Suche:

blu Gruppe

blu Gruppe has realized an efficient business model that facilitates first-class services, high employee motivation and an excellent cost structure. An ongoing intensive communication and cooperation with our subsidiaries is highly emphasized. The services of blu Gruppe focus on IT consulting and solutions for corporate functions within large companies and corporations, mainly in the fields of Finance, Automotive, Healthcare, Telco and IT.

blu Professionals GmbH

blu Systems GmbH

blu BEYOND GmbH

blu Gruppe AG

Privacy Policy

The principles of fair and transparent data processing require that the data subject be informed of the existence of the processing operation and its purposes. The confidentiality and integrity of your personal data is of particular concern to us. We will therefore process and use your personal data carefully and appropriately in accordance with your consent and in compliance with the legal provisions on data protection.

The right to protection of personal data is not an unlimited right. It must be seen in the light of its social function and weighed against other fundamental rights, while respecting the principle of proportionality.

Personal data is any information relating to an identified or identifiable natural person. Data subjects are identifiable if they can be assigned directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, online identification or one or more special features (Article 4 (1) GDPR). 

This data protection notice describes how we collect, process and use your personal data when you visit our website. You will find more detailed information in the following sections:

Who is responsible for the data processing?

Responsible for the data processing on this website (i.e. the “controller”) in accordance with Article 4 (7) GDPR:

blu Systems GmbH
Keltenring 11
82041 Oberhaching 
Phone: + 49 (89) 919290540
E-Mail: info@blusystems.de
Internet: https://www.blusystems.de/

How to contact our data protection officer?

Our data protection officer can be reached via the following contact details: 

blu Systems GmbH
Data protection officer 
Keltenring 11
82041 Oberhaching 
Phone: +49 89 919290560 
E-Mail: datenschutz@blusystems.de 
Internet: https://www.blusystems.de/

Data collection on our website

Cookies 

Purpose of the data processing

We use cookies to make the use of our website more attractive, user-friendly and effective. These are small text files that are stored on your end device and contain information about the websites you visit. Cookies do not cause any damage to your computer and also do not contain viruses.  

By making appropriate changes to your browser settings, you can be informed about the setting of cookies and decide individually whether to accept them or to generally exclude them, as well as arrange for the automatic deletion of cookies when the browser window is closed. By deactivating cookies, you may not be able to use all functions of our website. 

If your browser settings or consent allow us to use cookies, the following cookies may be used on our website:

Display first/third party cookies
Name
Purpose
Expiration Date
First party cookies:
 
 
cookielawinfo-checkbox-necessary
This cookie is used to ensure the functionality of the cookie banner on the website
1 hour
cookielawinfo-checkbox-non-necessary
This cookie is used to ensure the functionality of the cookie banner on the website 1 year
1 year
viewed-cookie-policy
This cookie is used to guarantee the functionality of the cookie banner on the website
1 year
Third party cookies:
 
 
_ga
This cookie is used to ensure the control function to distinguish users
2 years
_gat
This cookie is used to slow down the speed of requests or data collection on busy websites
End of session
_gid
This cookie is used to distinguish the users
5 days
PHPSESSID
This cookie is used to recognize the user
7 days

Legal basis 

The legal basis for the processing of this data is Article  6 (1) (f) GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services.

Server log files

Whenever our website is accessed, our system automatically collects information and stores it in so-called server log files.

The following data is collected by us:

  • Browser type and version used 
  • IP-adress 
  • Operating system used
  • Referrer URL 
  • Time and date of the server request 

Purpose of data processing/duration of storage 

The storage of the above mentioned data in the log files is done to ensure the functionality of our website. In addition, this data serves us to optimize our website and to ensure the security of our information technology systems. This data is deleted after 14 days.

Legal basis for data processing 

The legal basis for the processing of this personal data is Article 6 (1) (f) GDPR. 

Recipient

The recipient of this data is our server host, with whom a processing contract within the meaning of Article 28 GDPR has been concluded.

Google Analytics

We use Google Analytics on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. As a rule, the information generated by cookies on the use of our website is transferred to a Google server in the USA and stored there.

Legal basis

The legal basis for the processing of personal data is Article 6 (1) (f) GDPR.

We have a legitimate interest in using Google Analytics to analyse user behaviour on our website in order to improve our website continuously.

The stored data is only stored as long as it is necessary for the intended purpose or as long as it must be kept in accordance with the statutory periods.

