1. Privacy Policy of BIAN

BIAN e.V. c/o Schulte Riesenkampff Rechtsanwaltsgesellschaft mbH, An der Hauptwache 7, 60313 Frankfurt am Main, Germany, e-mail: info@bian.org is the controller for the use of the personal data of users of the website pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR).

BIAN respects your right to a sphere of privacy. BIAN would, by means of this Privacy Policy, like to provide the users of the offering with supplemental information concerning the handling of personal data. BIAN will of course treat all personal data that a user transmits in the course of the business relationship in compliance with the European and German applicable data protection provisions.

The details about how BIAN handles personal data can be found in this Privacy Policy.

By using the offering and the services associated therewith, users consent to the use of data described below.

 

  1. Scope of application

This Privacy Policy is applicable to all offerings of BIAN under the domain “www.bian.org” (“offering”).

If other offerings of BIAN have a differing Privacy Policy, the differing Privacy Policy published on the respective website or in the respective offering shall apply. The BIAN offering might contain cross-references (“links”) to other websites of third-party providers. By clicking on such links you sometimes leave the websites or offering of BIAN and reach the websites or offerings of third parties, for whose content, compliance with data protection, or data protection declaration BIAN assumes no responsibility. The BIAN Privacy Policy does not apply to such websites or offerings of third parties. In particular, BIAN is not responsible if the same data protection standards that are observed by BIAN do apply on websites or offerings not operated by BIAN. For this reason, users should carefully read through the Privacy Policies of linked websites or offerings.

 

  1. Gathering of data

3.1       Usage data

Each time you access a page of our website and every retrieval of a file access data about that process is stored in a log file on the server.

In particular, this applies to the following information:

  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/ HTTP status code
  • Transferred amount of data
  • Website from which the request was initiated
  • Browser
  • Operating system and its interface
  • Language and version of the browser software
  • IP address

The IP address is stored for the period of use only and will be deleted or anonymized afterwards immediately.

We collect the aforementioned data as this is technically necessary for us to be able to display our website and to ensure the stability and security of the website. The legal basis of this processing is Art. 6 (1) sentence 1 lit. f) GDPR.

 

3.2       Personal data

If you use our website not only for information purposes, you will generally need to provide further personal data, such as name, date of birth, email, address or telephone number, which we use to provide the respective services. We will collect the relevant personal data only if this is permitted by law (for example, for the performance of a contract or for legitimate interests) or if you consent to the processing of personal data.

You may withdraw your consent to the processing of personal data at any time. A revocation has direct influence on the admissibility of the processing of your personal data as soon as directed to us.

If the processing of your personal data is based on legitimate interests, you have the right to object to processing the personal data. If you exercise your right of objection, we kindly ask you to explain the reasons why we should not process your personal data. If your objection is justified, we will review the facts and adjust or modify the processing of data or inform you about imperative legitimate grounds for the processing.

We will delete your personal data as soon as the data is no longer necessary for the respective purpose. It may occur that personal data is kept for the time during which possible claims may be asserted against us (for example statutory limitation period of three or thirty years). Furthermore, we are required by law to store certain data due to the duties of proof and retention, inter alia from the German Commercial Code, the German Tax Code or the Money Laundering Act. The storage periods can be up to ten years.

 

3.2.1    Advertising

BIAN likes to contact customers to provide them with information about special offers and news on products and services. If you register on our Website or place an order for our products and services, you will be asked to indicate whether you would like to receive advertising information directly. The legal basis is Art. 6 (1) sentence 1 lit. a) GDPR.

With our newsletter service we inform you by email about our services. This requires your consent.

If you wish to subscribe to our newsletter service we ask you to provide your email address. However, before we send you the newsletter you will receive an email notification with a link. By clicking the link you consent to receive the newsletter and, hence, you will be included in our distribution list. This ensures that nobody other than you used your email address for subscription to a newsletter (so-called double opt in procedure).

If you do not confirm the registration within e.g. 24 hours we block your information immediately and delete them automatically after one month. In addition, we only store your IP address as well as the time of registration and confirmation in order to be able to prove your registration and to have the possibility to disclose the misuse of your data.

To receive our newsletter you only need to enter your email address. Providing further data is voluntary.

We store your email address for the purpose of sending our newsletter only. The legal basis is Art. 6 (1) sentence 1 lit. a) GDPR.

You may withdraw your consent to receive the newsletter at any time by sending a message to us or simply by clicking the link provided at the bottom of each newsletter. A message in text form to contact details provided (email, letter) will be sufficient.

