This data protection declaration of e*Message Wireless Information Services Deutschland GmbH (hereinafter referred to as “e*Message”) explains to you the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and any associated websites, functions and content, as well as any external online presence, such as our social media profile, (hereinafter jointly referred to as “online offering”). With regard to the terms used, such as “personal data” or their “processing”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Updated : 26.03.2021
Information Services Deutschland GmbH
Schönhauser Allee 10-11
Tel.: + 49 (0) 30 4171 - 0
For general questions or suggestions regarding data protection, please contact e*Message’s company data protection officer at datenschutz[at]emessage.de.
Categories of persons affected by data processing
contact data, such as telephone, fax and email data, contact history, as well as any other data necessary for fulfilling the contract
contact data, as well as any other data, such as data necessary for the use of the online offering
in particular employees, trainees, rehabilitants, applicants, retired persons, interns data necessary for the decision on establishing or implementing an employment relationship, such as contract and performance data
in particular suppliers, service providers, agents, brokers, agencies contact data such as telephone, fax and email data, contact and order history, as well as any other data necessary for the fulfilment of the contract
Visitors and users of the online offering
hereinafter collectively referred to as “users”
Types of data processed:
In principle, no special data categories are processed unless they are supplied by the user for processing, e.g. entered in online forms.
If personal data (e.g. names or email addresses) is collected on our website, this is done on a voluntary basis. We collect navigation information from website visitors, in order to further improve our offer, for marketing and website optimisation purposes. This is data about the computer and the visit to our website. Personal data is collected within the scope of the following tasks:
We inform you about the legal basis of our data processing in accordance with Art. 13 GDPR.
If not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 (a) and Art. 7 GDPR. Art. 6 para. 1 (b) GDPR is applicable to the processing for the fulfilment of our services and the implementation of contractual measures, as well as to responses to enquiries. Art. 6 para. 1 (c) GDPR applies as the legal basis for the processing in order to fulfil our legal obligations and Art. 6 para. 1 (f) GDPR applies to the processing to safeguard our legitimate interests in accordance with Art. 6 para. 1 (f) GDPR. In the event that the essential interests of the data subject or another natural person necessitate the processing of personal data, we refer to Art. 6 para. 1 (d) GDPR.
The operation of the radio network also requires the collection of personal data on the basis of §§ 113a and 113b of the Telecommunications Act (TKG).
We request that you inform yourself regularly about the content of our data protection declaration. It will be adapted as soon as this is made necessary by changes in the data processing carried out by us. We will inform you if the changes require your cooperation (e.g. consent) or any other individual notification.
take appropriate technical and organisational measures in accordance with Art.
32 GDPR to ensure a level of protection appropriate to the risk, taking into
account the state of the technology, the implementation costs and the nature,
scope, circumstances and purposes of data processing, as well as the different
occurrence probability and the severity of the risk to the rights and freedoms
of natural persons.
shall in particular include ensuring the confidentiality, integrity and
availability of data by controlling physical access to the data, as well as any
access to, input, disclosure, securing and separation of data. In addition, we
have established procedures to ensure that data subjects’ rights are exercised,
that data is deleted and that we react to data threats.
already take into account the principle of data protection through technology
design when selecting hardware and software, when developing processing methods
and through data protection-friendly default settings (Art. 25 GDPR).
The security measures include in particular the encrypted transmission of data between your browser and our server or to the servers of our suppliers.
as we disclose data to other persons and companies (contract processors or
third parties) within the context of our data processing, transfer data to them
or otherwise grant them access to the data, this shall only take place on the
basis of legal permission (e.g. if a transfer of the data to third parties in
accordance with Art. 6 Para. 1 (b) GDPR is necessary for the fulfilment of the
contract), if you have consented, if there is a legal obligation to do so or on
the basis of our legitimate interests (e.g. when using agents, web hosts,
we commission third parties with the processing of data on the basis of a
so-called “order processing contract”, this is done on the basis of Art. 28
Categories of recipient:
CRM solution providers (HubSpot), providers of web analytics services (Google and its partner companies), service providers for the destruction of data, shipping providers, web hosting providers, payment service providers.
If we have data processed in the context of the use of third party services in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done by disclosure or transfer of data to third parties, this is only done on the basis of your consent, a legal obligation or our legitimate interests. Subject to legal or contractual permissions, we will only allow the data to be stored in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that data processing takes place on the basis of special guarantees, for example, such as the officially recognised determination of a data protection level corresponding to that of the EU or the observance of officially recognised, special contractual obligations (so-called “standard contractual clauses”), available at: https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32010D0087&from=DE.
