the website, reCAPTCHA is deactivated, when the customer enters this website for the first time. A direct connection to the Google servers will only be established if the customer independently activates YouTube (consent according to art. 6 para. 1 lit. a GDPR). This prevents the customer's data from being transferred to Google the first time the page is entered.
ReCAPTCHA is intended to check whether the data entry on the website (e.g. in a contact form) is made by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the customer using various characteristics. This analysis starts automatically as soon as the customer enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of stay of the customer on the website or mouse movements made by the user). The data collected during the analysis are forwarded to Google.
The reCAPTCHA analyzes run completely in the background. The customer is not informed that an analysis is taking place.
The storage and analysis of the data is based on art. 6 para. 1 lit. f GDPR. The responsible for the website has a legitimate interest in protecting his website from abusive automated spying and from SPAM. If a corresponding consent has been requested (e.g. consent to the storage of persistent cookies), the processing takes place exclusively on the basis of art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
The customer can find further information about Google reCAPTCHA in the Google data protection regulations and the Google terms of use at the following links:
https://policies.google.com/privacy?hl=en und
https://policies.google.com/terms?hl=en.
Settings of third-party software used on the website of the responsible can be changed at: https://www.l8m.com/en/settings-to-third-party-software.