Contact

Privacy Policy

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. “Personal data” means all data that can be used to personally identify you. Detailed information on data protection can be found in our privacy notice set out below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information on the controller” in this privacy notice.

How do we collect your data?

On the one hand, your data are collected when you provide them to us. This may, for example, be data that you enter into a contact form or submit as part of a newsletter subscription.

Other data are collected automatically by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system, time of page view) as well as server log data. These data are processed primarily to ensure the technical provision of the website and, in anonymised form, for statistical purposes (web analytics with Matomo).

Where we ask you for consent in individual cases (e.g. to receive a newsletter), the processing of the relevant data is based on this consent.

For which purposes do we use your data?

Some of the data are collected to ensure the error-free and secure provision of the website (e.g. server logs).

We use other data to perform anonymised analysis of how our website is used, in order to improve its content and structure (web analytics with Matomo).

If enquiries are submitted to us via the website (e.g. via the contact form), we use the data you provide to process these enquiries and – where applicable – to initiate or perform contractual relationships.

What rights do you have regarding your data?

You have the right at any time, free of charge, to obtain information about the origin, recipients and purposes of your stored personal data. You also have the right to request the rectification or erasure of these data. If you have given consent to the processing of your data, you may withdraw this consent at any time with effect for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time for this purpose or if you have any further questions about data protection.

Analytics tools

When you visit this website, your visit is statistically evaluated in anonymised form. For this purpose, we exclusively use the open-source web analytics software Matomo, which we operate ourselves on servers located in the EU.

We do not use analytics tools provided by third parties (such as Google Analytics) and we do not set any tracking, marketing or analytics cookies in this context. Detailed information about Matomo can be found in the section “Matomo” in this privacy notice.

Cookies

We consistently follow the principle of data minimisation. We do not use cookies on this website. No information is stored on or read from your end device, whether in the form of cookies or by comparable technologies (e.g. local storage, session storage or tracking pixels); there is no access to your end device within the meaning of Section 25(1) of the German Telecommunications-Telemedia Data Protection Act (TDDDG).

2. Hosting

Wir hosten die Inhalte unserer Website bei folgendem Anbieter:

Hetzner

The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (“Hetzner”).

For details, please refer to Hetzner’s privacy policy: https://www.hetzner.com/de/legal/privacy-policy/

The use of Hetzner is based on Article 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website possible.

Data processing agreement

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law which ensures that this provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General information and mandatory disclosures

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy notice. When you use this website, various personal data are collected. Personal data are data by which you can be personally identified. This privacy notice explains which data we collect and what we use them for. It also explains how and for what purpose this happens.

Please note that data transmission over the internet (e.g. communication by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information on the controller

The controller responsible for data processing on this website is:

IOWIS GmbH
Lochbrunnenstraße 14
74889 Sinsheim
Germany


E-Mail: contact@iowis.com

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Storage period

Unless a more specific storage period has been stated within this privacy notice, your personal data will remain with us until the purpose for data processing ceases to apply. If you assert a justified request for erasure or withdraw your consent to data processing, your data will be erased unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, erasure will take place after these reasons cease to apply.

General information on the legal bases of data processing on this website

Where you have given your consent to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR and, where special categories of data within the meaning of Article 9(1) GDPR are processed, on the basis of Article 9(2)(a) GDPR. In the case of express consent to the transfer of personal data to third countries, processing is additionally based on Article 49(1)(a) GDPR. Consent may be withdrawn at any time.

If your data are required for the performance of a contract or in order to take steps prior to entering into a contract, we process your data on the basis of Article 6(1)(b) GDPR. Furthermore, we process your data where this is necessary for compliance with a legal obligation on the basis of Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interests pursuant to Article 6(1)(f) GDPR. The relevant legal basis in each individual case is explained in the following paragraphs of this privacy notice.

Recipients of personal data

In the course of our business activities, we work with various external parties. In some cases, the transfer of personal data to these external parties is necessary. We only transfer personal data to external recipients where this is required for the performance of a contract, where we are legally obliged to do so (e.g. transfer of data to tax authorities), where we have a legitimate interest pursuant to Article 6(1)(f) GDPR in such transfer, or where another legal basis permits the data transfer. When using processors, we transfer personal data of our customers only on the basis of a valid data processing agreement. Where processing is carried out jointly, a joint controller agreement is concluded.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You may withdraw consent that you have already given at any time. The lawfulness of the processing carried out before the withdrawal remains unaffected by the withdrawal.