 

3.2.2    Contractual relationship

BIAN uses personal data of users to the extent necessary for the establishment, performance or ending of the contractual relationship with the respective users. This is the case if, among other things, users wish to utilize the products and services of BIAN via the BIAN offering.

Both the simple transmission of specific personal data by the user (for example, in specific forms for product or service orders), as well as the registration of a user for the use of the BIAN service, might be necessary by way of electronic or other communication as part of the use of the BIAN offering. A user’s registration for the opening of an account on BIAN’s offering generally requires the entry of the company name, address and email address. A password is selected by the user during registration. Upon voluntary confirmation of the registration, the user receives access to BIAN’s offering.

The mandatory information required for the implementing of the contractual relationship is highlighted accordingly and will be processed for this purpose. The legal basis of this processing is Art. 6 (1) sentence 1 lit. b) GDPR. Storage of data concerning your customer account can be revoked at any time. The specified data and your entire user account can always be deleted in the customer area. You agree to treat personal access data confidentially and not to make such data available to unauthorised third parties. We do not assume liability for misused passwords unless we are responsible for the abuse. You should notify us immediately if you are concerned about a third party having knowledge of your password, if the password is used unauthorized or this seems to be likely. You are responsible for ensuring that your information is accurate and complete and that you notify us of any changes to the information provided. After completing communication with BIAN you should log out and close the browser window, especially if you share the computer with other people.

Due to commercial and tax regulations, we are obliged to store your address, payment and order data for a period of 10 years.

 

3.2.3    Contact form

If you contact us via the contact form on our website, the information provided will be stored and processed in order to process the request, as well as in case of follow-up questions. We will delete the relevant data after the storage is no longer required or restrict the processing if statutory retention periods exist.

The legal basis of this processing is Art. 6 (1) sentence 1 lit. a), lit. b) and lit. f) GDPR.

 

3.2.4    Communication with users

User data can be used within the framework of communication. In this regard as well, BIAN will adhere to its standards as set in this Privacy Policy.

In the event of inquiries by users, BIAN will process personal data for the purpose of answering them. BIAN archives correspondence with users with the goal of improvement of BIAN’s products and services and BIAN’s offering and for its own business purposes.

The legal basis of this processing is Art. 6 (1) sentence 1 lit. a), lit. b) and lit. f) GDPR.

 

  1. Transfer of data

We transmit your personal data to third parties only if you have consented to the transfer, if  the transfer is necessary for the performance of the contract, or we are enforced to do so by law .

We are also entitled to make user data available to third parties, to which claims of BIAN against users have been assigned, to the extent that making such data available is necessary to assert the claim.

We sometimes use external service providers to process your personal data. They are carefully chosen and instructed by us. They are bound by our instructions and are regularly inspected.

The data provided to our service providers may be used by them to fulfill their tasks only.

If we transfer personal data to service providers outside the European Economic Area (EEA), we will do so only if the EU Commission has decided that the third country ensures an adequate level of data protection or other appropriate safeguards exist (e.g. EU standard contractual clauses or binding corporate rules).

In order to use a collaboration tool we transfer data to a service provider. The service provider participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.

We transfer personal data to service providers for our customer relationship management software.

 

4.1.2    MailChimp

We use the list provider MailChimp to send our newsletters. MailChimp is a product of The Rocket Science Group, LLC, 512 Means Street, Ste 404 Atlanta, GA 30318. When you register for our Newsletter, the data you provide in the registration will be transferred to MailChimp and stored there. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.

MailChimp provides extensive analysis on how the newsletters are opened and used. These analyses are group-related and are not used by us for individual analysis. MailChimp additionally uses the analysis tool “Google Analytics” and includes it in the Newsletter where appropriate. For more details on Google Analytics, please refer to the “Google Analytics” section. For more information about MailChimp and their data protection, visit: http://mailchimp.com/legal/privacy/

The legal basis of this processing is Art. 6 (1) sentence 1 lit. a) and lit. f) GDPR.

 

  1. Cookies

In addition to the aforementioned usage data, cookies are stored on your computer when you use our website. These are small text files that are stored on your device and through which we receive certain information. However, cookies cannot run programs or transmit viruses to your computer. We use cookies to configure a visit to our website more attractive and to enable the use of certain functions.

We use transient and persistent cookies on our website. If you close your browser, transient cookies are automatically deleted. These cookies include, in particular, session cookies. This will allow us to recognize your computer when you return to our website. Session cookies are deleted as soon as you close the browser or log out.

In contrast, persistent cookies are automatically deleted after a specified period of time. These cookies can be deleted at any time in the security settings of your browser.