Google Analytics IP anonymization

Furthermore, we only use Google Analytics on our website with activated IP anonymisation. As a result, your IP address is shortened by Google within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and only shortened there. We have also concluded a data processing agreement with Google. Google processes these data on our behalf and thereby enables us to evaluate the use of the website by the users, to create reports on the website activities and to collect further information connected with the use of the website and the internet. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other Google data.

By adjusting your browser-software accordingly, you can prevent the storage of cookies. However, we would like to point out that in this case you may not be able to use all functions of our website as a whole. Furthermore, you have the possibility to prevent the collection of data generated by cookies and related to your use of the website to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Objection to data collection

By clicking on the following link to deactivate the collection of data by Google Analytics for this website, you can prevent Google Analytics from collecting your data. An opt-out cookie will be set to prevent the collection of your information on future visits of our website. The opt-out cookie only applies to the internet browser used when setting it and only to our website and is stored on your end device. If you delete the cookies in the Internet browser, you will have to set the opt-out cookie again.

Further information on how Google Analytics handles user data can be found in the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Contact options

How can you get in touch with us?

Purpose of data processing 

Contact us directly

You have the possibility to contact us at any time by post, telephone, fax or e-mail. To be able to process your contact request, we may store your communication (e.g. telephone number, email) and identification data (e.g. name, address).

Legal basis 

If the request aims at the conclusion of a contract or is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Article 6 (1) (b) GDPR.

In all other cases the processing is based on our legitimate interest Article 6 (1) (f) GDPR) in the effective processing of the enquiries addressed to us.

Contact Form 

Purpose of data processing 

There is a contact form on our website. If you contact us via the contact form with questions of any kind, you give us your voluntary consent for the purpose of contacting us. In this case, the personal data transmitted with the inquiry (last name, e-mail address and telephone number) will be stored.

These data will not be passed on without your consent.

Legal basis 

The legal basis for the processing of the data provided by you in the contact form is exclusively based on your consent (Art. 6 para. 1 letter a GDPR). If the request is aimed at the conclusion of a contract or if it is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

In all other cases the processing is based on our legitimate interest (Art. 6 para. 1 letter f GDPR) in the effective processing of the inquiries addressed to us.

Microsoft Teams 

We use Microsoft Teams, a service provided by Microsoft Corporation, to conduct telephone and video conferences, online meetings and/or online seminars. If online meetings/online seminars are to be recorded, we will inform you of this before the start of the online meeting/online seminar and – if necessary – ask for (verbal) consent. If you do not wish a recording to be made, you can leave the Online-Meeting/Online-Seminars. The following personal data may be processed:

  • User details: Display name, e-mail address, profile picture (optional), preferred language
  • Meeting metadata: e.g. date, time, meeting ID, phone number, location
  • Text, audio and video data: You may be able to use the chat function in an online meeting/online seminar. In this case, the text entries you make will be processed to display them in the Online Meeting/Online Seminars.

The scope of the data depends on the information you provide before or during participation in the Online Meeting/Online Seminars.

In addition, an adequacy decision in accordance with Article 45 GDPR has been issued for data transfer to the USA.

Legal basis for online meetings 

The legal basis for the processing is our legitimate interest in an attractive design of our online seminar, Art. 6 para. 1 lit. f) DSGVO.

During the online seminar, the registration names of all participants as well as the generated communication contents will be displayed and can be viewed by the other participants of the online seminar. The communication contents are stored for documentation purposes. If necessary, the online seminar is recorded and then made available to the participants.

Legal basis for online seminars 

The legal basis for the processing is our legitimate interest in an attractive design of our online seminar, Art. 6 para. 1 lit. f) DSGVO.

During the online seminar, the registration names of all participants as well as the generated communication contents will be displayed and can be viewed by the other participants of the online seminar. The communication contents are stored for documentation purposes. If necessary, the online seminar is recorded and then made available to the participants.

Google Web Fonts 

Purpose of the data processing 

To display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/ ) on our website.

Google Web fonts are cached in your browser to avoid multiple loading. If your browser does not support Google Web Fonts or prevents access, content will be displayed in a default font. 

Calling up script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible – although it is currently unclear whether and for what purposes – that the operators of such libraries collect data. 

The privacy policy of the library operator Google can be found here:   

https://www.google.com/policies/privacy/

Legal basis 

The legal basis for data processing is Article 6 (1) (f) GDPR. Our legitimate interest results from our need for an attractive presentation of our online offer.

