Data Protection Statement

Name and Contact Details of the Data Controller:

Quanos Solutions GmbH
Hugo-Junkers-Str. 15-17 | D-90411 Nuremberg;

Tel: +49 911 / 99097 - 0 | Fax: +49 911 / 99097 - 102
Email: info@quanos-solutions.com

 

Name and Contact Details of the Data Protection Officer:

Nicola Scholz-Recht, Solicitor

MG & P – Meinhardt, Gieseler & Partner mbB
Rathenauplatz 4-8
D-90489 Nuremberg

Tel: 0911 / 580 560 - 0
Email: scholz-recht@mgup.de

 

 

1. Collection and Recording of Personal Data and Nature and Purpose of the Data Usage

1.1 Visits to Our Website

Every time you visit our website or download a file, data about this activity is recorded by us/our service provider/hosting service and saved in a log file. The personal data will be anonymized to domain level by means of the truncation of your IP address, and then transmitted to us, within a maximum of seven days. The following information is recorded in the process, and stored until it is automatically deleted:

  • name of the file downloaded
  • date and time of the download
  • volume of data transferred
  • page from which the file was requested (referrer URL)
  • pages you have called up from our website
  • access status (file transferred, file not found, etc.)
  • web browser and operating system used
  • name of the service provider
  • full IP address of the computer making the request
  • notification of download success or failure.

The data specified is used for the following purposes:

  • to ensure a smooth connection with the website
  • to ensure ease of use of the website
  • for technical security reasons, in particular to prevent attacks on our web server
  • to evaluate system security and system stability
  • for administrative purposes.

The legal basis for the data processing is the first sentence of Article 6(1)(f) GDPR. Our legitimate interest derives from the data protection purposes listed above. Under no circumstances do we use the data collected to draw any conclusions about your personal identity. When you visit our website, we also use cookies and analytics services. Further details of these may be found in sections 3 and 4 of this Data Protection Statement.

 

1.2 Forms on Our Website

At various points on our website, we request information from you via forms. This is necessary to facilitate contact with you, to provide you with access to exclusive content, or to plan events. To do so, we require your explicit consent on every occasion, in accordance with the first sentence of Article 6(1)(a) GDPR.

User details may be stored in our customer relationship management system and marketing automation platform (“CRM & Marketing System”) or comparable inquiry system.

We use the CRM, registration, and marketing automation system “HubSpot”, supplied by HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) with subsidiaries in Ireland (One Dockland Central, Dublin 1, Republic of Ireland) and Germany (Unter den Linden 26, 10117 Berlin, Germany), on the basis of our legitimate interests (fast and efficient processing of user inquiries, applications, and optimization of our online provision). For this purpose, we have agreed a contract with standard contractual clauses, in which HubSpot undertakes only to process user data in accordance with our instructions and in compliance with EU data protection standards. Furthermore, HubSpot is certified under the Privacy Shield agreement, thereby offering an additional guarantee of compliance with European data protection law (https://www.privacyshield.gov/list). Further information on HubSpot’s data protection guidelines are available here: https://legal.hubspot.com/privacy-policy

Our registration service enables users of our website to find out more about our company, download content, and provide their contact information and additional demographic details. This information is stored on the servers of our software partner HubSpot. All the information recorded by us is subject to this data protection regulation.

Personal data collected is deleted at the end of the legally mandated retention period. Where applicable, we may forward personal data within Quanos Solutions Group for the processing of your inquiry by the appropriate colleague. You may withdraw your consent to the processing of your data at any time. To do so, simply click on the “Unsubscribe” button in our emails. Alternatively, you can send a request to unsubscribe to info@quanos-solutions.com at any time.

 

2. Onward Transmission of Data

Your personal data will not be transferred onwards to third parties outside of Quanos Solutions for purposes other than those specified below. We will only transmit your personal data to third parties if:

  • you have given your explicit consent in accordance with the first sentence of Article 6(1)(a) GDPR
  • transmission is required for the establishment, exercise, or defense of legal claims, in accordance with the first sentence of Article 9(2)(f) GDPR, and no grounds exist to suppose that you have an overriding and legitimate interest in the non-transmission of your data
  • transmission is necessary in order to comply with a legal obligation, in accordance with the first sentence of Article 6(1)(c) GDPR, and/or
  • transmission is required for the performance of a contract with you, in accordance with the first sentence of Article 6(1)(b) GDPR.

