Privacy Policy


1. Name and address of the controller

Controller according to the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

managetopia GmbH
Bamberger Str. 9b
63743 Aschaffenburg
Germany
Tel.: +49 (0) 6021 58162-0
E-Mail: info@managetopia.com

The data protection officer may be reached under:
managetopia GmbH
Data Protection Officer
Bamberger Str. 9b
63743 Aschaffenburg
Germany
Email: dsb@managetopia.com

2. General Information on Data Processing

a. Description and scope of the processing of personal data
As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in such cases where a previous request for consent is not possible for factual reasons and the processing of the data is permitted by law.

b. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6, par. 1 (a) of the EU General Data Protection Regulation (GDPR) acts as legal basis. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Art. 6 par. 1 (b) GDPR acts as legal basis. This also applies to processing operations required to carry out pre-contractual actions. 

If processing of personal data is required to fulfill a legal obligation that our company is subject to, Art. 6 par. 1 (c) GDPR acts as legal basis.

In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 par. 1 (d) GDPR acts as legal basis.

If processing is necessary to safeguard the legitimate interests of our company or a third party, and the interests, fundamental rights and fundamental freedoms of the person concerned do not prevail over the former interests, Art. 6 par. 1 (f) GDPR acts as legal basis.

c. Data deletion and period of data storage
The personal data of the data subject will be deleted or made unavailable to users as soon as the purpose of the storage no longer applies. Personal data may be stored for a longer period of time when this is allowed or required by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Data will also be deleted or made unavailable if the storage period prescribed by the said standards expires, unless there is a need for further storage of the data for a contract or fulfillment of a contract.

3. Collection of personal data and creating log files 

a. Description and scope of the processing of personal data
Each time our website is accessed, our system automatically collects data and information from the calling computer system, such as browser type, operating system, IP address, etc.

This data is also stored in the log files of our system. The data are not stored together with other personal data of the user.

b. Legal basis for the processing of personal data
The legal basis for the temporary storage of data and log files is Art. 6 par. 1 (f) GDPR. 

c. Purpose of data processing
Temporary storage of the IP address by the system is necessary to allow delivery of the website to the user's computer. To do this, the user's IP address must be kept for the duration of the session.

This also describes our legitimate interest in processing these data according to Art. 6 par. 1 (f) GDPR.

d. Period for which data will be stored
The data will be deleted as soon as it is no longer needed. In the case of the collection of data for the provision of the website, this is the case when the respective session is finished.

In case of storing the data in log files, this is the case after no more than seven days. If further storage is needed, the IP addresses of the users are deleted or anonymized so that an assignment of the calling client is no longer possible.

e. Right to object
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. Therefore it is not possible for the user to object to it when using our website.

4. Use of cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's computer system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser be identified even after moving to a different page.

Our cookies are only valid for a short period of time and do not contain any personal information.

The following cookies are used on our website:


Cookie Name Expiry Purpose
JCS_INENREF 1 Hour Technical Cookie used for anti-spam purposes.
JCS_INENTIM 1 Hour Technical Cookie used for anti-spam purposes.
PHPSESSID Until Session Ends This Cookie is generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables, ensuring all features and functionality on the page are displayed correctly.
_wpss_h_ 1 Hour This third-party cookie does not store personal identifiable information about visitors and are not used for advertising, marketing or similar purposes. They are used to stop spam on forms and also improve the security of our website.
_wpss_p_ 2 Hours 15 Mins This third-party cookie does not store personal identifiable information about visitors and are not used for advertising, marketing or similar purposes. They are used to stop spam on forms and also improve the security of our website.
cookie_notice_accepted 1 Hour This cookie detects whether the user has accepted the use of cookies in the cookie banner.
wordpress_test_cookie Until Session Ends Wordpress uses this cookie to verify if the user's web browser accepts cookies.

5. Contact Forms and Email Contact

a. Description and scope of the processing of personal data
Our web site contains a contact form which you may use to contact us. In this case, the data entered will be transmitted to us and stored.

In addition to the data entered, the following data will be stored when sending a message:

  • IP address of the calling computer
  • Date and time of sending the message

When sending a message via the contact form, you will be asked to give your consent to the processing of these data, and a reference to this policy will be provided.

To contact us, you may alternatively use the e-mail address provided. In this case, the user's personal data transmitted by e-mail will be stored.

Data transmitted are not encrypted and users are asked not to send any confidential personal data via email.

In this context, there is no disclosure of data to third parties. The data is used exclusively for processing the conversation.

b. Legal basis for the processing of personal data
In the presence of consent by the user according to Art. 6 par. 1 (a) GDPR, this forms the legal basis for the processing of personal data.

The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 par. 1 (f) GDPR. In case the e-mail contact aims at the conclusion of a contract, additional legal basis for processing is Art. 6 par. 1 (b) GDPR.

c. Purpose of data processing
The processing of the personal data from the input form serves only to process the contact. In case of contact by e-mail processing the contact is also the legitimate interest to process the data.

Any other personal data processed during the posting process is intended to prevent misuse of the contact form and to ensure the security of our IT systems.

d. Period for which data will be stored
The data will be deleted as soon as it is no longer needed to achieve its purpose. In the case of personal data from the contact form and those sent by e-mail, this is the case when the conversation with the user ends. The conversation ends when circumstances allow us to conclude that the issue has been finally clarified.

Additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

e. Right to object
Users may revoke their consent to the processing of personal data at any time. If the user has contacted us by e-mail, he can do so at any time. In such a case, the conversation can not be continued.

