Foreword
We are delighted that you are interested in our website, www.lancom-systems.com, our enterprise, and our products and services. At LANCOM Systems we know that when you use our website, the protection of your privacy is important to you. Compliance with statutory data protection regulations is matts to us. Moreover, it is important to us that you, as a customer, always know what data are collected, saved and used by us and when and how this happens.
Below, we inform you about the collection and other processing (e.g. saving, retrieving, altering and transferring) of personal data when you use our website, products and services. Personal data are all data relating to you personally e.g. your name, address, email addresses and user behaviours.
If we process personal data upon the use of our website, products and services or rely on contracted service providers for individual functions, offers or services with reference to data processing or wish to use your data for promotional purposes, we provide you below with detailed information about the relevant processes and, in particular, which data are processed. We also specify the intended storage period or the criteria determining the storage period, as well as the legal basis for the relevant processing.
- Name and address of the controller
- Contact details of the data protection officer
- Collection and storage of personal data, as well as type, purpose, legal basis and duration of use
- Your rights
- Right of access
- Right to rectification
- Right to deletion
- Right to restrict processing
- Right to information
- Right to data portability
- Right to object, Art. 21 GDPR
- Right to withdraw a consent given under data protection law
- Automated individual decision-making, including profiling, Art. 22 GDPR
- Right to complain to a supervisory authority
- Right to object pursuant to Art. 21 GDPR
- Data security
- Privacy statement updates
The controller for the purposes of the General Data Protection Regulation and other national data protection statutes of the EU member states, as well as other legal provisions concerning data protection is:
For further information please follow the link below to our imprint page:
Imprint page.
You can reach our data protection officer at datenschutz@lancom.de or at our postal address adding “the data protection officer”.
III. Collection and storage of personal data, as well as type, purpose and legal basis and duration of use
1 Visiting the website
If our website is used for information purposes only, i.e. you do not register on our website or otherwise transfer information to us, we only collect the personal access data in the so-called server logfiles which your browser transmits to our servers. The following data is collected in the server logfiles:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the rerquest (specific page)
- Access status/HTTP status code
- Volume of data tranferred each time
- Website from which the request comes (referrer)
- Browser
- Operating system and its interface
- Language and version of browser software
These data are evaluated exclusively to ensure the trouble-free operation of the website with regard to its stability and security and to improve our services. They are then discarded. The legal basis for the data processing is Art. 6 (1), sentence 1(f) GDPR. Our legitimate interest results from the abovementioned purposes of data collection.
The data is also saved in our system logfiles. These data are not stored with any other personal data of the user.
The collection of data to make the website available and the storage of data in logfiles is essential for the operation of our website. It follows that the user cannot raise any objection.
The data is deleted as soon as it is no longer necessary for achieving the purpose for which it was collected. In respect of data collected to make the website available, this is the case when the relevant session is ended.
Furthermore, in the event of a visit to our website, we employ cookies and analytics services. You can find further information in relation to these under sections V and VI of this Privacy Statement.
(1) Use of cookies
We use cookies on some of our webpages to make visits to our website user-friendly and effective and to enable the use of certain functions. Cookies are small text files that are stored on your terminal and save particular settings and data which are exchanged with our system via your browser. The cookies cause particular information to flow to the entity which has placed the cookies (here us). Cookies cannot run programs or transfer viruses to your computer.
Cookies do not contain any personal data and therefore cannot be directly associated with a user. Please note that particular cookies are placed on your terminal as soon as you visit our website. This website uses the following types of cookie:
- - Necessary/functionality cookies: These cookies are necessary for the operation of our website. They include, e.g. cookies that make it easier for you to log into the members’ area. In addition – if actively requested by you - we also employ cookies which enable you to be recognised on later visits to our website if you have an account with us. Otherwise you would need to log in anew on each visit.
- - Transient cookies: These are automatically deleted when you close your browser and include session cookies in particular. Session cookies store a so-called session ID that can attribute different requests from your browser to a common session. Your computer can therefore be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.
- - Persistent cookies: These are automatically deleted after a predetermined period which may differ for each cookie. You can delete the cookies in your browser’s security settings at any time.
You can configure your browser settings according to your wishes and, for example, refuse to accept third party or all cookies. Your browser can also be configured so that notice is given when a cookie is placed. Please consult your current browser provider in relation to this. We wish to point out that if you do not accept cookies you may not be able to use all the functions of this website.
The legal basis for the use of cookies is Art. 6 (1), sentence 1 (f) GDPR. Our legitimate interest arises out of the abovementioned purpose of rendering our website more user friendly and effective.
You can find further information about analytic cookies under section VI of this Privacy Statement.
(2) Use of analytical tools
Web-analysis services are employed on our website for the purposes of needs-based design and advertising.
a. Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. („Google“). Google Analytics uses so-called “cookies”, text files that are stored on your computer and enable the use of the website by you to be analysed. The information generated through the cookie about your use of this website is usually transferred to a Google server in the USA and saved there.
