blu Gruppe has realized an efficient business model that facilitates first-class services, high employee motivation and an excellent cost structure. An ongoing intensive communication and cooperation with our subsidiaries is highly emphasized. The services of blu Gruppe focus on IT consulting and solutions for corporate functions within large companies and corporations, mainly in the fields of Finance, Automotive, Healthcare, Telco and IT.
The principles of fair and transparent data processing require that the data subject be informed of the existence of the processing operation and its purposes. The confidentiality and integrity of your personal data is of particular concern to us. We will therefore process and use your personal data carefully and appropriately in accordance with your consent and in compliance with the legal provisions on data protection.
The right to protection of personal data is not an unlimited right. It must be seen in the light of its social function and weighed against other fundamental rights, while respecting the principle of proportionality.
Personal data is any information relating to an identified or identifiable natural person. Data subjects are identifiable if they can be assigned directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, online identification or one or more special features (Article 4 (1) GDPR).
This data protection notice describes how we collect, process and use your personal data when you visit our website. You will find more detailed information in the following sections:
Responsible for the data processing on this website (i.e. the “controller”) in accordance with Article 4 (7) GDPR:
blu Systems GmbH
Keltenring 11
82041 Oberhaching
Phone: + 49 (89) 919290540
E-Mail: info@blusystems.de
Internet: https://blusystems.de/
Our data protection officer can be reached via the following contact details:
blu Systems GmbH
Data protection officer
Keltenring 11
82041 Oberhaching
Phone: +49 89 919290560
E-Mail: datenschutz@blusystems.de
Internet: https://blusystems.de/
Purpose of the data processing
We use cookies to make the use of our website more attractive, user-friendly and effective. These are small text files that are stored on your end device and contain information about the websites you visit. Cookies do not cause any damage to your computer and also do not contain viruses.
By making appropriate changes to your browser settings, you can be informed about the setting of cookies and decide individually whether to accept them or to generally exclude them, as well as arrange for the automatic deletion of cookies when the browser window is closed. By deactivating cookies, you may not be able to use all functions of our website.
If your browser settings or consent allow us to use cookies, the following cookies may be used on our website:
Legal basis
The legal basis for the processing of this data is Article 6 (1) (f) GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services.
Whenever our website is accessed, our system automatically collects information and stores it in so-called server log files.
The following data is collected by us:
Purpose of data processing/duration of storage
The storage of the above mentioned data in the log files is done to ensure the functionality of our website. In addition, this data serves us to optimize our website and to ensure the security of our information technology systems. This data is deleted after 14 days.
Legal basis for data processing
The legal basis for the processing of this personal data is Article 6 (1) (f) GDPR.
Recipient
The recipient of this data is our server host, with whom a processing contract within the meaning of Article 28 GDPR has been concluded.
Purpose of data processing
Contact us directly
You have the possibility to contact us at any time by post, telephone, fax or e-mail. To be able to process your contact request, we may store your communication (e.g. telephone number, email) and identification data (e.g. name, address).
Legal basis
If the request aims at the conclusion of a contract or is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Article 6 (1) (b) GDPR.
In all other cases the processing is based on our legitimate interest Article 6 (1) (f) GDPR) in the effective processing of the enquiries addressed to us.
Contact Form
Purpose of data processing
There is a contact form on our website. If you contact us via the contact form with questions of any kind, you give us your voluntary consent for the purpose of contacting us. In this case, the personal data transmitted with the inquiry (last name, e-mail address and telephone number) will be stored.
These data will not be passed on without your consent.
Legal basis
The legal basis for the processing of the data provided by you in the contact form is exclusively based on your consent (Art. 6 para. 1 letter a GDPR). If the request is aimed at the conclusion of a contract or if it is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
In all other cases the processing is based on our legitimate interest (Art. 6 para. 1 letter f GDPR) in the effective processing of the inquiries addressed to us.
We use Microsoft Teams, a service provided by Microsoft Corporation, to conduct telephone and video conferences, online meetings and/or online seminars. If online meetings/online seminars are to be recorded, we will inform you of this before the start of the online meeting/online seminar and – if necessary – ask for (verbal) consent. If you do not wish a recording to be made, you can leave the Online-Meeting/Online-Seminars. The following personal data may be processed:
The scope of the data depends on the information you provide before or during participation in the Online Meeting/Online Seminars.
