Privacy

Personal data is processed by us only as necessary and for the purpose of providing a functional and user-friendly website.

Pursuant to Article 4 (1) of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), “processing” means any operation performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of processing. In addition, we inform you below about the third-party components used by us for optimization purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Our privacy policy is structured as follows:
I. Information about us as the responsible party
II. rights of users and data subjects
III. Information on data processing

I. Information about us as the responsible party

Responsible provider of this website in the sense of data protection law is:
blueplant GmbH
Zollstockgürtel 61
D-50969 Cologne (Germany)

Directors: Batjamin Löbbecke, Christoph Wendelken

Telephone: +49 221 99381240
E-Mail: info@blueplant.cloud

Data Protection Officer:
Holger Flemig, EPRO Consult Dr. Prössel und Partner GmbH
E-Mail: blueplant(at)epro-consult.de

 

II. rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right to

  • to confirmation as to whether data concerning them is being processed, to information about the data being processed, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR);
  • to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
  • to the immediate erasure of the data concerning them (cf. also Art. 17 GDPR), or, alternatively, insofar as further processing is necessary pursuant to Art. 17 (3) GDPR, to restriction of processing in accordance with Art. 18 GDPR;
  • to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR);
  • to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions (cf. also Art. 77 GDPR).

In addition, the Provider is obliged to inform all recipients to whom data has been disclosed by the Provider about any correction or deletion of data or restriction of processing that takes place on the basis of Articles 16, 17 (1), 18 GDPR. However, this obligation does not exist insofar as this notification is impossible or involves a disproportionate effort. Notwithstanding the above, the user has a right to information about these recipients.

Likewise, according to Art. 21 GDPR, users and data subjects have the right to object to the future processing of data concerning them, provided that the data is processed by the provider in accordance with Art. 6 (1) (f) GDPR. In particular, an objection to data processing for the purpose of direct marketing is permitted.

 

III. Information on data processing

Your data processed during the use of our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information on individual processing procedures is provided below.

 

Server data
For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted by your Internet browser to us or to our web space provider and stored in log data (server log files). With these so-called server log files, among other things, the type and version of your Internet browser, the operating system, the website from which you have accessed our website (referrer URL), the website(s) of our website that you visit, the date and time of the respective access, the IP address of the Internet connection from which the use of our website takes place, as well as the amount of data transferred and the requesting provider are collected.

The data collected in this way is temporarily stored, but not together with other data from you.
This storage takes place on the legal basis of Art. 6 para. (1) f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted within seven days at the latest, unless further retention is required for evidentiary purposes. Otherwise, the data will be partially or fully exempt from deletion until the final resolution of an incident.

 

Cookies

This website uses cookies. With our online presence, we use so-called cookies to personalize content and ads, provide social media features, and analyze access to our website. Additionally, we share information about your use of our website with our partners for social media, advertising, and analysis. Our partners may combine this information with other data that you have provided to them or that they have collected as part of your use of the services. You consent to our cookies if you continue to use our website.

Cookies are small text files or other storage technologies that are placed and stored on your device by the internet browser you’re using. These cookies process specific information from you on an individual basis. This processing makes our website more user-friendly, effective, and secure, enabling functions such as displaying our website in different languages or offering a shopping cart function.

This site uses various types of cookies. Some cookies are placed by third parties appearing on our pages. Cookies may be stored on your device if they are absolutely necessary for the operation of this site. For all other types of cookies, we need your permission. You can change or revoke your consent at any time in the GDPR Cookie Consent Tool ‘Cookie Compliances’ by clicking the ‘gear’ icon at the bottom left. You can also get information about the different cookies or adjust your cookie settings anytime.

Our cookies are categorized as follows:

  • Preference
  • Functional
  • Marketing

You can prevent or restrict the installation of cookies by adjusting your internet browser settings. You can also delete already stored cookies at any time. The necessary steps and measures depend on the internet browser you’re using. If you have questions, use the help function or documentation of your internet browser or contact its manufacturer or support.

If you prevent or restrict the installation of cookies, this may, however, lead to the fact that not all functions of our online presence can be used to their full extent.