IP anonymisation
We have activated the IP anonymisation function on this website. This means that your IP address is abbreviated by Google within the EU member states or in other EEA contracting states before it is transmitted to the USA. The full IP address is only sent to a Google server in the USA and abbreviated there in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website, collate reports about website activity and provide further services connected with the use of the website and the internet to the website operator. The IP address transmitted from your browser within the framework of Google Analytics is not collated with other Google data.
You can prevent cookies from being saved by configuring your browser software accordingly. However, we wish to point out that in this event you may not be able to use all functions of this website to the full extent. In addition, by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de) you can prevent the collection and processing of data generated by the cookie relating to your use of the website (including your IP address) by Google.
As an alternative to the browser plug-in, especially for browsers on mobile devices, you can prevent the collection of your data by Google Analytics by managing your consent on the following link. This will place an opt-out cookie on your device to prevent the collection of your data on future visits to this website.
The opt-out cookie only applies in this browser and only in respect of our website and is placed on your device. If you delete the cookies in this browser you will need to re-set the opt-out cookie.
We use Google Analytics so that we can analyse the use of our website and regularly improve it. The statistics obtained enable us to improve our services and make them more interesting to you as a user. In the exceptional cases in which personal data are transferred to the USA, Google has submitted to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). The legal basis for the use of Google Analytics is Art. 6 (1), sentence 1 (f) GDPR. Our legitimate interest arises out of the abovementioned purposes.
Information regarding the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
User conditions: policies.google.com/terms?hl=en
Data protection overview: marketingplatform.google.com/about/
Privacy statement: policies.google.com/privacy?hl=en-US
This website also uses Google Analytics to analyse the flow of visitors through one user-ID across multiple devices. You can deactivate the analysis of your use of this website across multiple devices in your customer account under “my data”, “personal data”.
b. Google Maps
We use the services of Google Maps on this website. These enable us to provide interactive maps directly on our website so that you can easily use the maps function.
When you visit our website, Google is informed that you have called up the relevant page of our website. The data specified in § 3 of this Statement are also transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data is directly allocated to your account. If you wish to avoid the allocation to your Google profile, you need to log out before pushing the activation button. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the appropriate design of its website. Such evaluation particularly occurs (even in the case of users who are not logged in) to provide appropriate advertising and to inform other social network users about your activities on our website. You have a right to object to the creation of such user profiles. To exercise this right you must apply to Google.
Further information about the purpose and extent of the collection and processing of data by the plug-in provider can be obtained from the provider’s privacy statement. You can also obtain further information about your rights and the configuration options available to protect your privacy: policies.google.com/privacy?hl=en&gl=en. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, www.dataprivacyframework.gov/s/.
Information about the third-party provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
2) Use of other services, functions and products on our website
Alongside the purely informational use of our website, we provide different services, products and functions that you may use if interested. To do this you must usually provide further personal data which we use to provide the relevant service and to which the abovementioned data processing principles apply. The services/products/functions are described in further detail below.
(1) Contact by email/web form
Mandatory fields: When you contact us by email with a general enquiry, we save the information disclosed by you (your email address, your first name and surname) to answer your question.
The legal basis for processing this data is Art. 6 (1) (a) and (b) GDPR, based on your voluntary consent or in order to answer your enquiry.
We delete the data concerned after we have dealt with your enquiry or, where a statutory duty to retain the data exists, we restrict its processing.
Voluntary fields: LANCOM also records the following data from voluntarily completed fields where applicable:
- Title
- First name and surname
- Email address
- Telephone number
- Company name
- Country
- Postcode
- Address
- Sector
- Number of employees
- Turnover
We use ORACLE Eloqua for targeted communications with our customers and partners. ORACLE’s servers are situated in the EU. Within the framework of support and management services, it cannot be excluded in any individual case that individual Oracle Corporation employees outside the EU also have access to user data when providing their contractual services. We have precautionarily ensured an appropriate level of data protection with Oracle by ensuring that there are sufficient safeguards in accordance with GDPR.
If it is not yet present on your device, Eloqua places a permanent cookie on the relevant registration page. If you have previously used a website that employs Eloqua, you may already have an Eloqua-cookie. We use this cookie in certain circumstances to analyse your use of our website so that we can continually improve it.
Emails sent with the aid of Eloqua use tracking technologies. By ascertaining whether you open our emails and which links you click on, this data is primarily used by us to find out which topics are of interest to you. We then use this information to improve the emails we send and the services we make available to you and link it to tracking or profiling information that is already available.
If you wish to prevent the future use of Eloqua-cookies on your device, you can do so via the following link:
www.oracle.com/legal/data-privacy-inquiry-form.html
If you do not want us to recognise your computer again (hard-drive cookies), you can also configure your browser to delete cookies from your hard drive, block all cookies or warn you before a cookie is saved.