In addition, an adequacy decision in accordance with Article 45 GDPR has been issued for data transfer to the USA.
Legal basis for online meetings
The legal basis for the processing is our legitimate interest in an attractive design of our online seminar, Art. 6 para. 1 lit. f) DSGVO.
During the online seminar, the registration names of all participants as well as the generated communication contents will be displayed and can be viewed by the other participants of the online seminar. The communication contents are stored for documentation purposes. If necessary, the online seminar is recorded and then made available to the participants.
Legal basis for online seminars
The legal basis for the processing is our legitimate interest in an attractive design of our online seminar, Art. 6 para. 1 lit. f) DSGVO.
During the online seminar, the registration names of all participants as well as the generated communication contents will be displayed and can be viewed by the other participants of the online seminar. The communication contents are stored for documentation purposes. If necessary, the online seminar is recorded and then made available to the participants.
Purpose of the data processing
To display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/ ) on our website.
Google Web fonts are cached in your browser to avoid multiple loading. If your browser does not support Google Web Fonts or prevents access, content will be displayed in a default font.
Calling up script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible – although it is currently unclear whether and for what purposes – that the operators of such libraries collect data.
The privacy policy of the library operator Google can be found here:
https://www.google.com/policies/privacy/
Legal basis
The legal basis for data processing is Article 6 (1) (f) GDPR. Our legitimate interest results from our need for an attractive presentation of our online offer.
Purpose of the data processing
Our website uses the online advertising program Google Adwords service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and within Google AdWords the conversion tracking. When you click on an ad placed by Google, a conversion tracking cookie is set. Cookies are text files that are stored on your computer and enable an analysis of the use of the websites you visit. These cookies usually expire after 30 days and are therefore no longer used to personally identify users. However, if the cookie has not expired and you visit certain pages of our website, Google and we can recognize that you have clicked on the advertisement and have been forwarded to this page. Each Google AdWords customer receives a different cookie. A tracking of the cookies is therefore not possible via the website of AdWords customers. The information collected through the conversion cookie is used to compile conversion statistics for AdWords customers who have opted-in to conversion tracking. This allows customers to know the total number of users who clicked on your ad and were redirected to a page with a conversion tracking tag. However, you will not receive information that personally identifies users – you can opt-out of tracking by changing your browser software settings. You will not be included in the conversion tracking statistics.
Legal basis
The legal basis for the described processing of personal data is Art. 6 para. 1 letter f GDPR. We have a legitimate interest in improving our website.
Purpose of the data processing
We use rapidmail on our website to send you newsletters. In doing so, we process your e-mail address for the purpose of sending the newsletter you have subscribed to. To optimize our e-mail campaigns, we track the life cycle of the e-mail (opening by recipient). Only through this function is it possible for us to optimize newsletters and send them in a targeted manner.
For further information, please refer to the privacy policy of rapidmail: https://www.rapidmail.de/datenschutz
Legal basis
The legal basis for the processing of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Order processing contract
We have concluded a contract for the processing of orders within the meaning of Article 28 GDPR with rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg, in which we oblige rapidmail GmbH to protect the data of our customers and not to pass them on to third parties. rapidmail is a German, certified newsletter software provider which has been carefully selected in accordance with the requirements of the GDPR and the BDSG (Federal Data Protection Act (FDPA)).
Revocation
You can revoke your consent to the storage of your data at any time without affecting the legality of the processing already carried out. To do so, simply unsubscribe here or click on the “unsubscribe link in the next newsletter.
Storage period
The data will be deleted as soon as they are no longer required for the purpose for which they were collected, as soon as you request us to delete them or as soon as you revoke your consent to their storage. Data that has been stored by us for other purposes remains unaffected.
Purpose of the processing
The data processing is carried out for the purpose of registration, receipt, organisation and implementation of the event. Photos or video recordings made during the event may be processed for public relations purposes and published on the Internet or in our publications.
Legal basis of the processing
Data processing is carried out on the basis of Article 6 (1) (b) GDPR and on the basis of Article 6 (1) (f) GDPR. If you have given us your consent to process photos and video recordings for the above-mentioned purposes, the data processing will be carried out on the basis of Article 6 (1) (a) GDPR. You may withdraw the consent you have given at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Recipient of the data
An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes or to comply with legal obligations.