 

3. Cookies

We use cookies at several points on our web pages. Cookies are small text files that are placed on your computer and are stored by your browser. Cookies serve to make our service more user-friendly and secure.

We use session cookies. These are automatically deleted when the browser session is ended.

We also use cookies that are placed permanently on your browser. You will only see the notification that cookies are being used on our website again after you have deleted these cookies. Cookies do not damage your server, and do not contain any viruses, trojans, or other malware.

The data processed by cookies is required for the purposes stated, on the basis of our legitimate interests or those of third parties, in accordance with the first sentence of Article 6(1)(f) GDPR.

By visiting and using the Quanos Solutions website, you are consenting to the usage and storage of cookies.

 

Opt-Out Options and Consequences:

You can deactivate or restrict the transmission of cookies by modifying your browser settings. You can delete cookies which have already been stored at any time.

If you deactivate cookies for our website, you may not be able to make full use of the functionality of our website.

 

4. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses cookies, text files that are stored on your computer and facilitate analysis of your website usage. The information about your use of this website generated by the cookie is usually transmitted to a Google server in the United States and stored there. This website uses Google Analytics with the extension “_anonymizeIp()”. This means that the IP address is truncated beforehand within member states of the European Union or other states which are signatories to the European Economic Area Agreement. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and then abbreviated there. Google uses this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to perform further services for the website operator relating to the webpages and to internet usage. The IP address transmitted by your browser during the deployment of Google Analytics will not be combined with other Google data. You can prevent cookies from being stored by using appropriate browser settings; please note, however, that if you do this, you may not be able to benefit from the full functionality of this website. You can, moreover, withdraw your consent for Google to record the data (inc. your IP address) relating to your use of the website generated by the cookie, or to process this in future, at any time by downloading and installing the browser plugin available under the following address: tools.google.com/dlpage/gaoptout.

Further information relating to the terms of usage and data protection is available under: www.google.com/analytics/terms/us.htmland https://policies.google.com/?hl=en&gl=en.

5. Heap Analytics

We use the web analytics service provided by Heap Analytics Inc., 116 Natoma Street 3rd Floor, San Francisco, CA 94105, USA, on the basis of our legitimate interest in the statistical analysis of user behavior for optimization purposes, in accordance with Article 6(1)(f) GDPR.

Heap Analytics logs page views and activities in our web applications by using cookies. Heap Analytics conducts its analysis on an exclusively anonymous basis, using anonymized IP addresses and cookies which are not combined with other Heap Analytics data and/or personal data.

Further information relating to data protection at Heap Analytics is available under:www.heapanalytics.com/privacy. Heap Analytics offers every user the option to prevent the use of the tool by using a “Do Not Track” header, meaning that no data is recorded about the visit to the respective website. This is a setting that is supported by the current versions of all usual browsers. Your browser sends Heap Analytics a request to deactivate tracking of the relevant user. If you use different browsers/computers to access our web applications, you will need to set up a “Do Not Track” header for each of these separately.

 

6. Leadinfo

We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands. This uses IP addresses to recognize companies visiting our website, and provides us with publicly available information about these, for example company names or addresses. Leadinfo also places two first-party cookies to evaluate user behavior on our website, and processes domains from form inputs (e.g. “Leadinfo.com”) in order to correlate IP addresses with companies and to improve the services. Further information is available under www.leadinfo.com. To opt out, please see: www.leadinfo.com/en/opt-out. If you choose to opt out, your data will no longer be recorded by Leadinfo.

7. Quanos InfoTwin

When using our modular cloud solution InfoTwin, we store your logging data each time you access the application, i.e. IP address, date and time and the URL accessed. After 10 days, this data is automatically deleted. The legal basis for the storage is Art. 6 para. 1 lit. f GDPR because the storage is necessary for reasons of system security and stability as well as for traceability.