Google Ads 

Purpose of the data processing 

Our website uses the online advertising program Google Adwords service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and within Google AdWords the conversion tracking. When you click on an ad placed by Google, a conversion tracking cookie is set. Cookies are text files that are stored on your computer and enable an analysis of the use of the websites you visit. These cookies usually expire after 30 days and are therefore no longer used to personally identify users. However, if the cookie has not expired and you visit certain pages of our website, Google and we can recognize that you have clicked on the advertisement and have been forwarded to this page. Each Google AdWords customer receives a different cookie. A tracking of the cookies is therefore not possible via the website of AdWords customers. The information collected through the conversion cookie is used to compile conversion statistics for AdWords customers who have opted-in to conversion tracking. This allows customers to know the total number of users who clicked on your ad and were redirected to a page with a conversion tracking tag. However, you will not receive information that personally identifies users – you can opt-out of tracking by changing your browser software settings. You will not be included in the conversion tracking statistics.

Legal basis 

The legal basis for the described processing of personal data is Art. 6 para. 1 letter f GDPR. We have a legitimate interest in improving our website.

Newsletter

Purpose of the data processing 

We use rapidmail on our website to send you newsletters. In doing so, we process your e-mail address for the purpose of sending the newsletter you have subscribed to. To optimize our e-mail campaigns, we track the life cycle of the e-mail (opening by recipient).  Only through this function is it possible for us to optimize newsletters and send them in a targeted manner.

For further information, please refer to the privacy policy of rapidmail: https://www.rapidmail.de/datenschutz

Legal basis 

The legal basis for the processing of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Order processing contract 

We have concluded a contract for the processing of orders within the meaning of Article 28 GDPR with rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg, in which we oblige rapidmail GmbH to protect the data of our customers and not to pass them on to third parties. rapidmail is a German, certified newsletter software provider which has been carefully selected in accordance with the requirements of the GDPR and the BDSG (Federal Data Protection Act (FDPA)).

Revocation

You can revoke your consent to the storage of your data at any time without affecting the legality of the processing already carried out. To do so, simply unsubscribe here or click on the “unsubscribe link in the next newsletter.

Storage period

The data will be deleted as soon as they are no longer required for the purpose for which they were collected, as soon as you request us to delete them or as soon as you revoke your consent to their storage. Data that has been stored by us for other purposes remains unaffected.

Events (online and presence)

Purpose of the processing

The data processing is carried out for the purpose of registration, receipt, organisation and implementation of the event. Photos or video recordings made during the event may be processed for public relations purposes and published on the Internet or in our publications.

Legal basis of the processing

Data processing is carried out on the basis of Article 6 (1) (b) GDPR and on the basis of Article 6 (1) (f) GDPR. If you have given us your consent to process photos and video recordings for the above-mentioned purposes, the data processing will be carried out on the basis of Article 6 (1) (a) GDPR. You may withdraw the consent you have given at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Recipient of the data

An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes or to comply with legal obligations.

The following companies within blu Gruppe can access your personal data as far as the purpose allows:

  • blu BEYOND GmbH
  • blu Pro­fes­sio­nals GmbH
  • blu Eye GmbH

All responsible employees are obliged to maintain the confidentiality of your data. As a matter of principle, your personal data will not be passed on to third parties, unless we have legal permission or your consent has been obtained. Should we use a service provider for the purpose of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of the service provision.

Automated individual decision-making, including profiling

There are no automated individual decision procedures under Article 22 GDPR or other profiling measures within the meaning of Article 4 (4) GDPR.

Transfer to third countries

Your data will be processed exclusively within the European Union. There will be no transfer outside the Union. Should this become necessary, we will inform you of this in advance and ensure all necessary measures are taken to maintain an appropriate level of data protection.

Storage period and deletion

The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a matter of principle, we will only store your personal data for as long as this is permitted by the defined purpose or as required by law for reasons of proof.

Social Media

LinkedIn 

We use on our website the features of the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you access our website, which includes the LinkedIn feature, you are connected to LinkedIn’s servers. To the best of our knowledge, your personal data will not be stored, in particular the IP address will not be stored or the usage behaviour evaluated. 

Legal basis 

The legal basis for the use of the LinkedIn plugin is Article 6 (1) (f) GDPR. We have a legitimate interest in the widest possible visibility in social media. For further information, please refer to the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.

Xing 

On our website, we use the functions of the XING network, which are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time our website is accessed, a connection is established to XING servers. To the best of our knowledge, no personal data is stored, in particular, no evaluation of usage behavior is performed, and IP addresses are not stored.  

