Your trust is very important to us. neosfer GmbH takes the protection of your personal data very seriously and complies with all appropriate data protection regulations. Personal data is only collected, processed and used if the person concerned has given their consent or if the collecting, processing or using of data is allowed or required by law.
Personal data is only collected to the extent that it is required for technical reasons. Under no circumstances will the data that is collected be passed on to third parties without the consent of the person concerned. The following information provides an overview of how neosfer GmbH ensures that your data is protected, what type of data is collected on the website and for which purposes it is processed or used.
Responsible for the processing of data on this website: neosfer GmbH
Eschersheimer Landstraße 6
60322 Frankfurt am Main
(Hereinafter referred to as “Company”)
You can reach our Data Protection Officer at neosfer GmbH
Data Protection Officer
Eschersheimer Landstraße 6
60322 Frankfurt am Main
2.1. Data categories
Within the scope of use of our websites, hereinafter referred to as “Online offer”, we process the following personalised data: Personalised data such as first name and surname, e-mail address, phone number, or other information provided within the scope of contacting us or details pertaining to a planned project that you have provided to us voluntarily within the scope of an online offer (e.g., during registration, request for more information, within the scope of soliciting an offer/quotation). HTTP data references protocol files that are generated when accessing the website via the Hypertext Transfer Protocol (Secure) (HTTP(S)): This includes the IP address, the browser type and version, the operating system used, the websites accessed prior to visiting the reference URL, as well as the date and time of the access. HTTP(S) data is also generated on the servers of third-party providers (e.g., when accessing third-party content). Error data is a saved error message generated by the server or individual applications.
2.2. Purposes and legal basis for data processing
In some cases, we expressly request your approval in order to process your personalised data. In this case, the legal basis for the processing of your personalised data is the consent provided by you as per Article 6, Sec. 1(a) GDPR in conjunction with Article 7 GDPR. This consent can be revoked by you at any time with effect for the future.
2.2.1. Technical administration of the website
When using the website, the browser installed on your device will send certain technically relevant information to our website’s server (among other information: HTTP data, search function data, cookies settings, as well as error data). This data is stored on the services of our hosting provider Firebase Inc. as explained in paragraph 5.
The data processing serves to repel and detect fraudulent activities or similar acts, including attacks on our IT infrastructure, as well as to enable user verification. At the same time, the processing serves to provide the requested website content and to manage all required troubleshooting. The legal basis for this data processing is our legitimate interest (Article 6, Sec. 1(f) GDPR). The use of the website is not possible without divulging personalised data such as the IP address. Communication via the website without the provision of data is not technically feasible.
2.2.2. Provision of services
Furthermore, we process data to enable the use of our website and to process queries, or to send marketing information upon request. This data is processed via Firebase Inc. as described in paragraph 5. The legal basis for this data processing is the initiation of contractual relationships or the fulfilment of our contractual obligations (Article 6, Sec. 1(b) GDPR) as well as our legitimate interest (Art. 6, Sec. 1(f) GDPR). Without the ability to process your personalised data, we would not be able to fulfil the existing contract and/or process your enquiries.
2.3. Request for contact
In order to contact us, we provide e-mail addresses our website. It can be used for contacting us electronically. If a user selects this option, the data entered into the e-mail is transferred to us and some of the data is stored. In this regard, the data is not forwarded to third parties not affiliated with the company. The data is exclusively used for the processing of the correspondence between the parties.
The legal basis for the processing of the data that is transferred via e-mail is Article 6, Sec. 1(f) GDPR. If the e-mail correspondence is targeting or insinuating the conclusion of a contract, then Article 6 Sec. 1(b) GDPR provides an additional legal basis for the processing. The data will be deleted as soon as the grounds for its collection are no longer valid and no other legal retention periods exist, for example due to tax-specific laws.
The user always has the ability to object to the processing of their personalised data. In these cases, the communication with the user must be discontinued. To do so, please send an e-mail requesting deletion to email@example.com. All personalised data that is stored within the scope of communication will be deleted, insofar as no other (statutory) retention periods apply.