You have the right
You have the right to revoke any consent granted pursuant to Art. 7 para. 3 GDPR with effect for the future.
You may object at any time to the future processing of the data concerning you in accordance with Art. 21 GDPR. The objection may in particular be lodged against processing for the purposes of direct marketing.
The data processed by us will be deleted or their processing restricted in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.
According to legal requirements, the deletion will take place in accordance with § 257 para. 1 HGB (German Commercial Code) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting records etc.) or § 147 para. 1 AO (German Fiscal Code) (books, records, management reports, accounting records, commercial and business letters, documents relevant for taxation etc.).
Further retention periods apply according to § 95 (3) TKG for inventory data (e.g. names and addresses, as well as user contact data). Traffic data (e.g. telephone numbers, IP addresses) shall remain stored in accordance with Section 113b (1) sentence 1.
process inventory data (e.g. names, addresses and user contact data) and
contract data (e.g. services used, names of contact persons, payment
information) for the purpose of fulfilling our contractual obligations and services
in accordance with Art. 6 para. 1 (b) GDPR.
process traffic data (e.g. telephone numbers, IP addresses) for the purpose of
providing our telecommunications services.
We process usage data (e.g. the websites from our offering which have been visited, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes.
contacting us (via contact form or email), the user’s details will be
processed, in order to handle and complete the contact request in accordance
with Art. 6 para. 1 (b) GDPR.
User data can be stored in our customer relationship management system and marketing automation platform (“CRM & Marketing System”) or a comparable enquiry system.
registration service allows visitors to our website to learn more about our
company, download content and provide their contact information. This information
is stored on our software partner’s servers HubSpot. We
may use them to contact visitors to our website and to determine which of our
company’s services are of interest to them. All the information collected by us
is subject to this data protection declaration. All the information collected
is used exclusively for marketing optimisation purposes.
We will delete the requests provided they are no longer required. Enquiries from customers with customer accounts are assigned to this account, so we refer to the customer account details for deletion. The data collected will furthermore be deleted in accordance with section 12 of this data protection declaration
Users can only write comments and contributions after prior registration. This requires consent to data storage and use, as well as acceptance of our data protection declaration.
collect data about every access to the server on which this service is located
(so-called server log files) on the basis of our legitimate interests in
accordance with Art. 6 para. 1 (f) GDPR. The access data includes the name of
the website accessed, file, date and time of access, amount of data
transmitted, notification of successful access, browser type and version,
user’s operating system, referrer URL (the website visited beforehand), IP
address and requesting provider.
Log file information is stored for a maximum of seven days for security reasons (e.g. to clarify cases of abuse or fraud) and then deleted. Data which needs to be stored beyond this time for evidence purposes is excluded from deletion until the respective incident has been clarified conclusively.
We use Google Analytics, a web
analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street,
Dublin 4. Irland (“Google”), on the basis of your consent.
In order to protect your data, we
have extended Google Analytics with the configuration parameter “anonymizeIP”. This
means that your IP address will only be processed in truncated form and your
personal data will be anonymised in Google Analytics.
Dispatch of the newsletter and the performance measurement are based on the recipients’ consent in accordance with Art. 6 para. 1 (a), Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the legal permission according to § 7 para. 3 UWG. The registration procedure is recorded on the basis of our legitimate interests pursuant to Art. 6 para. 1 (f) GDPR and serves as proof of consent to receiving the newsletter.
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. If users have only subscribed to the newsletter and cancelled their subscription, their personal data will be deleted.
maintain online presences within social networks and platforms, in order to
communicate with customers, interested parties and users who are active there
and to inform them about our services. When calling up the respective networks
and platforms, the terms and conditions and the data processing guidelines of their
respective operators apply.
Unless otherwise stated in this data protection declaration, we process the data of users who communicate with us within social networks and platforms, e.g. posting on our online presence or sending us messages.
We embed YouTube videos on our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. A connection to the YouTube servers is established when you visit a page with the YouTube plugin. YouTube will be informed of which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your YouTube account beforehand.
If the saving of cookies is deactivated for the Google Ad programme, no such cookies are used when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you wish to prevent this, you will need to block the storage of cookies in the browser.
We offer links to third-party providers within our online offering. e*Message has no influence whatsoever on the content and design of these websites belonging to other providers. The guarantees of this data protection declaration do not apply there. If the links are used, the provider in question will be able to see the user’s IP address
The following presentation provides an overview of third party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data.