(2) Chatbot
The chatbot is provided by our service provider ‘DialogBits’ of Web Computing GmbH, Wilhelm-Schickard-Straße 10, 48149 Münster. We remain responsible for the processing of your personal data and remain your point of contact. The legal basis for the processing is your consent in accordance with Art. 6 I a. GDPR. Please note that the chatbot processes the information and personal data you provide as well as your pseudonymised IP address in order to improve the function of our solution. In your own interest, please ensure that you only enter other people's personal data if you have explicit consent to do so.
(3) Blog function
You can submit public comments on our blog, “Auf ein Wort”, in which we publish various articles on topics related to our activities. Your comments will be published with the name you provide with your contribution. We recommend that you use a pseudonym rather than your real name. It is essential that you provide a name and email address; all other information is voluntary. Furthermore, if you provide a comment, we save your IP address. This is necessary so that we can defend ourselves against any claims in the event that illegal content is published. We require your email address to contact you if a third party complains that your comment is illegal or if you have expressed the wish (by voluntarily ticking a box), to be informed of subsequent comments or new contributions by email. The legal basis for this is Art. 6 (1) sentence 1 (f) GDPR. Comments are not checked prior to publication. We reserve the right to delete comments if a third party complains that they are illegal. If your comments are deleted, the data saved in relation to them is deleted.
(4) Online applications for a position with LANCOM Systems & Job-Alert
If you apply for a position with LANCOM Systems through this website, personal data are collected in our applications portal. The data you submit to our applications portal are used exclusively for the purpose of filling the advertised position and checking and dealing with the application provided by you. After completion of the application process in respect of the specific position advertised, these data are blocked from further use and will be deleted upon the expiry of any statutory obligation to save them. The legal basis for processing is Art. 88 GDPR in conjunction with § 26 (1) German Federal Data Protection Act (Bundes Datenschutzgesetz “BDSG”).
By voluntarily clicking on the JobAlert button you consent to us processing the data in the search screen which is then opened. The data which you voluntarily disclosed here (your email address and the search criteria for the job search) are saved by us so that we can notify you by email as soon as a new job vacancy appears which matches your search criteria. The legal basis for this processing is Art.6 (1) sentence 1 (b) GDPR.
Please note that the services of rexx systems GmbH, Süderstraße 75-79 in 20097 Hamburg are used to provide the online application and job alerts and that the data you provide will be transferred to them on the basis of an order data processing contract in accordance with Art. 28 para. 3 GDPR.
We would also like to point out that we reserve the right to carry out additional online research on applicants if this is necessary to decide on the establishment or implementation of the employment relationship in individual cases.
(5) Subscription to the RSS feed
Our website provides you with the opportunity to subscribe to an RSS feed named “Systems Knowledgebase”. This is a dynamic bookmark which is added to your browser after you click on “subscribe now”. This bookmark delivers information created and continually updated by us about the products and services of LANCOM Systems GmbH. By voluntarily clicking the “subscribe now” button, you grant your consent to us collecting, saving and processing your IP address in connection with the RSS feed.
The IP address is necessary to provide the RSS feed information to you through your browser.
The legal basis for this processing is Art 6 (1)(a) GDPR.
The data processed in connection with subscription to the RSS feed will be deleted as soon as we discontinue the RSS feed, or you withdraw your consent. You can withdraw your consent at any time and thereby unsubscribe from the RSS feed by removing the bookmark from your browser.
a. Privacy statement for the use of Twitter
The website also uses functions of the Twitter service. These functions are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the “re-tweet” function, the websites visited by you are linked with your Twitter account and disclosed to other users. When this data is forwarded, data is also transferred to Twitter. LANCOM points out that, as website provider, it obtains no knowledge of the content of the data transmitted or of its use by Twitter. LANCOM therefore refers you to the following link to obtain further information regarding Twitter’s privacy statement: twitter.com/en/privacy.
If you wish to alter your data protection settings with Twitter, you can do so under this link: twitter.com/account/settings.
b. Privacy statement for the use of the Google+ button
The website uses the “+1” button of the social network Google Plus, which is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you access a page on our website equipped with such a plug-in, a connection will be established to Google's servers and the content of the "+1" button will be displayed on the website by notifying your browser. This enables the sub-pages you visit to be transmitted to Google's server. LANCOM has no influence on the amount of data that Google collects through this transmission. If you are logged in as a Google member, Google assigns this information to your personal Google user account. When you use the functions of the plugin (e.g. by clicking the “+1” button), this information is also assigned to your Google account, which you can only prevent by logging out before using the plugin. Further information on how Google Plus processes your personal data can be found at https://www.google.com/intl/de/+/policy/+1button.html.
c. Privacy statement for the use of Pinterest’s “Pin it” button
The website contains the “Pin it” button belonging to the social network Pinterest, operated by Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA. If the “Pin-it” button is used, Pinterest receives the information that you have visited the website. If you are logged in to your Pinterest account at the time, it is also possible for Pinterest to allocate your visit to the website to your Pinterest account. By clicking the “Pin-it” button, data is transmitted to Pinterest which is saved on servers in the USA. If you wish to prevent this, you should log out of your Pinterest account prior to clicking on the “Pin-it” button. Further information on the processing of your personal data by Pinterest can be found at: policy.pinterest.com/privacy-policy.
