Privacy Statement

Data Processing Agreement as PDF:
https://coposal.com/terms/DPA-Coposal-2018-05.pdf


The protection of your personal data is very important to us. Our processing of personal data is therefore designed to be fully compliant with applicable data protection laws and regulations.

With this policy we intend to clarify and inform you – our customer – about which personal data we process, the purposes of said processing, how this processing is performed, who has access to your personal data, for how long we process this data and how you can exercise your rights to with regard to our data processing.

For the personal data required by us for the performance of the agreed service, "Controller" within the meaning of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other data protection laws and regulations is:

Copexa GmbH
Wagnerstr. 25
76448 Durmersheim
Germany

Phone: +49 7245 / 903 60 92
Email: info@coposal.com

Our "Coposal" service offers its business customers a SaaS (Software as a Service) platform for creating and sending proposals to third parties. Our respective customer is legally responsible for the proposals. We have no influence on this and in this respect we are only a technical service provider for commissioned processing of personal data subject to the guidelines of our customers (Art. 28 GDPR). Any claims regarding the receipt of a proposal (e.g. by e-mail) and its contents must therefore always be addressed to the provider apparent there. This applies in particular to data protection claims arising from information, correction, blocking or deletion. The respective provider or sender of a proposal informs independently (e.g. in a separate data protection declaration) how he uses personal data, also using the technical platform of Coposal.


What personal data do we process about you?

Personal data is any information relating to an identified or identifiable natural person. We process data that you provide voluntarily to us, data that we collect in an automated fashion when you visit our premises, events or websites and data processed when you access and/or use our products and services.

We may process the following personal data about our customers as inventory data: your name, your email address, your phone number and (if applicable) fax number, your full personal address, the organization you work for (if applicable to the transaction), your gender, your language preference, the IP addresses you use to connect to our systems, your account name, the services you order, your financial data including bank account or credit card information, your login details.


Our processing of third party data

By transmitting personal data of third parties (e.g. when you order a service for someone else using their personal information or when using their personal information as additional contacts) you are responsible about informing affected parties about the terms of our privacy policy and for obtaining the necessary consent of those parties for your use and our processing of their data. You will particularly inform them about any processing and transfers of their data to other parties as described in this policy.


Purposes for processing

The data you transmit to us upon requesting a service (or for correction, renewal or updates of service requests) is required to establish a contractual relationship between you and us, for purposes required for our provision of requested services as well as auxiliary services to you, for proper and secure management of your customer account, to prevent abusive use of our services, to enable us to provide information on expiration and required renewals of services and to allow us to comply with applicable legal obligations. The legal basis for such processing is Art. 6 I b) GDPR.


How do we process personal data?

We process personal information in full compliance with the technical, organizational and legal requirements of the GDPR in data center(s) in the European Union. We apply data minimization principles where possible and we continuously update our security measures to help protect your personal data and other information against unauthorized access, loss, destruction or alteration. Access to your data is possible only through an encrypted connection. Third parties do not have access to your data unless we provide such access in accordance with the terms below. We also request that everyone we transmit your data to in accordance with this policy apply adequate security measures.


To whom do we forward your personal data?

To the extent permitted by law, your personal data may be disclosed to the following parties:

We may provide access to your data to other group companies affiliated with ourselves strictly for purposes of providing you with a better service.

We may disclose your personal information to law enforcement agencies, to other government and/or civil authorities similarly authorized by applicable laws and regulations and to courts of appropriate jurisdiction if so required by law. To ensure data accuracy and to prevent abusive use of our services, we may use thirdparty verification service providers to check the data you have provided. To assess our business operations, we may also provide access to your data to our auditors.

For support purposes, we may provide access to your personal data to providers of third-party support services.

We will never sell your personal data to anyone.


Period for which the personal data will be stored

We will store your personal data that is processed for business purposes for a minimum of one year after the termination of the service it was collected for, or longer if required by legal requirements, such as the tax code. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract. Data processed for other purposes is processed no longer than necessary for the purposes for which your data is processed or until all applicable legal requirements are met.


Your rights with regard to your data

You have the right to access and correct your data through your control interface with us or any intermediary service providers you may employ. You have the right to request information concerning your personal data and to request a copy of all your data in a standard format. You may at any time request to update all incorrect, out-of-date or incomplete data and to help us keep the internet safe we encourage you to regularly review the data you provided to ensure it is accurate, current and complete. You have the right to request the restriction of certain processing activities in certain circumstances ans to object against certain processing activities. If and as far as processing is based on consent, that consent can be withdrawn at any time by the consenting party. You have the right to erasure of your data in certain circumstances. You have the right to be informed where we obtained your personal data in case it was not directly obtained from you. You can exercise your rights by contacting us. You also have the right to lodge a complaint with a supervisory authority.