Insofar as you have provided us with your consent – or if we are authorised within the scope of existing customer relationships – your contact data will also be used for direct marketing purposes (such as event invitations, newsletters) or for conducting customer satisfaction surveys. You have the right to object to the use of your contact data for these purposes. If you would like to exercise your right of objection, then please send an e-mail to firstname.lastname@example.org or follow the appropriate instructions provided in any of the advertising mails you have received from us. The legal foundations for the processing of your data for advertising purposes are listed in Article 6, Sec. 1(f) GDPR (in case of an existing business relationship) or Article 6, Sec. 1(a) GDPR if you have provided us with your consent.
On the basis of Article 6, Sec, 1 (1f) GDPR, we use links to the social networks LinkedIn, Twitter, Medium.com, and YouTube, to advertise our products and services as well as to contact you as the user sand visitors to our social media sites. The links can be recognised by the respective logo of the social network. By clicking on the logo, your browser will connect to the server of the respective service and you will be forwarded to the service provider’s website.
We host our website with Firebase Inc. When you visit our website, Firebase collects various log files including your IP addresses. Firebase is a tool for hosting websites. The use of Firebase is based on a processing agreement according to Art. 28 GDPR.
5.1 Commissioned data processing
We have concluded a processing agreement with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Within our company, access to your data is granted to those departments that need it to fulfil contractual and legal obligations. Moreover, the service providers and vicarious agents commissioned by us can receive data from us if they particularly ensure confidentiality and integrity. These service providers are companies representing the IT services industry, printing services, telecommunication services, as well as sales and marketing.
When forwarding data to recipients not affiliated with our company, it must be considered that only mandatory personalised data is forwarded under consideration of the applicable data protection provisions. We are fundamentally only permitted to forward your data if required by law, if you have provided your consent, or if we are authorised to provide information. Under these requirements, the recipients of personalised data can be:
We do not transfer data to third-party countries.
We process and store your personalised data as long as this is required for fulfilling our contractual obligations and exercising our rights. If the data is no longer required for fulfilling our contractual or legal obligations, then this data will be regularly deleted unless its – limited – processing is required for the following reasons:
Our employees and the service providers used by us are obligated to retain confidentiality and compliance with the provisions of applicable data protection laws. The company makes the required technical and organisational precautions in order to protect your personalised data from loss, alteration, deletion, and access through an unauthorised party or due to unauthorised forwarding. Our security measures are continually being updated and improved in accordance with the most recent technological developments.
Every affected party has the right to information as per Article 15 GDPR, the right to correction of data as per Art. 16 GDPR, the right to deletion as per Art. 17 GDPR, the right to limitation of processing as per Art. 18 GDPR, as well as the right to data transferability as per Art. 20 GDPR.
With regard to the right to information and the right of deletion, the restrictions pursuant to Articles 34 and 35 BDSG (Federal Data Protection Act) apply. Beyond this, the affected party has a right of appeal to a responsible data protection supervisory authority (Art. 77 GDPR in connection with Art. 19 BDSG).
You can revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent, which were provided to us prior to 25 May 2018, the date the GDPR became effective. Please consider that the revocation only applies to the future.
You have the right, for reasons related to your personal situation, to object the processing of your personal data, which particularly is processed in accordance with Article 6, Sec.1(f) GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms. In particular, this includes that the processing of the data is mandatory for the assertion, exercise, or defence of legal claims.
Beyond this, you have the right, in accordance with Article 22 GDPR, not to be subject to fully automated decision making. We generally do not use any fully automated decision-making function for establishment, implementation, and termination of the business relationship. If we employ this process in individual cases (e.g.,to improve our products and services) we will inform you about this as well as about your related rights, insofar as this is prescribed by law.
Within the scope of our business relationship, you must provide the personalised data that is essential for the initiation, execution, and termination of that business relationship and for the fulfilment of the resulting contractual obligations or which we are legally obligated to collect. Without this data, we will generally not be in the position to conclude, execute, or terminate a contract with you.
The same applies when visiting our online offer and the collection of user data. Without the collection of usage data, neither we nor our service providers are in the position to provide you with our online offer. For the use of demo functionalities it is not necessary to provide your personal data. You may use instead demo data.
We do not process your personal data in an automated manner that has any legal impact on you or similarly affect you in another significant way.