The following companies within blu Gruppe can access your personal data as far as the purpose allows:
All responsible employees are obliged to maintain the confidentiality of your data. As a matter of principle, your personal data will not be passed on to third parties, unless we have legal permission or your consent has been obtained. Should we use a service provider for the purpose of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of the service provision.
Automated individual decision-making, including profiling
There are no automated individual decision procedures under Article 22 GDPR or other profiling measures within the meaning of Article 4 (4) GDPR.
Transfer to third countries
Your data will be processed exclusively within the European Union. There will be no transfer outside the Union. Should this become necessary, we will inform you of this in advance and ensure all necessary measures are taken to maintain an appropriate level of data protection.
Storage period and deletion
The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a matter of principle, we will only store your personal data for as long as this is permitted by the defined purpose or as required by law for reasons of proof.
We use on our website the features of the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you access our website, which includes the LinkedIn feature, you are connected to LinkedIn’s servers. To the best of our knowledge, your personal data will not be stored, in particular the IP address will not be stored or the usage behaviour evaluated.
Legal basis
The legal basis for the use of the LinkedIn plugin is Article 6 (1) (f) GDPR. We have a legitimate interest in the widest possible visibility in social media. For further information, please refer to the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.
On our website, we use the functions of the XING network, which are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time our website is accessed, a connection is established to XING servers. To the best of our knowledge, no personal data is stored, in particular, no evaluation of usage behavior is performed, and IP addresses are not stored.
Legal basis
The legal basis for the use of the XING plugin is Article 6 (1) (f) GDPR. We have a legitimate interest in the widest possible visibility in the social media.
Further information on data protection and the XING Share button can be found in the XING Privacy Policy at: https://www.xing.com/app/share?op=data_protection.
1. Contact details of the controller
According to Article 4 (7) in connection with Article 26 (1) sentence 1 GDPR
Facebook Ireland Ltd
4 Grand Canal Square
Dublin 2
Irland
and
blu Systems GmbH.
Keltenring 11
82041 Oberhaching
Legal representative: Rüdiger Veitl, Florian Forster
Phone: + 49 (89) 919290540
E-Mail: info@blusystems.de
Internet: https://blusystems.de/
2. Data protection officer
Our data protection officer can be reached via the following contact details:
blu Systems GmbH
Data protection officer
Keltenring 11
82041 Oberhaching
Phone: +49 89 919290560
E-Mail: datenschutz@blusystems.de
3. Purpose of the data processing
3.1 Purpose and legal basis of blu Systems GmbH.
We process your personal data for the purpose of optimising our service and, as the operator of the Facebook fan page, have no interest in the collection and further processing for analysis or marketing purposes.
The legal basis for the data processing of the data you have provided is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO.
3.2 Purpose and legal basis of Facebook
Legal basis and purposes of Facebook processing can be found at https://www.facebook.com/about/privacy/legal_bases and https://de-de.facebook.com/policy.php.
In particular, Facebook may process the following personal data:
Which personal data is processed depends primarily on which products are used.
3.3 Cookies
You can find out which cookies Facebook uses for which purposes at https://www.facebook.com/policies/cookies/.
3.4 Data processing for page insights
Page Insights are aggregated statistics generated from specific events logged by Facebook servers when people interact with Pages and the content associated with them. Statistical categories can be called up via the so-called “Insights” of the Facebook page. These statistics are generated and provided by Facebook, on which we as the operator of the fan page have no influence. You can find more information about this under:
You can address your inquiries in connection with page insights to: https://www.facebook.com/help/contact/308592359910928#_=_
4. Recipient of your personal data
4.1 blu Systems GmbH
An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes. All employees are obliged to maintain the confidentiality of your data.
4.2 Facebook
You can find out how Facebook transfers your personal data at: https://de-de.facebook.com/policy.php
5. Automated individual decision-making including profiling
There are no automated individual decision procedures according to Article 22 GDPR or other profiling measures according to Article 4 (4) GDPR by blu Systems GmbH. However, we point out that profiling is carried out by Facebook.
6. Transfer to third countries
Your data will be transferred to the USA or other third countries and processed for the purposes described. These data transfers are necessary to provide the services set forth in the Facebook and Instagram Terms of Use and to operate globally to deliver the products to users. Facebook uses the standard contractual clauses approved by the European Commission and relies on the adequacy decisions issued by the European Commission.