All personal data collected in the course of the conversation will be deleted in this case.

6. Rights of the Data Subjects

If your personal data is processed, you are a data subject in the sense of GDPR and have the following rights towards us as the controller:

a. Right to confirmation
You may request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is performed, you may request the following information from the controller:

  1. The purposes for which the personal data are processed;
  2. The categories of personal data processed;
  3. The recipients or categories of recipients to whom the personal data relating to you have been or will be disclosed;
  4. The planned period for which personal data concerning you will be stored, or, if this information is not available, criteria for determining the period for which data will be stored;
  5. The existence of the right to rectification or erasure of personal data concerning you, of the right to restriction of processing performed by the controller, and the right to object to this processing;
  6. The existence of a right of appeal to a supervisory authority;
  7. All available information regarding the source of the data if the personal data is not collected from the data subject;
  8. The existence of automated decision-making including profiling according to Art. 22 par. 1 and 4 GDPR and – in relevant cases – meaningful information on the logic involved and the scope and intended impact of such processing on the data subject.

You have the right to request information about whether your personal data relates to a third country or an international organization. In this context, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.

b. Right to rectification
You have a right of rectification and / or completion towards the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.

c. Right to restrict processing
You may request the restriction on the processing of personal data concerning you under the following conditions:

  1. If you contest the accuracy of your personal data, processing will be restricted for a period of time that enables the controller to verify the accuracy of your personal data;
  2. The processing is unlawful and you reject the deletion of personal data and instead demand the restriction of the use of personal data;
  3. The controller no longer needs personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims, or
  4. If you have objected to the processing in accordance with Art. 21 (1) GDPR and it is not yet certain whether the legitimate interests of the controller outweigh your legitimate interests.

If the processing of personal data concerning you has been restricted, such data may be used – apart from their storage – only with your consent or to Asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for the sake of an important public one Interest of the Union or of a member state.

If processing was restricted based on the conditions listed above, you will be informed by the controller before the restriction is lifted.

d. Right to erasure (to be forgotten)

a) Deletion Obligations
You may require the controller to delete your personal data without delay, and the controller is required to delete this data immediately if one of the following is true:

  1. Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. You revoke your consent to the processing in accordance with. Art. 6 par. 1 (a) or Art. 9 par. 2 (a) GDPR and there is no other legal basis for processing.
  3. You place gem. Art. 21 par. 1 GDPR objection to the processing and there are no prior justifiable reasons for the processing, or you lay gem. Art. 21 par. 2 GDPR Objection to the processing the data.
  4. Your personal data have been processed unlawfully.
  5. The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the member states to which the controller is subject.
  6. The personal data relating to you were collected in relation to information society services offered in accordance with Art. 8 par. 1 GDPR.

b) Information to Third Parties
If the controller has made the personal data concerning you public and is required to delete them according to Art. 17 par. 1 GDPR, the controller will – taking into account the technology available and the cost of implementation – take appropriate measures, including technical ones, to inform the controllers which process these personal data that you as the data subject require them to delete all links to these personal data as well as copies or replicas of these personal data.

c) Exceptions
The right to delete does not apply if processing is required for the following:

  1. To exercise the right to freedom of expression and information;
  2. To fulfill a legal obligation which requires processing under the law of the Union or of the member states to which the controller is subject, or performing a task in the public interest or in the exercise of public authority delegated to the controller;
  3. For reasons of public interest in the field of public health pursuant to Art. 9 par. 2 (h) and (i) and Art. 9 par. 3 GDPR;
  4. For archival purposes which are in the public interest, for scientific or historical research purposes or for statistical purposes according to Art. 89 par. 1 GDPR, insofar as the right to freedom of expression and information as listed above is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
  5. To assert, exercise or defend legal claims.

e. Right to information
If you have asserted the right to rectification, deletion or restriction of processing to the controller, the latter is obliged to notify all recipients to whom personal data concerning you have been disclosed, to inform them of this correction or deletion of data or limitation of processing, unless this proves to be impossible or is associated with a disproportionate effort.

You have a right to be informed by the controller about these recipients.

f. Data transfer
You have the right to obtain the personal data that you provided to the controller in a structured, common and machine-readable format. In addition, you have the right to transfer these data to another controller without hindrance by the controller to whom the personal data were originally provided, provided that:

  1. The processing is based on consent according to Art. 6 par. 1 (a) GDPR or Art. 9 par. 2 (a) GDPR or on a contract according to Art. 6 par. 1 (b) GDPR, and
  2. Processing is done by automated methods.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another as far as this is technically feasible. Freedoms and rights of others may not be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task of public interest or in the exercise of public authority delegated to the controller.

g. Right to object
You have the right, at any time and for any reason whatsoever arising from your particular situation, to object to the processing of personal data relating to you if processing is based on Art. 6 par. 1 (e) or (f) GDPR; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you, unless the controller can prove compelling legitimate grounds for processing, which outweigh your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims.

If personal data relating to you is used for direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

In connection with the use of information society services – notwithstanding Directive 2002/58 / EC – you may exercise your right to object through automated procedures using technical specifications.

h. Right to revoke the declaration of consent to processing of personal data concerning you
You have the right to revoke your declaration of consent at any time. Revoking the consent will not affect the legality of any processing performed before the revocation.

i. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you violates the GDPR.

The supervisory authority to which the complaint was lodged informs the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 of the GDPR.

Interested in our portfolio? Project Inquiry? Questions related to an upcoming project?
We will find the best course of action and suitable solution to transform you business.


CONTACT