d. Privacy statement for the use of the “XING share button”
The “XING-share” button is used on this website. By calling up this website a short-term connection to the servers of XING AG (“XING”) is established via your browser, with which the “XING share” button functions are provided (in particular calculation/display of counter value). XING does not save any personal data from you when you call up this website. In particular, XING does not save any IP addresses, nor does any evaluation of your user behaviour take place through the use of cookies in connection with the “XING share” button. Current data protection and supplementary information relating to the “XING share” button can be found on the following webpage: www.xing.com/app/share?op=data_protection.
e. Privacy Statement for the use of YouTube buttons
On our website we employ one or more YouTube plugins. YouTube is a service from Google Inc., San Bruno/California, USA. Each time you call up one of our webpages containing such a component, it creates a connection to YouTube’s servers. This process informs YouTube which specific page of our website is being visited. If you are logged in to YouTube, your browsing behaviour can be attributed directtly to your personal YouTube account. This can be prevented if you log out of your YouTube account beforehand. Further information about the collection and use of your data by YouTube can be found in the information at: www.youtube.com.
f. Privacy statement for the use of the Facebook plugin (“Like” button)
Plugins belonging to the social network, Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated in this website. You can recognise these by the Facebook logo or the “Like” button on the website. You can find an overview of possible Facebook plugins under the following link: developers.facebook.com/docs/plugins/.
If you visit the website, these Facebook plugins (“Like” button) establish a direct link between your browser and the Facebook servers. By virtue of your visit, Facebook is informed that you have visited the website with your IP address. If you click on the Facebook “Like” button on the website at the same time as you are logged in to your Facebook account, the contents of the website are linked to your Facebook profile. Facebook can therefore allocate your visit to the website to your user account. LANCOM points out that, as website provider, it obtains no knowledge of the content of the data transmitted to Facebook or of its use by Facebook. LANCOM therefore refers you to the following link to obtain further information on Facebook’s privacy statement: www.facebook.com/privacy/policy/.
(7) Usage of the LANCOM member portal “myLANCOM”
The portal, myLANCOM, is a web portal through which we offer you services in connection with your LANCOM devices. To use our web portal you need to register yourself at myLANCOM by providing the following personal data:
- Title
- First name
- Surname
- Address
- Telephone number
- Customer category
- Business/company name
- Position
- Sector
- Size of enterprise (by category)
- Internet address
There is no requirement for you to provide your real name; the use of a pseudonym is permitted. We use the so-called “double opt-in” procedure for registration - i.e. your registration is only completed when you confirm it by clicking a link sent to you for this purpose in a confirmation email. If your confirmation is not given within 72 hours, your registration is automatically deleted from our database.
If you register in our members area, we save the data you provide to make the information defined by you via the menu item “info-service” and services from myLANCOM available to you. Your data is saved for the duration of your membership. Your membership ends if you delete your access under “cancel membership”. You can manage and change all particulars in the protected member’s area. Following cancellation of your membership the data is anonymised and permanently saved for statistical purposes. The legal basis for processing is Art. 6 (1) sentence 1 (f) GDPR.
a. Newsletter
By giving a separate consent in your member’s area, you can also register to receive our newsletter in which we inform you about our current services. The newsletter is sent to the email address saved in your member account.
To register for our newsletter we use a double click procedure. This means that we will only email you the newsletter after you have clicked on the check box for the particular newsletter and then confirmed your choice by clicking on the “accept” button. We save your email address in connection with the distribution of the newsletter, as well as the IP address used to register and the time of registration for the newsletter in accordance with the above-mentioned procedure. The purpose of the procedure is to send you the newsletter and evidence your registration. The legal basis for this is Art. 6(1) sentence 1(a) GDPR, based on your voluntary consent.
You can withdraw your consent to the transmission of the newsletter and unsubscribe from it at any time. You can declare your withdrawal by clicking on the link provided in every newsletter email, by email to info@lancom.de or by unsubscribing from the newsletter in the members’ area in a process analogous to that for registration.
We wish to point out that we evaluate your user behaviour when distributing the newsletter. For this evaluation, the emails sent contain so-called “web beacons” or “tracking pixels” representing one pixel image files that are saved on our website. To make evaluations, we link the data mentioned in III § 1 and the web beacons with your email address and an individual ID. We then use the data so obtained to create a user profile so that we can tailor the newsletter to your individual interests. In doing so we record when you read our newsletter and which links in the newsletter you click on, from which we infer your personal interests. We link this data with your activity on our website.
You can object to this tracking at any time by clicking on the separate link provided in every email or contacting us by another means to inform us of this. The information will be saved for as long as you have subscribed to the newsletter. After deregistration the data are purely saved statistically and anonymously. In addition, such tracking is not possible if you have deactivated the display of images as standard. In this event the newsletter will not be displayed completely, and you may not be able to use all functions. If you display the images manually the above-mentioned tracking will take place.
