top of page

DATA PRIVACY STATEMENT

Information about the collection of personal data

PATRONAS Financial Systems GmbH appreciates your visit to our website and your interest in our company, our products and services.

We take the protection of your personal data very seriously - also within our online offer, the associated websites and online presences as well as "social media" profiles.

Internet pages can only be displayed if data of the visitor, at least the IP address, is transmitted beforehand. Therefore, with this privacy policy, we would like to inform you comprehensively about the processing of your personal data in the context of visiting this website. We are legally obligated to do so as the entity responsible for data processing. You can reach us via the following contact options:

 

PATRONAS Financial Systems GmbH

Schnewlinstrasse 12, D-79098 Freiburg im Breisgau, Germany

phone: +49 761 400 688-0

FAX: +49 761 400 688-50

WEB: www.patronas.com

e-mail: info@patronas.com

 

The internet presence of PATRONAS Financial Systems GmbH is subject to the German Data Protection Regulation (EUDSGVO) and the German Data Protection Act (BDSG), and to the German Telemedia Act (TMG). Thus, we are obliged to protect all information and collected data of the visitors of this website and to treat them confidentially. The data stored as part of the visit to this website is processed exclusively in the manner described in this privacy policy. We do not intend to use personal data beyond this or to pass it on to third parties.

 

Personal data

Personal data is information about personal or factual circumstances of a specific or identifiable person. This includes names and contact data, such as address, telephone number, e-mail address, as well as sensitive data, such as information about the state of health but also usage data such as your IP address.

 

Scope of the processing of personal data

As a matter of principle, we collect and use personal data from visitors only to the extent that this is necessary to provide a functional and target group-oriented online offer and to deliver our products and services.

The collection and use of personal data of our users is regularly only after consent or if you provide it voluntarily (for example, in the context of an inquiry, an order or registration). An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by legal regulations.

Purposes and legal basis of data processing, storage period of data

If you use our website for purely informational purposes and do not send us any other information (e.g. by e-mail), we only collect data that your browser transmits to our server (so-called "server log files"). This data is processed in accordance with Art. 6 (1) f EUDSGVO on the basis of our legitimate interest in improving the stability and functionality of our homepage. This data is not used in any other way or even passed on to third parties. However, we reserve the right to analyse the log files retrospectively if there are indications of illegal use. The stored data will be deleted regularly.

If you contact us by e-mail, personal data will be collected. This data is stored and used exclusively for the purpose of processing your request and the associated technical administration. The legal basis for processing the data is our legitimate interest in processing your request in accordance with Art. 6 (1) f EUDSGVO. Your data will be deleted after final processing of your request, this is the case when the matter concerned has been conclusively clarified and provided that no legal retention obligations prevent deletion. We use service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 para. 1 b or f EUDSGVO, insofar as they are not order processors. Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures) may have access to your data to the extent necessary. The legal basis for the disclosure is then Art. 6 (1) b or f EUDSGVO. Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6. If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) c EUDSGVO serves as the legal basis. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) d EUDSGVO serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) f EUDSGVO serves as the legal basis for the processing.

 

We process personal data of our suppliers and service providers as well as their employees for the initiation and execution of our contractual relationships on the basis of Art. 6 para. 1 p. 1 b EUDSGVO and Art. 6 para. 1 p. 1 c EUDSGVO.

 

Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 para. 1 c EUDSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) d EUDSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) f EUDSGVO serves as the legal basis for the processing.

 

Processing of data in case of communication according to Art. 6 (1) a to f EUDSGVO.

If you send us information by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to respond to your inquiry. For this purpose, your information will be read within PATRONAS Financial Systems GmbH and forwarded to the appropriate department. The personal data is stored and processed for this purpose. We delete the data accruing in this context after the storage is no longer required or restrict the processing if there are legal retention obligations.

We process applicant data for the implementation of the application process and the decision on the establishment of an employment relationship (Art. 88 EUDSGVO, § 26 BDSG). Files of unsuccessful applicants are deleted four months after the end of the application process.

We process employee data for the purpose of establishing, implementing and terminating employment relationships (Art. 88 EUDSGVO, § 26 BDSG).

When processing personal data that is necessary for the performance of another contract to which the data subject is a party, Art. 6 (1) b EUDSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

If we use contracted service providers for individual functions of our offer or would like to use your data for promotional purposes, we will inform you in detail about the respective processes below. Where possible, we will also state the defined criteria for the storage period.

Use and disclosure of personal data

If you have provided us with personal data, we will use it to respond to your inquiry, to process your contracts with us and for technical administration. Your personal data will only be passed on to third parties if this is necessary for the purpose of maintaining the customer relationship and processing the contract - in particular passing on order data to suppliers, for invoicing purposes and to the authorities. The processing and use of your data for advertising and market research purposes will only take place with your express consent. If you have given your consent for the above purposes, you can revoke your consent for future actions at any time. Please contact us at the email: info@patronas.com.