In addition, we store the user ID, authorisation, month and year for each registration. After 4 years, this data is automatically deleted. The legal basis for the storage is Art. 6 para. 1 lit. b GDPR, because the stored data is the basis for commercial billing.

In addition, please refer to the information in Chapters 5. Heap Analytics and 19. UserGuiding.

 

8. Audio and Video Conferencing

Data Processing

To communicate with our customers, we use tools including online conferencing. The tools we use are listed below. If you communicate with us via online video or audio conferencing, your personal data will be recorded and processed by us and by the provider of the respective conferencing tool.

The conferencing tools record all the data that you provide/input to use the tools (email address and/or telephone number). Conferencing tools also process the duration of the conference, the start and end times of conference participation, the number of participants, and other “contextual information” in conjunction with the communication process (metadata).

Furthermore, the tool providers process all the technical data which is required for the online communication to proceed. This data includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker, and type of connection.

Insofar as content is exchanged, uploaded, or provided in any other manner within the device, this will also be stored on the tool provider’s servers. This content includes in particular cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during your use of the service.

Please note that we do not have comprehensive influence over data processing by these tools. Our options are largely determined by the company policies of the respective providers. Further information on data processing by the conferencing tools is available within the data protection declaration for each respective tool, which we have included below. 

 

Purpose and Legal Basis

The conferencing tools are used to communicate with prospective or existing contractual partners or to offer particular services to our customers (first sentence of Article 6(1)(b) GDPR). Furthermore, the tools are used to simplify and accelerate communication with us and/or our company (legitimate interest in the sense of Article 6(1)(f) GDPR). Insofar as consent is requested, the relevant tools are used on the basis of this consent (first sentence of Article 6(1)(a) GDPR); this consent may be revoked at any time with future effect. 

 

Retention Duration

The data recorded directly by us via the video and conferencing tools will be deleted from our systems as soon as you request this, revoke your consent to storage, or the purpose for which the data is being stored no longer applies. Saved cookies will remain on your end device until you delete them. This does not affect mandatory legal retention periods.

We have no influence over the period for which data is stored by the conferencing tool operators for their own purposes. For specific details of these periods, please contact the conferencing tool operators directly.

 

8.1 Conferencing Tools Used

We use the following conferencing tools:

 

8.1.1 Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

When you use Microsoft Teams, various different types of data are processed. The scope of the data also depends on the information you enter before or during participation in an online meeting.

The following personal data are the object of processing:

Details of the user: e.g. display name, where applicable email address, profile picture (optional), preferred language.

Meeting metadata: e.g. date, time, meeting ID, telephone numbers, location.

Text, audio, and video data: You have the option (where applicable) to use the chat function in an online meeting. Any text that you enter will be processed in order to be displayed in the online meeting. To enable the video to be displayed and audio to be heard, the data from the microphone and video camera (if applicable) in your end device is accordingly processed for the duration of the meeting. You can turn off the camera or mute the microphone yourself at any time via the Microsoft Teams applications.

For details of data processing, see the Microsoft Teams data protection declaration under: https://privacy.microsoft.com/en-GB/en-en/privacystatement.

 

8.1.2 GoTo Webinar

We also use GoTo Webinar to conduct teleconferences, online meetings, video conferences and/or webinars. The provider is LogMeIn Inc., 10 Hanover Quay, Dublin 2, D02R573, Republic of Ireland.

When you use GoTo Webinar, various different types of data are processed. The scope of the data also depends on the information you enter before or during participation in an online meeting.

The following personal data are the object of processing:

Details of the user: e.g. display name, where applicable email address, profile picture (optional), preferred language.

Meeting metadata: e.g. date, time, meeting ID, telephone numbers, location.

Text, audio, and video data: You have the option (where applicable) to use the chat function in an online meeting. Any text that you enter will be processed in order to be displayed in the online meeting. To enable the video to be displayed and audio to be heard, the data from the microphone and video camera (if applicable) in your end device is accordingly processed for the duration of the meeting. You can turn off the camera or mute the microphone yourself at any time via the Microsoft Teams applications.