(7) LANcommunity
In order to operate our partner portal “LANcommunity”, cooperation with Channel Mechanics Technologies Ltd., Block 4, Ballybrit Business Park, Ballybrit, Galway, Co. Galway H91 A4XW, Ireland is necessary. The framework for the joint processing of personal data and the respective responsibilities have been agreed between LANCOM Systems and Channel Mechanics in accordance with the legal requirements.
If you use the portal, your data may become accessible to other participants in the portal. Members who are not registered do not receive any information about you. Your username is visible to all registered members. If you post in groups, these are visible to all registered members of the portal.
When you register for LANcommunity your data will be encrypted by LANCOM and saved in a database of Oracle Deutschland B.V. & Co. KG. Only encrypted data is passed to Oracle. LANCOM has taken technical and legal measures to prevent a read out of the data by Oracle and the transfer of the data outside the area to which the GDPR applies. Oracle’s data protection policy can be accessed here: Oracle Marketing Cloud- und Data Cloud-Datenschutzrichtlinie | Oracle Deutschland.
In addition, pursuant to Art. 29 GDPR, Oracle has imposed on itself binding internal data protection provisions regarding its handling of personal data. These provisions are binding in respect of personal data transferred to Oracle by LANCOM and can be viewed here: Privacy Code for Processing Personal Information of Customer Individuals (oracle.com)
The data is processed at your request and is necessary for the purposes specified under Art. 6(1) sentence 1(b) GDPR (performing a contract and taking pre-contractual steps).
(1) Support portal
We make our Support Portal available for the submission and processing of written support requests. If you wish to use our support portal you must register by providing your email address, a self-selected password and your full name. We use the so-called double opt-in process (see (6) above) for registration. The provision of the abovementioned data is mandatory; all further information can be voluntarily provided by you through our portal.
If you use our Support Portal we save your abovementioned data, as well as the further data you voluntarily disclose to us in your support request so that we can process your request. This further data may include:
- Business or company name
- First name and surname
- Address
- Telephone number
- Email address
- Serial, customer and contract numbers and licence information
- User recognitions, passwords, IP addresses, MAC addresses
With the exception of your registration data all other data will be deleted after your support request has been completed. Your registration data is saved until you delete your access to the Supprt Portal. The legal basis for processing the data is Art. 6(1) sentence 1(b) and (f) GDPR.
(2) Remote services
To provide our support services it may be necessary to establish a remote link to the customer’s or partner’s devices for technical reasons. This occurs via the “Teamviewer” tool – software produced by TeamViewer GmbH, Jahnstr. 30, 73037 Göppingen. The provider’s conditions of use are not affected by this privacy policy. The controller in respect of data directly related to the provision of webinars and online lessons is LANCOM Systems GmbH. Where the video conferencing system is used, different types of data are processed:
- Username
- Display name
- Email address
- IP address
- Profile picture (optional)
- Language preference
- Location
4) Participation in LANacademy events
LANCOM offers comprehensive training opportunities within the framework of marketing campaigns and the LANacademy. All of these are managed centrally through the LANacademy. The individual courses build upon one another to some extent and serve as a prerequisite for classification at a particular partner level in the LANcommunity. Data is processed at your request and is necessary for the purpose of fulfilling a contract as specified under Art. 6 (1) sentence 1 (b) GDPR.
The following data is collected from all users of the LANacademy:
- First name
- Surname
- Title
- Company and address
- Turnover tax ID
- Telephone number
- Language preference
- Last Login
- Creation and release dates
- Active User
- Username and password
- Access period
- Assigned role
- Participation in tests and test results
- Number of attempts
- Response to individual questions
- Processing period
- Update status
- Forum entries
- Calendar deadlines
We use an ILIAS platform to administer our LANacademy. This is hosted by Databay AG, Jens-Otto-Krag-Straße 11 in 52146 Würselen.
To provide webinars we use the “GoTo-Meeting” tool by LogMeIn. The processor is LogMeIn Ireland Limited, an Irish company seated in The Reflector, 10 Hanover Quay, Dublin 2, D02R73, Republic of Ireland. This video conferencing system is technically provided by LogMeIn. The provider’s user conditions are not affected by this privacy statement. The controller in respect of the data directly connected to the provision of webinars and online courses is LANCOM Systems GmbH.
When the video conferencing system is used, various types of data are processed. The scope of the data also depends on what statements you give about data before or during participation in an online lesson.
The following personal data are processed:
- First name, surname, email address (mandatory fields)
- Optional information: address, location, post-code, country, telephone, business or company name/organisation, job title, sector
Furthermore, in the case of webinars offered in connection with the LANacademy, the following data are collected:
- Business or company name
- First name, surname
- Address, postcode, country
- Telephone number
- Title
- Email address,
- Turnover tax ID,
- Customer type,
- LANCOM partnership status
- Meeting metadata: topic, description (optional)
- participants’ IP addresses
- devices/hardware information
In the case of recordings (optional):
MP4-file of all video, audio and presentation recordings, M4A-file of all audio recordings, text files of online meeting chats.
