Privacy policy

Owned by Peter Schöll
Last updated: Dez. 04, 2024
16 min read

 

Scopevisio AG's privacy policy for the

URL at help.scopevisio.com

We are very delighted that you have shown interest in our company. Data protection is of a particularly high priority for the management of Scopevisio AG, Bonn (hereinafter referred to as "Scopevisio"). This Privacy Policy only applies to your use of our website at the URL "help.scopevisio.com". It is generally possible to use our website at the above URL without providing any personal data. However, if a data subject wishes to make use of special services offered by our company under the specified URL, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to us. By means of this privacy policy, we would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, this privacy policy informs data subjects about their rights.

As the controller, Scopevisio AG, Bonn has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this URL. Nevertheless, Internet-based data transmissions may in principle have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

  1. Definitions

This Privacy Policy is based on the terminology used in the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology in advance.

We use the following terms, among others, in this Privacy Policy:

a) personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Person concerned

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

e) Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

f) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

g) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

h) Third party

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

i) Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  1. Name and address of the controller

The controller within the meaning of Art. 4 No. 7 GDPR is:

Scopevisio AG
Rheinwerkallee 3
53227 Bonn
Phone: 0800 800 800
Fax: 0800 500 00 20
E-mail: info@scopevisio.com
Website: www.scopevisio.com 

Queries and requests for information, amendment, blocking or deletion can be sent by post to this address or by email to <email address>.

  1. Name and address of the data protection officer

The data protection officer of the controller is

Günter Hilgers

EcoVisio GmbH

Rheinwerkallee 3

53227 Bonn

E-mail: datenschutz@scopevisio.com

Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

  1. Contact details of the supervisory authority (North Rhine-Westphalia)

The competent supervisory authority for the controller is

Name:                 State Commissioner for Data Protection and Freedom of Information

                              North Rhine-Westphalia

Street:                 Kavalleriestraße 2 - 4

Place:                  40213 Düsseldorf

Phone:                +49 (0) 211 / 384 24 - 0

Fax:       +49 (0) 211 / 384 24 - 10

E-Mail:                poststelle@ldi.nrw.de

  1. Cookies

Necessary cookies are required for the website to function properly. Such cookies make a website usable by providing basic functions such as page navigation and access to secure areas of the website or language settings. Due to their importance for the functioning of the website, you cannot refuse this type of cookie. We base the associated processing of personal data on Art. 6 para. 1 lit. b GDPR.

The necessary cookies that we use for the provision of this website include cookies that recognize whether a user is using Java Script, allow a user to receive content from one of several servers while the user is visiting the website, maintain the user's status for all page views.

Session cookies (also called "session cookies"): Session cookies allow you to navigate quickly and easily through many pages of a website without having to re-enter all the settings you have already made or authenticate for each area you visit. Session cookies are a combination of one or more temporary cookie files that are deleted when you close your browser. If you restart your browser and return to the website that created the cookie, the website will not recognize you. You will have to log in again (if login is required) or select your preferences/themes again if the website offers these functions.

The site does not use cookies requiring consent on the basis of Art. 6 para. 1 lit. a GDPR.

 

  1. Collection of general data and information

Our website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. This anonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

We also use local storage and session storage technology (also known as "local data", "local storage" and "session storage"). With local storage, data is stored locally in the cache of your browser, which continues to exist and can be read even after closing the browser window or exiting the program if you do not actively delete the cache. Local Storage allows your preferences to be stored on your computer and used by you when you use our websites. The function of Session Storage is similar to Local Storage, except that the corresponding data is automatically removed from your browser's cache immediately after closing the browser ("session").

Third parties cannot access the data stored in Local Storage or Session Storage. They are not passed on to third parties and are not used for advertising purposes. In particular, this technology is used to present our content to you in an appealing graphic display (e.g. pop-up windows, etc.) and to personalize our offer and navigation on our pages for you. You can manage local storage content in the browser via the settings for "History" or "Local data", depending on which browser you are using. If you restrict the described functions accordingly, this may result in functional restrictions.

Legal basis for the processing of personal data

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to maintain the compatibility and stability of this web application for as many users as possible, including combating misuse and troubleshooting.

Duration of storage

The aforementioned technical data is deleted as soon as it is no longer required in order to ensure the compatibility of this web application for all visitors . We have no influence on the storage duration of the data in your local storage. You can manage local storage content in the browser via the settings for "History" or "Local data", depending on which browser you are using. If you restrict the described functions accordingly, this may result in functional restrictions.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

  1. Scope and purpose of the data collected

7.1        help.scopevisio - General

The following data is stored each time a website or a file accessible via a browser program is requested:

·       the requested web page or file,

·       Date and time of the request,

·       the amount of data transferred,

·       the description of the type of web browser and operating system used,

·       the IP address of the requesting computer.

This information is used to optimize the Scopevisio AG websites and to log any attacks on our services via the Internet.

The data listed will be deleted automatically or by our employees after one year.

7.2        help.scopevisio - Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures (e.g. questions about our products, our company or others).

The data transmitted by you will remain with us until the purpose for data storage no longer applies (e.g. after your request has been processed) or you request us to delete the data in accordance with Art. 17 GDPR. Mandatory statutory provisions - in particular retention periods - remain unaffected.

7.3        help.scopevisio - Smart Assistant

This website uses a Large Language Model (LLM) as an AI-based solution to provide you with efficient support for Scopevisio applications.