Generally, you can configure your browser settings in accordance with your personal demands and, for example, decline all cookies. However, non-acceptance of cookies may limit the functionality of our website.

We also use Flash cookies. In this case recording does not take place through your browser but through your Flash plug-in. We also use HTML5 storage objects, which are stored on your device. In this context data is stored independently of the browser used by you and does not have an automatic expiration date. In case you do not want to process Flash cookies, you must install a corresponding add-on, e.g. “Better Privacy” (Mozilla Firefox) or “Adobe Flash Killer Cookie” (Google Chrome). As far as you want to prevent the use of HTML5 storage objects, you must use the private mode in your browser. In addition, we recommend that you delete your cookies and the browsing history on a  regular basis.

 

  1. LinkedIn

BIAN uses the “LinkedIn”- plug-ins of the social network LinkedIn provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States (“LinkedIn”). The button is marked using the letters “in” or the word “share” on a blue background. If a user visits one of the websites using such a button, the user’s browser directly connects to LinkedIn’s servers. The plug-in and its content are loaded directly from LinkedIn’s servers and included in the website by the user’s browser. For this reason, the provider of the website cannot influence which data LinkedIn connects via the button. If a user that is a LinkedIn member and logged in on the network at the time of clicking on the button, LinkedIn will connect this information with the user’s profile. The reason for and scope of the data acquisition and information about the way in which the data is processed and used by LinkedIn, as well as the user’s rights in this respect and settings options for protecting the users privacy can be found in LinkedIn’s privacy statement relating to the Linked-In plug-ins: “https://www.linkedin.com/legal/privacy-policy”.

 

  1. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are saved on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to and stored on a Google server in the USA. However, in the event of activation of IP anonymisation on this website, your IP address will be truncated previously by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases, the full IP address will be sent to a Google server in the US and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be combined with other Google data.

You can prevent the storage of cookies by an appropriate setting of your browser software; however, please note that in this case, you may not be able to use the full range of all functions of this website. You may also prevent the collection of the data generated by the cookie and relating to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension “_anonymizeIp ()”. Accordingly, IP addresses are truncated and, thus, a reference to persons can be ruled out. If the data collected about you have a personal reference, this reference is immediately excluded and the personal data is deleted immediately.

We use Google Analytics to analyze and regularly improve the use of our website. With the statistics we can improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the US, Google is part of the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis of this processing is Art. 6 (1) sentence 1, lit. f) GDPR.

Information of third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and privacy policy: http://www.google.de/intl/de/policies/privacy.

This website also uses Google Analytics for cross-device analysis of visitor traffic conducted through a user ID. You can disable the cross-device analysis of your use in your customer account under “My data”, “Personal data”.

 

  1. Data integrity and security

We take all appropriate technical and organizational security measures to protect your data from manipulation, loss, destruction or unauthorized access by third parties. Our systems are secured against unauthorized access. In particular, your personal data is encrypted by us. We use the coding system SSL (Secure Socket Layer).

We expressly point out that despite all the technical precautions, the Internet does not allow absolute data security. We are not liable for acts of third parties.

 

  1. Rights of the users

You have the right of access, rectification or erasure, restriction of processing, to object and to data portability with respect to your personal data.

We are available for corresponding requests or messages at the specified address below.

Please note that the deletion of data is only possible if there are no precluding legal regulations.

Information concerning your requests or messages is transmitted in electronic form (by email). Should you use this option of providing information via email, the specified email address (both sender and recipient) will not be used for any purpose other than the provision of information and its documentation. You also have the right to lodge a complaint concerning the processing of your personal data by us with a supervisory authority.

If we are legally required to disclose data to local, state, national or international authorities, we will comply with this obligation.

We will also disclose information to third parties when required by applicable laws and regulations.

In addition, we may disclose information to investigate, prevent, or initiate countermeasures against illegal activities or suspected fraud, or to apply or enforce any of our contracts and licensing rights.

 

  1. Amendment of the Privacy Policy

BIAN reserves the right to amend this Privacy Policy at any time, but BIAN will always observe the applicable statutes concerning data protection. An up-to-date version is available at our website. BIAN recommends that users regularly review our Privacy Policy  in order to be informed about our current Privacy Policy.

 

Contact

If you have questions, comments or inquiries with regard to the collection, processing and use of your personal data by us, please contact us at the contact details provided below.

BIAN e.V.
Platz der Einheit 1
60327 Frankfurt am Main
Germany
Tel: 49 (0) 177 8 66 36 27
Email:  info@bian.org

 

– BIAN –

 

Download the Privacy Policy