7. Storage period and deletion
The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a matter of principle, we will only store your personal data for as long as this is permitted by the defined purpose or as required by law for reasons of proof. Should we wish to store your data for a longer period as described above, we would ask you to confirm this in a voluntary declaration of consent. If you delete your search history on Facebook, the log of this search will only be deleted after 6 months. If you submit a copy of your official ID for account verification purposes, this copy will be deleted 30 days after submission.
8. Rights of the data subjects
As a data subject, you are entitled to the following rights:
If you wish to exercise your rights as a data subject, you should either contact Facebook directly, as Facebook is responsible for fulfilling the obligations (including Articles 12 and 13 GDPR, Articles 15 to 21 GDPR, Articles 33 and 34 GDPR), or contact datenschutz@blusystems.de.
If you have given your consent to the processing of your data, you can withdraw this consent at any time with effect for the future. The withdrawal of the consent shall not affect the lawfulness of processing based on the consent before its withdrawal.
9. Right to complaint to the supervisory authority
Note on complaints to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority – in particular with the Member State in which you are resident, in which you work or in which the alleged infringement occurred – if you believe that the processing of your personal data by us is in breach of the GDPR
Our responsible state office for data protection supervision (BayLDA)
Postal address: Po Box 606
91522 Ansbach
Germany
Online complaint form:
Contact the data protection officer for Facebook Ireland Ltd.
You also have the right to file a complaint with the lead regulator for Facebook Ireland, the Irish Data Protection Commission, 91522 or your local regulator.
The data controller with respect to your information is Facebook Ireland. You can contact this company either online at https://www.facebook.com/help/contact/2061665240770586 or at :
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland
9. Youtube
The company uses a Youtube channel to make its own videos accessible. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We have no control over the nature, extent and disclosure of the information processed by Google. You can find out more about this and the purposes of Google’s data processing at: https://policies.google.com/privacy?hl=de&gl=de#infocollect. We do not collect the data you voluntarily enter, such as user name.
Legal basis
The legal basis for the processing of personal data is Article 6 (1) (f) GDPR. We have a legitimate interest in achieving the greatest possible visibility in the social media.
You can obtain more information from Google’s privacy policy: https://policies.google.com/privacy?hl=de&gl=de
Internal recipients
An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes or to comply with legal obligations. All responsible employees are obliged to maintain the confidentiality of your data.
External recipients
Your personal data will only be passed on externally if this is necessary to process or handle your request, if another legal permission exists or if we have your consent.
A transfer to external parties can take place under the following circumstances:
a) data processor
A processor is any natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
b) public bodies and institutions
Authorities and state institutions, such as public prosecutors’ offices, hospitals, courts or tax authorities, to which we must transfer personal data for legally binding reasons The legal basis for the transfer is Article 6 (1) (c) GDPR.
Third country
It cannot be excluded that your personal data may be transferred to a third country. In doing so, we ensure that an adequate level of data protection is in place before your personal data is transferred, whether this is through an adequacy finding by the European Commission, through guarantees – EU standard contractual clauses.
For security reasons our website uses SSL encryption. This protects transmitted data and prevents it from being read by unauthorised third parties. You can recognise an encrypted connection by the fact that the address line of the browser changes from
“http://” to “https://” and by the lock symbol which is visible in your browser line.
An automated decision-making process including profiling according to Article 22 and Article 4 Nr. 4 GDPR does not take place on our website.
Your personal data will be deleted as soon as they are no longer required for the purpose for which they were collected, you request us to delete them or revoke your consent to their storage. Exceptionally, your personal data will only be stored to the extent required by the laws, regulations or other legal provisions to which we are subject. Data that has been stored by us for other purposes remains unaffected.
You have the following rights in relation to the personal data concerning you:
If you have given your consent to the processing of your data, you can withdraw this consent at any time with effect for the future. The withdrawal of the consent shall not affect the lawfulness of processing based on the consent before its withdrawal.
For this purpose you can send an informal notification by e-mail to: datenschutz@blusystems.de
Note on complaints to a supervisory authority
Without prejudice to any other administrative or judicial remedy, the person concerned shall have the right to appeal to the competent supervisory authority. This depends on the state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Our competent state office for data protection supervision (BayLDA)
Postal address:
PO Box 606
91522 Ansbach
Germany
Online complaint form: