Privacy Policy
1) Information about the collection of personal data and contact details of the person responsible
​
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.
1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Matthias Haefner, Philipp-Fasel-Str. 6, 97076 Wuerzburg, Germany, phone: +49 176 20970877, email: info@heosys.de. The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.
​
2) Data collection when visiting our website
​
If you only use our website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if necessary: in anonymous form)
The processing takes place in accordance with Article 6 Paragraph 1 Letter f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
​
3) Hosting & Content-Delivery-Network
​
3.1 Wix
For the hosting of our website and the display of the page content, we use the system of the following provider: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel. Data is also transferred to: Wix Inc, 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA.
All data collected on our website is processed on the provider's servers. We have concluded an order processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
In the case of data transfer to the provider's location, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.
3.2 Google Cloud CDN
We use a content delivery network from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. The processing is carried out to protect our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6 (1) lit. f DSGVO. Data may also be transferred to: Google LLC, USA
We have concluded an order processing agreement with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.
For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.
​
​
4) Cookies
​
In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie.
If personal data is also processed by individual cookies implemented by us, the processing takes place in accordance with Article 6 Paragraph 1 Letter b GDPR either to execute the contract or in accordance with Article 6 Paragraph 1 Letter f GDPR to safeguard our legitimate interests the best possible functionality of the website and a customer-friendly and effective design of the page visit.
We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we work together with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. These can be found for the respective browsers under the following links:
Firefox: https://support.mozilla.org/de/kb/cookies-allow-and-reject
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: http://help.opera.com/Windows/10.20/de/cookies.html
Please note that if cookies are not accepted, the functionality of our website may be restricted.
​
5) Contact
When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Article 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted once your request has been processed. This is the case if it can be inferred from the circumstances that the facts in question have been finally clarified and provided that there are no legal storage obligations to the contrary.
​
6) Web Analytics Services
​
- Wix Analytics
This website uses the analysis service "Wix Analytics", a service of Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel ("Wix"). Various user data is collected and stored via Wix Analytics for optimization and marketing purposes and processed and summarized in statistical reports in an anonymous form. This includes login details, time zone setting, operating system and platform, information about visits including URL, session duration, number of pages viewed per session, search terms, information about what you searched for or viewed on our site, website response time and conversion rates. To do this, Wix Analytics uses cookies. Cookies are small text files that are stored locally in the cache of the website visitor's Internet browser. The cookies enable, among other things, the recognition of the Internet browser. The data collected via Wix Analytics will not be used to personally identify the visitor to this website without the separate consent of the person concerned and will not be combined with personal data of the person concerned.
All of the processing described above, in particular the setting of Wix Analytics cookies for reading information on the end device used, will only be carried out if you have given us your express consent in accordance with Article 6 (1) (a) GDPR. Without this consent, Wix Analytics will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website.
In the case of the transmission of data to Wix in Israel, the appropriate level of data protection is guaranteed by the adequacy decision of the European Commission. You can find further information on data protection from Wix on the following website: https://de.wix.com/about/privacy
We have concluded an order processing contract with Wix (available at https://de.wix.com/about/privacy-dpa-users/), with which we oblige the provider to protect our customers' data and not to pass it on to third parties .
​
7) Rights of the data subject
7.1 The applicable data protection law grants you the following data subject rights (rights to information and intervention) vis-à-vis the person responsible with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective exercise requirements:
- Right to information according to Art. 15 GDPR;
- Right to rectification according to Art. 16 GDPR;
- Right to erasure according to Art. 17 GDPR;
- Right to restriction of processing in accordance with Art. 18 GDPR;
- Right to information according to Art. 19 GDPR;
- Right to data portability according to Art. 20 GDPR;
- Right to revoke granted consent in accordance with Art. 7 Para. 3 GDPR;
- Right to complain according to Art. 77 GDPR.
7.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF A BALANCING OF INTERESTS IN OUR PREVIOUS LEGITIMATE INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION WITH EFFECT FOR THE FUTURE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP THE PROCESSING OF THE DATA INVOLVED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN PROVE COMPREHENSIVE REASONS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING IS FOR THE CERTIFICATION, EXERCISE OR DEFENSE OF LEGAL CLAIMS. IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING. YOU MAY OBJECT AS DESCRIBED ABOVE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP THE PROCESSING OF THE DATA INVOLVED FOR DIRECT MARKETING PURPOSES.
​
8) Duration of storage of personal data
The duration of the storage of personal data is based on the respective legal basis, the processing purpose and - if relevant - also based on the respective statutory retention period (e.g. commercial and tax retention periods).
When processing personal data on the basis of an express consent in accordance with Article 6 Paragraph 1 lit. a GDPR, this data is stored until the person concerned revokes his consent.
If there are statutory retention periods for data that are processed as part of legal or similar obligations on the basis of Article 6 (1) (b) GDPR, this data will be routinely deleted after the retention period has expired, provided that it is no longer required to fulfill or initiate a contract and/or we have no legitimate interest in further storage.
When personal data is processed on the basis of Article 6 (1) (f) GDPR, this data is stored until the data subject exercises his or her right to object under Article 21 (1) GDPR, unless we can provide compelling reasons worthy of protection for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct advertising on the basis of Article 6 Paragraph 1 lit. f GDPR, this data is stored until the data subject exercises his right of objection under Article 21 Paragraph 2 GDPR.
Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.
​