In addition to providing information on topics related to Scopevisio applications, you can use your user input to get targeted answers to your questions in the context of Scopevisio applications.

Please note that only questions relating to Scopevisio applications can be answered. General or off-topic queries, such as general questions from the World Wide Web (www), will not be processed.

The data you enter is not transmitted directly to LLM, but is first sent to our own system (backend). There, your requests are enriched with relevant information from the online help and then forwarded to LLM for processing.

The LLM's responses are sent back to you via our backend. At no time is there a direct connection between you and the LLM.

This architecture allows you to use the service anonymously.

 

  1. Matomo

Scope and description of the processing of personal data

The URL provided uses "Matomo", a web analytics service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Matomo is an open source advertising analytics platform. The web application is operated on our own server. No personal data is shared with third parties. Visitors are counted via JavaScript API. The information collected in this way is stored exclusively on our server (backend), namely the following data:

  • two bytes of the IP address of the user's accessing system,

  • the website accessed,

  • the website from which the user accessed the accessed website (referrer),

  • the subpages accessed from the accessed website,

  • the time spent on the website,

  • the frequency with which the website is accessed,

Matomo offers the option of not storing the IP address. We expressly refrain from recording IP addresses - not even in anonymized form. The software is set so that IP addresses are not saved. In this way, it is no longer possible to identify the accessing computer.

Legal basis for the processing of personal data

We use Matomo on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the continuous improvement of our website to ensure the greatest possible user comfort, which we can only achieve on the basis of anonymized evaluations of user behavior, because only then do we know, for example, which areas of our website were visited frequently and which were not visited at all or only for a short period of time.

Purposes of the processing

We use Matomo to analyze the use of our website and individual functions and offers in order to continuously improve the user experience. By statistically evaluating user behavior, we improve our offer and make it more interesting for visitors.

Duration of storage

The data of the processing described here will be deleted after a storage period of 365 days.

Objection to data collection

You can prevent the analysis by deselecting existing cookies in the cookie settings or deleting them in the browser and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all functions of this website to their full extent.

Further information on data protection can be found in Matomo's privacy policy at: matomo.org/privacy-policy/

  1. Deletion and blocking of personal data

Unless otherwise stated:

The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by laws or regulations to which the controller is subject.

If the storage purpose no longer applies or if a storage period prescribed by another competent legislator expires, the personal data will be blocked or deleted in accordance with the statutory provisions.

10.       Rights of the data subject

a) Right to information

You can exercise your right to information from us at any time in accordance with Art. 15 GDPR as to whether personal data concerning you is being processed by us.

b) Right to rectification

You can exercise your right to rectification at any time in accordance with Art. 16 GDPR and request the rectification of inaccurate personal data concerning you.

c) Right to restriction of processing

You can exercise your right to restrict processing against us at any time in accordance with Art. 18 GDPR and request the restriction of processing, provided that the legal requirements for this are met.

d) Right to erasure

You can exercise your right to erasure against us at any time in accordance with Art. 17 GDPR and demand that personal data concerning you be erased immediately if this data is no longer required for the purposes for which it was collected or otherwise processed. This right to erasure may conflict with other legal obligations (e.g. retention obligations).

e) Right to information

You can assert your right to information in accordance with Art. 19 GDPR at any time. If you have exercised your right to erasure, rectification or restriction of processing of personal data concerning you, we are obliged to notify all recipients to whom the personal data concerning you have been disclosed of the rectification or erasure of the data or the restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.

f) Right to data portability

You can exercise your right to data portability vis-à-vis us at any time in accordance with Art. 20 GDPR. You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller if this is technically feasible.

g) Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you lodge an objection, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

Where we process personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. If the data subject objects to us to the processing for direct marketing purposes, we will no longer process the personal data for these purposes (objection pursuant to Art. 21 (2) GDPR).

h) Right to withdraw consent under data protection law

You have the right to withdraw your data protection consent to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

i)            Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

11.       Legal basis of the processing1

Unless otherwise stated:

Art. 6 para. 1 sentence 1 lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service or consideration, the processing is based on Art. 6 (1) sentence 1 lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 para. 1 sentence 1 lit. c GDPR. In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 para. 1 sentence 1 lit. d GDPR.

Ultimately, processing operations could be based on Art. 6 (1) sentence 1 lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

12.       Legitimate interests in the processing pursued by the controller or a third party1

Where the processing of personal data is based on Article 6 (1) sentence 1 lit. f GDPR, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and our shareholders.

13.       Duration for which the personal data is stored1

The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the corresponding data is routinely deleted, provided that it is no longer required for contract fulfillment or contract initiation.

14.       Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision1

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner).

Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded.

Before personal data is provided by the data subject, the data subject must contact the controller under 2 or our data protection officer under 3. We will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

 

  1. This data protection declaration was created in the marked points by the data protection declaration generator, which is operated and made available in cooperation between DGD Deutsche Gesellschaft für Datenschutz GmbH, Dachau (available at: https://dsgvo-muster-datenschutzerklaerung.dg-datenschutz.de) and the law firm Wilde/Beuger/Solmecke Rechtsanwälte GbR, Cologne (available at: https://www.wbs-law.de/it-recht/datenschutzrecht/datenschutzerklaerung-generator/). These texts are subject to the copyright of DGD Deutsche Gesellschaft für Datenschutz GmbH, Dachau and the law firm Wilde/Beuger/Solmecke Rechtsanwälte GbR, Cologne.