Legal basis 

The legal basis for the use of the XING plugin is Article 6 (1) (f) GDPR. We have a legitimate interest in the widest possible visibility in the social media.

Further information on data protection and the XING Share button can be found in the XING Privacy Policy at: https://www.xing.com/app/share?op=data_protection.

Facebook

1. Contact details of the controller

According to Article 4 (7) in connection with Article 26 (1) sentence 1 GDPR

Facebook Ireland Ltd
4 Grand Canal Square
Dublin 2
Irland

and 

blu Systems GmbH. 

Keltenring 11 

82041 Oberhaching 

Legal representative: Rüdiger Veitl, Florian Forster  

Phone: + 49 (89) 919290540

E-Mail: info@blusystems.de 

Internet: https://www.blusystems.de/  

2. Data protection officer

Our data protection officer can be reached via the following contact details:

blu Systems GmbH

Data protection officer

Keltenring 11

82041 Oberhaching

Phone: +49 89 919290560 

E-Mail: datenschutz@blusystems.de 

3. Purpose of the data processing 

3.1  Purpose and legal basis of blu Systems GmbH.

We process your personal data for the purpose of optimising our service and, as the operator of the Facebook fan page, have no interest in the collection and further processing for analysis or marketing purposes.

The legal basis for the data processing of the data you have provided is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO.

3.2 Purpose and legal basis of Facebook

Legal basis and purposes of Facebook processing can be found at https://www.facebook.com/about/privacy/legal_bases and https://de-de.facebook.com/policy.php.

In particular, Facebook may process the following personal data:

  • User interaction
  • Ip-adress
  • Device information
  • Information from partners
  • Information about networks, connections and usage
  • Cookies
  • Demographic characteristics (federal state, gender, age, etc.)

Which personal data is processed depends primarily on which products are used.

3.3 Cookies

You can find out which cookies Facebook uses for which purposes at https://www.facebook.com/policies/cookies/.

3.4 Data processing for page insights

Page Insights are aggregated statistics generated from specific events logged by Facebook servers when people interact with Pages and the content associated with them. Statistical categories can be called up via the so-called “Insights” of the Facebook page. These statistics are generated and provided by Facebook, on which we as the operator of the fan page have no influence. You can find more information about this under:

https://www.facebook.com/legal/terms/information_about_page_insights_data

You can address your inquiries in connection with page insights to: https://www.facebook.com/help/contact/308592359910928#_=_

4. Recipient of your personal data

4.1 blu Systems GmbH

An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes. All employees are obliged to maintain the confidentiality of your data.

4.2 Facebook

You can find out how Facebook transfers your personal data at: https://de-de.facebook.com/policy.php

5. Automated individual decision-making including profiling

There are no automated individual decision procedures according to Article 22 GDPR or other profiling measures according to Article 4 (4) GDPR by blu Systems GmbH. However, we point out that profiling is carried out by Facebook.

6. Transfer to third countries

Your data will be transferred to the USA or other third countries and processed for the purposes described. These data transfers are necessary to provide the services set forth in the Facebook and Instagram Terms of Use and to operate globally to deliver the products to users. Facebook uses the standard contractual clauses approved by the European Commission and relies on the adequacy decisions issued by the European Commission.

7. Storage period and deletion

The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a matter of principle, we will only store your personal data for as long as this is permitted by the defined purpose or as required by law for reasons of proof. Should we wish to store your data for a longer period as described above, we would ask you to confirm this in a voluntary declaration of consent. If you delete your search history on Facebook, the log of this search will only be deleted after 6 months. If you submit a copy of your official ID for account verification purposes, this copy will be deleted 30 days after submission.

8. Rights of the data subjects

As a data subject, you are entitled to the following rights:

  • Right of access by the data subject (Art. 15 DSGVO)
  • Right to rectification (Art. 16 DSGVO)
  • Right to erasure (Art. 17 DSGVO)
  • Right to restriction of processing (Art. 18 DSGVO)
  • Right of notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 DSGVO)
  • Right to data portability (Art. 20 DSGVO)
  • Right to object (Art. 21 DSGVO)
  • Right in relation to automated individual decision-making, including profiling (Art. 22 DSGVO)
  • Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO)

If you wish to exercise your rights as a data subject, you should either contact Facebook directly, as Facebook is responsible for fulfilling the obligations (including Articles 12 and 13 GDPR, Articles 15 to 21 GDPR, Articles 33 and 34 GDPR), or contact datenschutz@blusystems.de.