In the case of a telephone dial in:
Details of the incoming and outgoing telephone number, country name, start and end times. If applicable, further connection data e.g. IP address of the device may be saved.
Text, audio and video data:
In an “online meeting” you may have the opportunity to use chat, question or survey functions. In this respect, your text input is processed to display it on the online training course and, where applicable, to make a record of it. To enable video to be displayed and audio to be played back, the data from the microphone and any video camera on your terminal is processed throughout the duration of the meeting. You can turn off the camera or mute microphone yourself at any time.
If we wish to record an online training course we will clearly notify you and, where necessary, ask for your consent. As a rule, online training courses are not recorded. This also applies to the chat function.
Automated decision-making within the meaning of Art. 22 GDPR is not employed.
If personal data are processed by employees of LANCOM Systems GmbH, Art 6(1)(b) GDPR is the legal basis for the data processing.
In principle, personal data processed in connection with the participation in online training courses are not disclosed to third parties unless they are specifically intended for disclosure.
The providers of the video conferencing systems are partly located within the USA. The personal data are therefore also processed in a third country.
An appropriate level of data protection is additionally guaranteed by the conclusion of the so-called EU standard contract terms or the implementation of so-called mandatory domestic data protection provisions examined by a data protection regulator in the European Union.
(1) Introduction
The LANCOM Management Cloud (below: “LMC”) enables the setting up, operation and monitoring of WAN, WLAN and LAN infrastructures. Operation of the LMC requires personal data to be processed.
In compliance with the requirements of the GDPR the provider has taken appropriate technical and organisational measures to guarantee an appropriate level of protection for the personal data processed to operate the LMC. The operation of the LMC and the storage and processing of data takes place exclusively in computer centres in the Federal Republic of Germany. The computer centre operators and owners are German companies.
We therefore ensure that the technical and organisational requirements demanded by the new regulations, including for the protection of the administrators of the LMC, are fully applicable. This level of protection cannot be guaranteed by providers whose solutions are realised on servers outside Europe, for example in the USA. Although these must also comply with the provisions of the GDPR in principle if they offer their services in Europe (market place principle), user companies cannot assume that they will also be able to enforce their rights to protect personal data in the relevant third country e.g. if the authorities there can access the data of the cloud provider.
The following information provides administrators of the LMC with an overview of the processing of personal data by the provider and the rights which result for Admins arising out of data protection laws. Which individual data is processed and how it is used also depends on the installation of the particular LMC.
(2) Definitions:
Administrator(s): |
Representatives of organisations or end customers acting for their relevant organisation or, in the case of self-employment or private usage, acting in their own name (abbreviation: ADMINs). See also -> ORGA-ADMIN -> PROJECT-ADMIN. |
Provider: |
LANCOM Systems GmbH (below: Provider), 52146 Würselen, Germany. |
Operator: |
User of the network managed with the relevant LANCOM Management Cloud. |
End cusomer(s): |
Customers who use the Administrator(s) for their project. |
LMC: |
LANCOM Management Cloud |
User: |
Persons and companies who have a user account for registration to the LMC or who have received an invitation to set up a user account and have accepted that invitation after reading and accepting these conditions of use. |
Organisation: |
Legal or natural persons who have been granted the right by the Provider to create an organisation account (ORGA-Account) or for whom the Provider has created an ORGA-Account. Typical Organisations are: systems houses/retailers/service providers/End Customers. |
ORGA-Account: |
Access to the LMC managed by the ORGA-ADMINS and made available to an Organisation by the Provider. |
ORGA-ADMIN: |
The person within an Organisation who is responsible for using the LMC and executing the contract. |
Projects: |
Cloud solutions installed and licensed within an Organisation for an End Customer, usually managed by a PROJECT-ADMIN. |
PROJECT-ADMIN: |
Person responsible within a project. |
Partner company: |
The Provider’s contracting partner who exercises the rights and obligations arising under these conditions of use vis-a-vis the user. |
(3) Which sources and data do we use?
We process personal data received from our customers in the course of our business relationship. In addition, where this is necessary to provide our services, we also process personal data lawfully received (e.g. to perform orders, fulfil contracts or based on a consent provided by you) from other companies or third parties (e.g. from distributors and retail partners).
Data processing takes place for the lawful performance of the contract between LANCOM and the customer or to take steps at your request prior to entering into a contract.
The purpose for processing the data is primarily based on the specific operating and licence model (see 3 above). Further details about the purposes for which data is processed can be found in the relevant contractual documents and conditions of use.