 

Contact Management

We use Pipedrive as our contact management software.

For more information, please visit: www.pipedrive.com/de

 

Newsletter

We use Newsletter2Go as our newsletter software. If you have agreed to receive our newsletter, your data will be transmitted to Newsletter2Go GmbH. Newsletter2Go is prohibited from selling your data and using it for purposes other than sending newsletters. Newsletter2Go is a German provider that meets the requirements of the European Union's General Data Protection Regulation ("EUDSGVO"). To safeguard our interests and those of our customers, we have concluded an order data processing agreement with Newsletter2Go, which obligates the provider to protect data.

You can find more information at: www.newsletter2go.de

You can revoke your consent to the storage of your data, e-mail address as well as their use for the distribution of our newsletter at any time. For example, you can unsubscribe via the corresponding link in the newsletter.

Collection of general information when calling up our website

As long as you use our website for information purposes only, i.e. without registering or otherwise transmitting information, we only collect the personal data that your browser transmits to our server (log files).

In this respect, information is automatically collected by us or the web space provider with each access. This information, also referred to as server log files, is of a general nature and does not allow any conclusions to be drawn about your person.

We have created our website with the WIX tool. For more information, please read the privacy policy of WIX:

https://www.wix.com/about/privacy

Cookies

In addition to the previously mentioned data, cookies are stored on your computer when you use our website.

As the operator of this website, we are considered a provider of a telemedia service in the sense of the TTDSG (Telecommunications Telemedia Data Protection Act). When using cookies, we particularly observe the consent rules of § 25 TTDSG to ensure the protection of the privacy of visitors to this website. We always obtain consent when § 25 TTDSG provides for this. Accordingly, consent pursuant to Section 25 (2) TTDSG is not required in the following cases:

 

  • the sole purpose of storing information in the terminal equipment or the sole purpose of accessing information already stored in the terminal equipment is to carry out the transmission of a message via a public telecommunications network; or

  • the storage of information or access to information already stored is absolutely necessary for us, as the provider of this website, to be able to provide the content that you, as the user, have accessed and in this respect expressly requested.

 

General information about cookies

Cookies are small text files that are stored on your hard drive, assigned to the browser you are using, and through which the cookie-setting agency (in this case, this is done by us), certain information flows. This information may include, for example, user settings, history information about the visit to the website or language settings.

Cookies are used to make the website as a whole more user-friendly and effective. We do not pass this data on to third parties or link it to personal data without your consent. Cookies fulfill two main tasks. They help us to make it easier for you to navigate through our offer and enable the correct display of the website.

 

Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. Cookies can, however, contain data that enable recognition of the device used. In some cases, however, cookies only contain information about certain settings that cannot be related to a specific person. Cookies cannot directly identify a user.

 

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, cookies are again differentiated between: technical cookies, performance cookies, advertising cookies, targeting cookies, sharing cookies.

 

Any use of cookies that is not absolutely technically necessary constitutes data processing that is only permitted with your express and active consent pursuant to Art. 6 (1) p. 1 a EUDSGVO. This applies in particular to the use of advertising, targeting or sharing cookies. In addition, we will only disclose your personal data processed by cookies to third parties if you have given your express consent to do so in accordance with Art. 6 (1) p. 1 a EUDSGVO.

We use the following technical cookies as part of this website, which are necessary for the operation of the website:

Tabelle

Third country transfer

We would like to point out that when using our online service, personal data may be transferred to the USA in some cases. A data transfer to the USA is no longer permitted without further ado since the ruling of the European Court of Justice EU-US-PRIVACY SHIELD/SCHREMS-II-URTEIL of 16.07.2020.

 

A data transfer to the United States (USA) was previously permitted if the company to which the data is to be transferred was certified under the EU-US Privacy Shield. Although this certification continues to exist, it is no longer sufficient for legal reasons alone since the ECJ ruling SCHREMS II. The European Court of Justice (ECJ) declared the Privacy Shield agreement as such to be insufficient.

 

Since then, the USA is no longer considered a safe third country in the sense of the EU Data Protection Regulation. The main criticism is that US companies are obliged to hand over personal data to the US security authorities on request. There is no effective legal protection against this for non-US citizens. Therefore, the European Court of Justice considers the U.S. Privacy Shield to be insufficient when it comes to protecting the rights of Internet users. The problem here is that it cannot be ruled out that authorities in the U.S., e.g., intelligence agencies, investigative authorities, etc., use your data stored on servers in the U.S. for surveillance, for example, and store the data or knowledge gained from it permanently. We have no influence on these processing operations and processes. 

