<html>
<body style="font-family: Verdana; margin: 10px;">
<p>
<strong
><span style="text-decoration: underline;"
>We are glad to see you are using a Haufe Group app. Protecting your
personal data is very important to us. This privacy policy statement
provides information about the handling of your personal data and your
rights while using our app.</span
></strong
>
</p>
<p style="padding-left: 20px;">
<ol>
<li>
<strong
><span style="text-decoration: underline;"
>About us: </span
></strong
>We,<br />Haufe-Lexware GmbH & Co. KG<br />a Haufe Group company<br />Munzinger
Straße 9<br />79111 Freiburg (Germany)<br />Email: <a
href="mailto:htm-support@haufe.com"
><span class="s4">htm-support@haufe.com</span
><span class="s5"><br /></span></a
><br />as the controller defined by the EU General Data Protection
Regulation (hereinafter referred to as GDPR), we are responsible for
protecting your personal data. Our data protection officer, Raik
Mickler, will be happy to assist you with any questions you may have
about data processing, your rights, or this privacy policy statement in
general. Please contact him directly at
<a href="mailto:dsb@haufe-lexware.com">dsb@haufe-lexware.com</a>.
</li>
<li>
<strong
>What type of data is being processed during the use of our
app?</strong
> This section explains what type of data is being collected during
the use of our app and why this data is being processed. We explain the
legal basis as well as your options for controlling the collection and
processing of the data. This also includes the deletion of the data.
<ol style="list-style-type: upper-alpha;">
<li>
Log files
<ol>
<li><strong>Data collected</strong>:</li>
<li>
When you download or use the app for the first time, your
browser automatically sends the following data to us:
</li>
</ol>
</li>
</ol>
</li>
<li>
<ul style="list-style-type: disc;">
<ol>
<ul style="list-style-type: disc;">
<li>Your IP address</li>
<li>Device type</li>
<li>Web browser (version, type)</li>
<li>The operating system used on your device</li>
<li>The date and duration of your visit.</li>
</ul>
</ol>
</ul>
</li>
<li>
<ol>
<ol>
<li>
We record any IP addresses that are used for malicious behavior
(DDoS attacks, brute force attacks, etc.) and block their access.
</li>
</ol>
</ol>
</li>
<li> </li>
<ol>
<ol>
<li>Purpose for the processing of this data:</li>
<li>
Temporary storage of this data is necessary to download the app to
your device and to ensure that the app functions properly. We also
use this data to compile statistics about how our app is used. In
addition, this data is collected to track and prevent unauthorized
access to our systems and any improper use of the app, and to secure
our information technology systems.
</li>
</ol>
</ol>
<li> </li>
<ol>
<ol>
<li>Legal basis:</li>
<li>
Data is processed for the purposes of our legitimate interests in
complinance with Article 6 (1)(f) GDPR, Lawfulness of processing. It
is in our legitimate interest to achieve the objectives described
above and to ensure the security of our systems.
</li>
</ol>
</ol>
<li> </li>
<ol>
<ol>
<li>Storage period and control options:</li>
<li>
The data is deleted when it is no longer needed to achieve the
described purposes. Log files are deleted after a maximum of 90
days, unless data has to be stored for a longer period of time due
to malicious behavior in order to ensure network security.
</li>
</ol>
</ol>
<li>
Third-party tracking technologies <br />
Web analytics service:
</li>
<ol>
<ol>
<li>Data collected:</li>
<li>
We use a web analytics service in our software. It collects
anonymous usage information from end users, information for error
analysis and diagnostics, and information about how users use the
software, functions and devices. Content is not recorded. In
addition to the general user information within the software
solutions, technical data such as the browser or device data will
also be collected.
</li>
</ol>
</ol>
<li> </li>
<ol>
<ol>
<li>
The usage information collected by the web analytics service is then
transferred in anonymized form only to the server of the Licensor
and saved there for analytical purposes. All diagnostics data shall
be transmitted exclusively to the Licensee and the Licensor, and in
no case to third parties.
</li>
</ol>
</ol>
<li> </li>
<ol>
<ol>
<li>Purpose for the processing of this data:</li>
<li>
We use the web analytics service to optimize our app and adapt it to
our users’ needs.
</li>
</ol>
</ol>
<li> </li>
<ol>
<ol>
<li>Storage period and control options:</li>
<li>
The web analytics service stores this data and anonymizes it
regularly.
</li>
</ol>
</ol>
</ol>
</p>
<ol style="list-style: upper-roman;">
<li>
What rights do you have and how can you exercise them?
<ol>
<li style="list-style: upper-alpha;">
Revocation of consent<br />
If you have consented to the processing of your personal data, you
can revoke that consent at any time with future effect. Note that
such revocation has no effect on the legality of previous data
processing, and that it does not extend to data processing for which
a statutory justification exists, and which may therefore take place
even without your consent.
</li>
</ol>
</li>
<li>
<ol>
<li style="list-style: upper-alpha;">
Additional rights of data subjects<br />
In addition, you have the following rights as a data subject under Articles 15 to 21, and Article 77 of the EU General Data Protection Regulation (GDPR), provided that the statutory requirements are met:
<ol>
<li>
Information:
</li>
<li>
At any time, you can request that we provide you with information as to which of your personal data we process , how we process it, and that we provide you with a copy of the stored personal data that relates to you, Art. 15 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
<ol>
<li>
Correction:
</li>
<li>
You can request the correction of incorrect personal data and the completion of incomplete personal data, Art. 16 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
<ol>
<li>
Deletion:
</li>
<li>
Regarding deletion of your personal data: Please note that the right to deletion excludes data that we require for the execution and processing of contracts, and for the assertion, exercise and defense of legal claims, as well as data for which statutory, regulatory or contractual retention requirements apply, Art. 17 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
<ol>
<li>
Restriction of processing::
</li>
<li>
Under certain circumstances, you may request that processing be restricted, e.g. if you believe that your data is incorrect, that the processing of your data is unlawful, or if you have objected to the processing of your data. The result of such a request is that your data may only be processed to a very limited extent without your consent, e.g. for the assertion, exercise and defense of legal claims or to protect the rights of other natural and legal persons, Art. 18 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
<ol>
<li>
Objection to data processing:
</li>
<li>
You have the option to object at any time to data processing for purposes of direct advertising. In addition, if special reasons apply, you can object at any time to data processing on the basis of a legitimate interest, Art. 21 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
<ol>
<li>
Data portability:
</li>
<li>
You have the right to receive the data that you have provided to us, and that we process based on your consent or in order to fulfill a contract, in a common, machine-readable format and, to the extent that this is technically feasible, to request that this data be transmitted directly to third parties, Art. 20 GDPR.
</li>
</ol>
</li>
<li style="list-style: upper-alpha;">
How to contact us
<span>
<b>You can exercise your rights via the following</b> contact channels: Haufe Group<br>
Mr. Raik Mickler<br>
Data protection officer<br>
Munzinger Straße 9<br>
79111 Freiburg (Germany)<br>
Email: dsb@haufe-lexware.com
</span>
</li>
</ol>
</li>
<li>
Right of appeal to a regulatory authority If you believe, for example,
that our data processing is unlawful or that we have not protected the
rights described above to the required extent, you have the right to
file a complaint with the competent data protection authority.
</li>
</ol>
<p>
Revision: January 2020
</p>
</body>
</html>