Right to object to processing in specific cases and to direct marketing (Article 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ARTICLE 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT, AT ANY TIME AND ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA, INCLUDING ANY PROFILING BASED ON THOSE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED IS SET OUT IN THIS PRIVACY NOTICE. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ARTICLE 21(1) GDPR).

WHERE YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ARTICLE 21(2) GDPR).

Right to lodge a complaint with a supervisory authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data which we process on the basis of your consent or in performance of a contract transmitted to you or to a third party in a structured, commonly used and machine-readable format. Where you request the direct transfer of the data to another controller, this will only be carried out where technically feasible.

Access, rectification and erasure

Within the framework of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, their origin and recipients and the purpose of the data processing and, where applicable, a right to rectification or erasure of these data. You can contact us at any time for this purpose or if you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

  • If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of processing of your personal data.
  • If the processing of your personal data was/is unlawful, you may request restriction of processing instead of erasure.
  • If we no longer need your personal data, but you require them for the establishment, exercise or defence of legal claims, you have the right to request restriction of processing instead of erasure.
  • If you have lodged an objection pursuant to Article 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of processing of your personal data.

Where you have obtained restriction of processing, your personal data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL and TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser address line changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Objection to promotional emails

We hereby object to the use of contact data published as part of our legal notice obligations for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

4. Data collection on this website

Contact form

If you send us enquiries via the contact form, the information you provide in the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions. We do not pass on these data without your consent.

The processing of these data is based on Article 6(1)(b) GDPR if your enquiry is related to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if this has been requested; consent may be withdrawn at any time.

The data you enter in the contact form will remain with us until you ask us to erase them, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g. after your enquiry has been fully processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Spam and abuse protection with ALTCHA

To protect our forms against spam and automated attacks, we use the self-hosted captcha solution “ALTCHA”. Before the form is submitted, your browser performs a so-called proof-of-work computation in the background; the resulting proof is transmitted to our server together with the form.

We operate ALTCHA entirely within our own infrastructure. No data are transmitted to third parties, no cookies are set and no browser fingerprinting is used. The processing serves to secure our online services and prevent misuse; the legal basis is our legitimate interest pursuant to Article 6(1)(f) GDPR.

5. Analytics tools and advertising

Matomo

This website uses the open-source web analytics service Matomo.

With the help of Matomo, we analyse in anonymised form how our website is used (for example, which pages are accessed when and from which region access takes place). For this purpose, in particular server log data (such as IP address, referrer, browser and operating system used, time of access) are processed.

The use of this analytics tool is based on Article 6(1)(f) GDPR. Our legitimate interest lies in a data-minimised measurement of reach, the improvement of our web offering and the assurance of the website’s technical operation.

IP anonymisation

When analysing with Matomo, we use IP anonymisation. Your IP address is shortened before analysis so that it can no longer be directly attributed to you as a person.

Cookieless analytics

We have configured Matomo so that Matomo does not store any cookies in your browser and does not access information on your end device. Analytics is carried out exclusively on the basis of the server log files of our web server.

Hosting

We host Matomo exclusively on our own servers, so that all analytics data remain with us and are not passed on to third parties.

6. Newsletter

Newsletter data

If you would like to subscribe to the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data are not collected or are only collected on a voluntary basis. We use these data exclusively for sending the requested information and do not pass them on to third parties.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Article 6(1)(a) GDPR). You may withdraw the consent you have given to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The lawfulness of the data processing operations already carried out remains unaffected by the withdrawal.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter with us and/or the newsletter service provider and will be erased from the newsletter distribution list after you unsubscribe or after the purpose no longer applies. We reserve the right to erase or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Article 6(1)(f) GDPR.

Data stored by us for other purposes remain unaffected.

After you have unsubscribed from the newsletter distribution list, your email address may be stored by us and/or the newsletter service provider in a blacklist where this is necessary to prevent future mailings. The data in the blacklist are used solely for this purpose and are not combined with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Article 6(1)(f) GDPR). Storage in the blacklist is not limited in time. You may object to this storage where your interests outweigh our legitimate interest.