 

Preferential Cookie

This processing makes our website more user-friendly, effective, and secure, enabling functions such as displaying our website in different languages or offering a shopping cart function.
The legal basis for this processing is Art. 6 Para. 1 lit. b) GDPR if these cookies process data for the initiation or execution of a contract.
If the processing does not serve the initiation or execution of a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Art. 6 Para. 1 lit. f) GDPR.

 

Matomo – Marketing Cookie

In our online presence, we use Matomo (formerly: ‘PIWIK’). This is an open-source software that allows us to analyze the use of our website. This includes processing your IP address, the website(s) of our online presence that you visit, the website from which you switched to our online presence (referrer URL), your dwell time on our online presence, and the frequency of accessing one of our websites.

Matomo stores a cookie on your device via your internet browser to collect this data.

We use Matomo to analyze the user behavior of our online presence if you have given us your consent for this by consenting to the use of the corresponding Matomo cookies through our cookie banner. The legal basis for processing your personal data for this specific purpose is then Art. 6 Para. 1 lit. a) GDPR.

You can revoke your consent to the use of the corresponding cookies at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. To do this, you only need to inform us of your revocation by

editing your consent in the cookie banner accordingly. We use Matomo with the anonymization function ‘Automatically Anonymize Visitor IPs.’ This anonymization function shortens your IP address by two bytes, making it impossible to assign it to you or the internet connection you are using.

 

Contact requests / contact possibility
If you contact us via contact form or e-mail, the data you provide will be used to process your request. The provision of the data is necessary for processing and answering your request – without their provision, we can not answer your request or at best limited.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) f) GDPR. If the e-mail contact is aimed at the conclusion of a contract or takes place within the framework of an existing contractual relationship, the additional legal basis for the processing is Art. 6 para. (1) b) GDPR.

Your data will be deleted if your inquiry has been answered conclusively and the deletion does not conflict with any statutory retention obligations, such as in the case of any subsequent contract processing.

 

Newsletter
If you register for our free newsletter, the data you requested for this purpose, i.e. your e-mail address and – optionally – your name and address, will be transmitted to us. At the same time, we store the IP address of the Internet connection from which you access our website as well as the date and time of your registration. During the further registration process, we will ask for your consent to send you the newsletter, describe the content in detail and refer to this privacy policy. We use the data collected in this process exclusively for sending the newsletter – in particular, they are therefore not passed on to third parties.

The legal basis for this is Art. 6 para. (1) a) GDPR.

In accordance with Art. 7 (3) GDPR, you can revoke your consent to the sending of the newsletter at any time with effect for the future. To do so, you only need to inform us of your revocation or use the unsubscribe link contained in each newsletter.

 

Additional Data Protection Information for Electronic Signature Services by PandaDoc

For digital signing of contracts and documents ready for signatures, we use the software PandaDoc provided by PandaDoc, Inc. , 3739 Balboa Street, Suite #1083, San Francisco, CA 94121, USA (‘PandaDoc’).

For this purpose, PandaDoc processes the data you enter when using electronic signature services, usage data from your device, and transaction-related data. The legal basis is Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 BDSG or for the purpose of fulfilling a contract with the data subject based on Art. 6 para. 1 lit. b and f GDPR. The legitimate interest lies in an efficient and cost-effective processing of contract and document signing.

Failure to provide this data may result in the inability to create an electronic signature.

We transmit personal data to employees, customers, and the relevant departments of the company.

We have concluded a contract with PandaDoc containing so-called standard contractual clauses, in which PandaDoc commits to processing user data only in accordance with the EU data protection level. The transmission of personal data to the USA may be associated with various risks in terms of the adequacy of the level of protection for the legality and security
of data processing, as the USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. Possibly, there are no remedies against access by authorities.

On July 10, 2023, the European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework. The decision stipulates that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transmitted within the new framework from the EU to US companies. The adequacy decision can now serve as a basis for data transfers to certified organizations in the USA. PandaDoc is accordingly certified under the new agreement: PandaDoc Certification Link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000hB9eAAE&status=Active

Further information on data processing by PandaDoc can be found here: https://www.pandadoc.com/privacy-policy/

We store the data collected for electronic signature until the expiry of the statutory retention period of 10 years after the termination of the respective digitally signed contract. After this period, the data collected for electronic signature is deleted.

Download more information:

Privacy Notices according to the EU General Data Protection RegulationContract for Data Processing according to Art. 28 GDPRTechnical and organizational measures