 

We have therefore taken further protective measures to ensure a level of data protection in accordance with European standards. We have directly asked providers from the USA whose services we use and who transfer personal user data how they will react to the ECJ ruling.  We have contacted the provider with the aim of reaching binding agreements on this directly. In doing so, we are guided by the standard data protection clauses pursuant to Article 46 (2) c of the GDPR or use them by working towards ensuring that the companies concerned guarantee appropriate handling of personal user data via the EU standard contractual clause. This obliges data recipients in the USA to process the data in accordance with the level of protection in Europe. To the extent that agreements of this kind could not be concluded at the present time, we are continuing our efforts to obtain corresponding regulations and commitments from all data recipients in the USA. As long as the legal situation has not been conclusively clarified, we obtain consent for all applications on our website with data transfers to the USA using a consent tool.

 

For more information about the personal data we transfer to companies in the USA, please refer to the section "Data processing within the scope of this website".

 

Recipients or categories of recipients

We sometimes use external service providers, such as IT and telecommunications companies or companies that support us in archiving and destroying documents, to implement and safeguard our contractual and legal obligations. No data is passed on to other recipients not listed in this data protection declaration.

Note on profiling and scoring

Automated decisions in individual cases including profiling do not take place by us.

 

Your rights as a data subject

Data protection law grants you a number of data subject rights of which we must inform you. Depending on the reason and type of processing of your personal data, you are entitled to the following rights (www.eugdpr.org):

  • Your right to information, Art. 15 EUDSGV.

  • Your right to rectification, Art. 16 EUDSGV

  • Your right to erasure, Art. 17 EUDSGV

  • Your right to restriction of processing, Art. 18 EUDSGV

  • Your right to data portability, Art. 20 EUDSGV

  • Your right to object to the processing, Art 21 EUDSGV

 

 

Data Protection Officer:

Jörg Leuchtner

Freiburger Data Protection Company Ltd.

Luisenstraße 5, D - 79098 Freiburg im Breisgau, Germany

WEB: www.freiburger-datenschutzgesellschaft.de

E-Mail: info@freiburger-datenschutzgesellschaft.de

 

Supervisory Authority:

You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us.

The contact details of the competent supervisory authority are:

 

The State Commissioner for Data Protection and Freedom of Information.

Königstraße 10a

70173 Stuttgart

 

Within the scope of your rights, you are welcome to contact us - see contact persons for the processing of your data.

 

Data minimization and storage limitation

In accordance with the principles of data minimization and storage limitation, we only store personal data for as long as is necessary or required by law (statutory storage period). Therefore, the personal data we store will be deleted in accordance with legal requirements. We delete the data as soon as they are no longer required for the processing purpose, a given consent is revoked or other permissions cease to apply. Data that must still be retained, e.g. for reasons of commercial or tax law, or whose storage is still required for the assertion, exercise or defense of legal claims, will be deleted as soon as this is no longer the case.

Changes to data protection measures and notices

Due to the constant development of new (Internet) technologies and changes in applicable data protection regulations, our data protection measures, notices and privacy policy are updated to the extent necessary.

The data protection statement that is available at the time of the respective visit to the website of PATRONAS Financial Systems GmbH always applies.

Updated on March 02, 2022

Upon written request, we will gladly inform you about your stored personal data.

 

Data processing within the scope of this website:

In the context of the information offered and the use of our website by our visitors, we make use of functions provided by external service providers. By doing so, we want to make your visit to our website as informative and convenient as possible. In addition, we have a vested interest in using features that allow you to engage, interact with us or other Internet users, and track and improve the functionality and effectiveness of our website. When selecting and using such services, we make a responsible choice and take into account data protection aspects. In particular, to ensure that data is processed in compliance with data protection law, we have concluded an order processing agreement with the respective providers.

Data processing within the scope of the services listed below is based on our legitimate interests. Website operators regularly have a legitimate interest in particular in the following aspects: the greatest possible visibility in social media, analysis of user behavior, uniform and appealing presentation of content, error-free and secure provision of the web offer, easy location of the places we specify on the website, etc. If a corresponding consent has been requested, the processing is based on this consent, which can be revoked at any time.

 

Third party websites

Our services may contain links to other websites or services (for example LinkedIn, Xing, Facebook, Google Maps, etc.). We are not responsible for the privacy practices of these websites or services. If we offer you content (for example, images, videos or texts) and functions (for example, like, comment, share, etc.) of the corresponding "social media" service, the use of the content and functions may be evaluated by the respective service and/or assigned to its users/members. We ask that you be aware when you leave our services and read the privacy statements of each individual website and service you visit before providing your personal information. Our Privacy Policy does not apply to such linked third-party websites and services.

 

Integration of third-party services and content 

 

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google's servers. This enables Google to know that this website has been accessed via your IP address. The use of Google WebFonts is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the uniform presentation of the typeface on his website. If a corresponding consent has been requested (e.g. a consent to store cookies), the processing is carried out exclusively on the basis of Art. 6 (1) lit. a DSGVO; the consent can be revoked at any time. If your browser does not support web fonts, a standard font from your computer will be used. You can find more information about Google Web Fonts at:

https://developers.google.com/fonts/faq

and in Google's privacy policy:

https://policies.google.com/privacy?hl=de

bottom of page