Contact form and e-mail contact

Our website contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.


Cookies

Our Internet use cookies. Cookies are text files that are stored in a computer system via an Internet browser.

Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the dats subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, we can provide the users of our website with more user-friendly services that would not be possible without the cookie setting.
By means of a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilize our website. The website user that uses cookies, e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user's computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie.

The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.


Log file data

Our website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, we analyze anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.


Matomo

On this website, the controller has integrated the Matomo component. Matomo is an open-source software tool for web analysis. Web analysis is the collection, gathering and evaluation of data on the behavior of visitors from Internet sites. A web analysis tool collects, inter alia, data on the website from which a data subject came to a website (so-called referrer), which pages of the website were accessed or how often and for which period of time a sub-page was viewed. A web analysis is mainly used for the optimization of a website and the cost-benefit analysis of Internet advertising.

The software is operated on the server of the controller, the data protection-sensitive log files are stored exclusively on this server.
The purpose of the Matomo component is the analysis of the visitor flows on our website. The controller uses the obtained data and information, inter alia, to evaluate the use of this website in order to compile online reports, which show the activities on our Internet pages.

Matomo sets a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, an analysis of the use of our website is enabled. With each call-up to one of the individual pages of this website, the Internet browser on the information technology system of the data subject is automatically through the Matomo component prompted to submit data for the purpose of online analysis to our server. During the course of this technical procedure, we obtain knowledge about personal information, such as the IP address of the data subject, which serves to understand the origin of visitors and clicks.
The cookie is used to store personal information, such as the access time, the location from which access was made, and the frequency of visits to our website. With each visit of our Internet pages, these personal data, including the IP address of the Internet access used by the data subject, are transferred to our server. These personal data will be stored by us. We do not forward this personal data to third parties.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the used Internet browser would also prevent Matomo from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Matomo may be deleted at any time via a web browser or other software programs.
In addition, the data subject has the possibility of objecting to a collection of data relating to a use of this Internet site that are generated by Matomo as well as the processing of these data by Matomo and the chance to preclude any such. For this, the data subject must set a "Do Not Track" option in the browser.
With each setting of the opt-out cookie, however, there is the possibility that the websites of the controller are no longer fully usable for the data subject.
Further information and the applicable data protection provisions of Matomo may be retrieved under https://matomo.org/privacy.


Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

In case IP-anonymisation is activated on this website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transfered to a Google server in the USA and truncated there. The IP-anonymisation is active on this website.

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.

The IP-address, that your Browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser: http://tools.google.com/dlpage/gaoptout?hl=en.

As an alternative to the browser Addon or within browsers on mobile devices, you can click this link in order to opt-out from being tracked by Google Analytics within this website in the future (the opt-out applies only for the browser in which you set it and within this domain).

An opt-out cookie will be stored on your device, which means that you'll have to click this link again if you delete your cookies.


Google-AdWords

On this website, the controller has integrated Google AdWords. Google AdWords is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define specific keywords with the help of which an ad on Google's search results only then displayed, when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords.

The operating company of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

The purpose of Google AdWords is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of third-party advertising on our website.

If a data subject reaches our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained above. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and the controller can understand whether a person who reached an AdWords ad on our website generated sales, that is, executed or canceled a sale of goods.
The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through AdWords ads to ascertain the success or failure of each AdWords ad and to optimize our AdWords ads in the future. Neither our company nor other Google AdWords advertisers receive information from Google that could identify the data subject.

The conversion cookie stores personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, personal data, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

The data subject may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google AdWords may be deleted at any time via the Internet browser or other software programs.
The data subject has a possibility of objecting to the interest based advertisement of Google. Therefore, the data subject must access from each of the browsers in use the link www.google.de/settings/ads and set the desired settings.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy.


Existence of automated decision-making

As a responsible company, we do not use automatic decision-making or profiling


Anonymization of data

We currently have not implemented measures regarding the anonymized precessing of personal data in our system. Credit card details are stored in an encyrpted format. We do offer anonymization and privacy services for domain name registrations in certain circumstances where the use of such services is permitted by the data controller (the registry operator).


Protection of minors

We do not knowingly solicit or collect personal information from children under the age of 18 or knowingly allow such persons to provide us with their personal information.


Changes to this policy

Please note that the data protection information may be changed at any time with due regard to the applicable data protection regulations. The version being made available on our website at the time of your order or last visit to our website applies.

We use cookies for the technical functionality of this website. With your consent, we also collect page views and other statistical data in anonymized form.

Select individually
Cookie Settings
Read Privacy Statement