If you have issued your consent to us to process personal data for particular purposes, the lawfulness of this processing is based on your consent. Once a consent is given it can be withdrawn at any time. This also applies to the withdrawal of consents that were given to us before the EU General Data Protection Regulation came into effect – i.e. before 25th May 2018. Please note that a withdrawal of consent only applies for the future. Any processing that took place prior to the withdrawal of consent is not affected. An overview of the status of the consents that you have given to us may be requested from us at any time. You may be able to see this in the “log” area under the menu item “management”.
(5) Forwarding of data
Your personal data is not transmitted to third parties for any purpose other than those listed below.
We only transmit your personal data to third parties if:
- you have expressly consented to this pursuant to Art. 6 (1) sentence 1 (a) GDPR,
- transmission is necessary pursuant to Art 6 (1) sentence 1 (f) to assert, exercise or defend against legal claims and there is no reason to assume that you have an overriding interest in not transmitting your data that merits protection,
- in the event of a legal obligation to transmit the data pursuant to Art. 6 (1) sentence 1 (c), or
- this is permitted by law and necessary for the settlement of a contractual relationship with you under Art 6(1) sentence 1 (b).
(6) Subcontracted processors in the LMC
To fulfil the agreed services LANCOM uses several subcontractors to process data. These are:
a. Hosting
Hosting of our LMC is provided by SysEleven GmbH, Boxhagener Straße 80, 10245 Berlin and takes place in Germany only.
b. Google Maps
If you use one of your devices to display maps, your address information is transmitted to Google Maps.
c. E-Mail Service
You have the option to receive particular information by email through changes to your network. For this we use the email service of Inxmail GmbH, Wentzingerstraße 17, 79106 Freiburg.
d. Chat function
If you decide to use the Cloud’s live chat function you are using a service from Userlike UG, Probsteigasse 44-46, 50670 Cologne.
6) Data protection for job applications and in the job application process
The controller responsible for data processing collects and processes the applicants’ personal data for the purpose of handling the application procedure. Processing can also be carried out electronically. This is particularly the case if an applicant has submitted relevant application documents to LANCOM electronically, e.g. by email or on a web form on a webpage. If the controller concludes an employment contract with the applicant, the data submitted for the purpose of handling the employment relationship is saved in compliance with statutory provisions. If an employment contract is not concluded by the controller with the applicant, the application documents are automatically deleted six months after notification of the decision to refuse employment, unless the controller’s other legitimate interests oppose this deletion. An example of another legitimate interest in this context is an obligation to provide proof in proceedings under the German General Equal Treatment Act (Allgemeinen Gleichbehandlungsgesetz (AGG)).
IV. Your rights
If your personal data is processed you have the following rights in respect of the personal data concerning you:
1) Right of access:
You can demand confirmation about whether we process personal data relating to you from the controller.
If such processing takes place, you can demand access to the following information from the controller:
- The purposes for which the personal data is processed;
- The categories of personal data processed;
- The recipients or categories of recipient to whom your personal data has been or is being disclosed;
- The planned storage period of the personal data concerning you or, if it is not possible to provide definite details of this, the criteria determining the storage period;
- The existence of a right to have the personal data relating to you corrected or deleted, a right to restrict processing by the data controller or a right to object to the processing of your personal data;
- The existence of a right to complain to a supervisory authority;
- All available information about the source of the data if the personal data are not collected from the data subject;
- The existence of any automated decision-making, including profiling under Art. 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved and the significance and consequences of such processing for the data subject.
You have the right to demand information about whether your personal data are transferred to a third country or an international organisation. In this context you can demand information about any appropriate guarantees in connection with the transfer pursuant to Art. 46 GDPR.
2) Right to rectification:
You have a right to demand that the controller rectifies and/or completes your personal data if the personal data processed in relation to you is incorrect or incomplete. The data controller must make the correction without delay.
a) Obligation to delete
You can demand the immediate deletion of the personal data concerning you by the controller. The controller is obliged to immediately erase this data (“right to be forgotten”) if one of the following reasons applies:
- Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which processing was based under Art.6 (1) (a) or Art. 9 (2) (a) GDPR and there is no other legal basis for processing your data.
- You object to the processing under Art. 21 (1) GDPR (see X below) and no other overriding legitimate grounds for the processing exist, or you object to the processing under Art. 21 (2) GDPR.
- Your personal data were processed unlawfully.
- The erasure of your personal data is necessary to fulfil a legal obligation under EU law or the laws of the member state to which the controller is subject.
- Your personal data were collected in relation to services offered by the information society under Art. 8 (1) GDPR.
b) Information given to third parties
Where the controller has made your personal data public and is obliged to erase it pursuant to Art. 17 (1) GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform the controllers processing the data that you, as data subject, have demanded that they erase any links to, or any copy or replication of those personal data.
- to exercise the right to freedom of expression and information;
- to fulfil a legal obligation which requires the processing to take place pursuant to EU law or the law of the member state to which the controller is subject or to perform a task in the public interest or in the exercise of an official authority vested in the controller;
- on the grounds of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR;
- for archiving purposes in the public interest, for scientific or historical research or for statistical purposes in accordance with Art. 89 (1) GDPR if the right specified in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
- to assert, exercise or defend legal claims.