If you have given your consent to the processing of your data, you can withdraw this consent at any time with effect for the future. The withdrawal of the consent shall not affect the lawfulness of processing based on the consent before its withdrawal.

9. Right to complaint to the supervisory authority

Note on complaints to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority – in particular with the Member State in which you are resident, in which you work or in which the alleged infringement occurred – if you believe that the processing of your personal data by us is in breach of the GDPR

 

Our responsible state office for data protection supervision (BayLDA)

Postal address: Po Box 606 
91522 Ansbach 
Germany 

Online complaint form: 

https://www.lda.bayern.de/de/beschwerde.html

Contact the data protection officer for Facebook Ireland Ltd.

You also have the right to file a complaint with the lead regulator for Facebook Ireland, the Irish Data Protection Commission, 91522 or your local regulator.

The data controller with respect to your information is Facebook Ireland. You can contact this company either online at https://www.facebook.com/help/contact/2061665240770586 or at :

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

9. Youtube

The company uses a Youtube channel to make its own videos accessible. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We have no control over the nature, extent and disclosure of the information processed by Google. You can find out more about this and the purposes of Google’s data processing at: https://policies.google.com/privacy?hl=de&gl=de#infocollect. We do not collect the data you voluntarily enter, such as user name.

Legal basis

The legal basis for the processing of personal data is Article 6 (1) (f) GDPR. We have a legitimate interest in achieving the greatest possible visibility in the social media.

You can obtain more information from Google’s privacy policy: https://policies.google.com/privacy?hl=de&gl=de   

Who gets your data?

Internal recipients 

An internal transfer of your personal data will only take place to fulfil the above-mentioned purposes or to comply with legal obligations. All responsible employees are obliged to maintain the confidentiality of your data.

External recipients  

Your personal data will only be passed on externally if this is necessary to process or handle your request, if another legal permission exists or if we have your consent.

A transfer to external parties can take place under the following circumstances:

a) data processor 

A processor is any natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

b) public bodies and institutions

Authorities and state institutions, such as public prosecutors’ offices, hospitals, courts or tax authorities, to which we must transfer personal data for legally binding reasons The legal basis for the transfer is Article 6 (1) (c) GDPR.

Third country 

It cannot be excluded that your personal data may be transferred to a third country. In doing so, we ensure that an adequate level of data protection is in place before your personal data is transferred, whether this is through an adequacy finding by the European Commission, through guarantees – EU standard contractual clauses.

SSL-Encryption

For security reasons our website uses SSL encryption. This protects transmitted data and prevents it from being read by unauthorised third parties. You can recognise an encrypted connection by the fact that the address line of the browser changes from

“http://” to “https://” and by the lock symbol which is visible in your browser line.

Automated decision-making and profiling

An automated decision-making process including profiling according to Article 22 and Article 4 Nr. 4 GDPR does not take place on our website.

How long will your data be stored?

Your personal data will be deleted as soon as they are no longer required for the purpose for which they were collected, you request us to delete them or revoke your consent to their storage. Exceptionally, your personal data will only be stored to the extent required by the laws, regulations or other legal provisions to which we are subject. Data that has been stored by us for other purposes remains unaffected.

What are your rights?

You have the following rights in relation to the personal data concerning you:

  • Right of access by the data subject, (Art. 15 DSGVO) 
  • Right to rectification, (Art. 16 DSGVO)
  • Right to erasure (Art. 17 DSGVO)
  • Right to restriction of processing (Art. 18 DSGVO)
  • Right of notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 DSGVO)
  • Right to data portability (Art. 20 DSGVO)
  • Right to object (Art. 21 DSGVO)
  • Right in relation to automated individual decision-making, including profiling (Art. 22 DSGVO)
  • Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO)

If you have given your consent to the processing of your data, you can withdraw this consent at any time with effect for the future. The withdrawal of the consent shall not affect the lawfulness of processing based on the consent before its withdrawal.

For this purpose you can send an informal notification by e-mail to: datenschutz@blusystems.de   

Note on complaints to a supervisory authority 

Without prejudice to any other administrative or judicial remedy, the person concerned shall have the right to appeal to the competent supervisory authority. This depends on the state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html  

Our competent state office for data protection supervision (BayLDA)

Postal address: 

PO Box 606 
91522 Ansbach 
Germany 

Online complaint form: 

https://www.lda.bayern.de/de/beschwerde.html