4) Right to restrict processing:
In the following circumstances you can demand that the processing of your personal data is restricted:
- when you contest the accuracy of your personal data, for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful, and you oppose deletion of the personal data and demand that the use of the personal data is restricted instead;
- the controller no longer requires the personal data for the purpose of processing, but you need it to assert, exercise or defend a legal claim; or
- when you have objected to the processing pursuant to Art. 21 (1) GDPR (see X below) and it is not yet determined whether the controller’s legitimate reasons outweigh your reasons.
If the processing of your personal data is restricted, these data may – excepting for the purpose of storage - only be processed with our consent or to assert, exercise or defend a legal claim or to protect the rights of another legal or natural person or for reasons of important public interest of the EU or a member state.
If the restriction of processing was based on the abovementioned conditions, you will be notified by the controller before the restriction is lifted.
5) Right to information:
If you have asserted your right to correction, deletion or restriction of processing against the controller, the controller has a duty to inform all recipients to whom your personal data were disclosed of this correction or deletion or restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right to be informed about these recipients by the data controller.
6) Right to data portability:
You have the right to receive the personal data concerning you which you have provided to the controller in a structured, commonly used, machine-readable format. You also have the right to have these data transferred to another controller without obstruction by the controller to whom the personal data were given provided that
- the processing is based on a consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art/6 (1) (b) GDPR and
- the processing is carried out by automated means.
In exercising this right you also have the right to have your personal data transferred directly from one controller to another where this is technically possible. Freedoms and rights of other persons may not be compromised.
The right to data portability does not apply to the processing of personal data that is necessary to carry out a task in the public interest or in the exercise of public authority vested in the controller.
7) Right to object, Art. 21 GDPR
You have a right to object to processing due to individual circumstances and a right to object to processing for advertising purposes. Further information about this can be found in Section V of this Privacy Statement.
8) Right to withdraw a consent given under data protection law:
If the processing of your personal data is based on Art. 6 (1) (a) or Art. 9 (2) (a) GDPR you have the right to withdraw your consent to processing at any time. The withdrawal of your consent does not affect the lawfulness of any processing which took place on the basis of the consent prior to its withdrawal.
9) Automated individual decision-making, including profiling, Art. 22 GDPR:
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
- is necessary to conclude or perform a contract between you and the controller,
- is permitted on the basis of legal provisions of the EU or the legal provisions of a member state to which the controller is subject, and these legal provisions contain appropriate measures to guarantee your rights, freedoms and legitimate interests, or
- is made with your express consent.
However, these decisions are not permitted to be based on the special categories of personal data in Art. 9 (1) GDPR unless Art 9 (2) (a) or (g) apply and suitable measures for the protection of rights and freedoms and your legitimate interests are taken.
In the cases mentioned in (1) and (3), the controller takes appropriate measures to guarantee your rights, freedoms and legitimate interests, including the right to obtain human intervention on the part of the controller, the right to express your own point of view and the right to contest the decision.
10) Right to complain to a supervisory authority:
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. Your complaints can be lodged with the supervisory authority in the member state of your place of residence, place of work or place where the alleged infringement took place. The supervisory authority receiving the complaint must inform the complainant about the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Your abovementioned rights can be exercised by notice to us given in any form. This notice should be addressed to:
- The contact address in our legal notice,
- info@lancom.de, or datenschutz@lancom.de.
Right to object due to individual circumstances:
You have the right to object to the processing of your personal data based on Art. 6 (1)(e) GDPR (data processing in the public interest) and Art. 6 (1) sentence 1 (f) GDPR (data processing to protect the legitimate interest of the controller or a third party) at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims.
Right to object to the processing of data for advertising purposes:
In individual cases we process your personal data for the purposes of direct marketing. You have the right to object to the processing of personal data concerning you for the purposes of such marketing; This also applies to profiling in connection with such direct marketing. If you object to processing for the purposes of direct marketing we will no longer process your personal data for this purpose.
An objection in the above cases does not need to follow any particular form and should be emailed with the subject line “objection” to:
- The contact address in our legal notice,
- info@lancom.de, or datenschutz@lancom.de.
VI.Data security
We strive to take all technical and organisational opportunities to save your personal data in such a way that it is not accessible to third parties. We have entered into processing contracts with all of the service providers mentioned.
For security reasons and to protect the transfer of confidential content e.g. requests you send to us as website operator, this website uses TLS encryption. You can recognise an encrypted connection because the browser’s address line changes from “http://” to “https://” and there is a lock symbol in your browser line. If TLS encryption is activated the data you send us cannot be read by third parties.
VII.Privacy statement updates
If we introduce new products or services, if internet procedures change or if there are further advancements in internet and IT security technology, this “Privacy Statement” will be updated. We therefore reserve the right to amend or supplement the statement as required. Any change will be published here. You should therefore visit this website regularly for information about the current version of the Privacy Statement.