For details of data processing, see the GoTo data protection declaration under:

https://www.goto.com/en/company/legal/privacy/international

 

8.1.3 Online Conferencing via “SCOOCS”

8.1.3.1 Purpose of the Processing

We use the tool SCOOCS to conduct online conferences. SCOOCS is a service of SCOOCS OÜ, which is based in Estonia.

 

8.1.3.2 Data Controller

The data controller for data processing relating directly to the conduct of online conferences is Quanos Content Solutions GmbH.

Note: If you open the SCOOCS webpage, the provider of SCOOCS is responsible for the data processing.

 

8.1.3.3 Which data are processed?

When you use SCOOCS, various different types of data are processed. The scope of the data also depends on the information you enter before or during participation in an online conference.

The following personal data are the object of processing:

User details: first name, family name, telephone (optional), email address, password (if not using “single sign-on”), profile picture (optional), department (optional).

Meeting metadata: topic, description (optional), participant ID addresses, device/hardware information.

When recording (optional): MP4 files of all video, audio, and presentation recordings, M4A files of all audio recordings, text files of online meeting chats.

Text, audio, and video data: You have the option (where applicable) to use the chat, question, or survey function in an online meeting. Any text that you enter will be processed in order to be displayed in the online conference and (where applicable) logged. To enable the video to be displayed and audio to be heard, the data from the microphone and video camera (if applicable) in your end device is accordingly processed for the duration of the meeting. You can turn off the camera or mute the microphone yourself at any time via the SCOOCS applications.

To participate in an online conference or enter the “meeting room”, you must provide your name and email address as a minimum.

 

8.1.3.4 Scope of the Processing

We use SCOOCS to conduct online conferences. If we wish to record an online conference, we will communicate this to you transparently beforehand and – if required – will request your consent. The SCOOCS app will also alert you that recording is taking place.

If required for the purpose of minuting the results of an online conference, we will log the chat content.
For the purposes of recording and revision, we may also process questions asked by conference participants.

If you are registered as a user with SCOOCS, then reports on online conferences (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) may be stored with SCOOCS for up to one month.

We do not use automated decision-making in the sense of Article 22 GDPR.

 

8.1.3.5 Data Recipients/Onward Transmission of Data

In principle, personal data that is processed in connection with participation in online conferences is not transmitted to third parties unless the data is specifically intended to be transmitted. Please note that content from online conferences, just like face-to-face meetings, often serves to communicate information to customers, interested parties, or third parties, and is therefore intended to be transmitted onwards.

Additional recipients: The provider of SCOOCS is necessarily aware of the data listed above, to the extent that this is provided for in our data processing agreement with SCOOCS.

 

9. YouTube with Enhanced Data Protection

This website incorporates videos from YouTube. The operator of the site is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Republic of Ireland.

We use YouTube in an enhanced data protection mode. According to YouTube, this mode means that no data about visitors to this website is stored before they view the video. However, the enhanced data protection mode does not absolutely exclude the transmission of data to YouTube partners. Irrespective of whether or not you view a video, YouTube establishes a connection to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection is established to YouTube’s servers. In the process, the YouTube server is informed as to which of our pages you have visited. If you are logged into your YouTube account or to another Google service, you enable YouTube to connect your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account or other Google service.

YouTube may also place various cookies or comparable recognition technologies (e.g. device fingerprinting) on your end device once the video has been started. This enables YouTube to collect non-identifying information about visitors to this website. This information is used, amongst other purposes, to compile video statistics, to improve user-friendliness, and to prevent attempted fraud.

Where applicable, additional data processing actions, over which we have no influence, may be triggered after a YouTube video is started.

We use YouTube in the interests of presenting our online services in an attractive manner. This constitutes a legitimate interest in the sense of Article 6(1)(f) GDPR. Insofar as your corresponding consent is requested, the processing takes place exclusively on the basis of Article 6(1)(a) GDPR; you can withdraw your consent at any time.

For further information about data protection at YouTube, please see the YouTube data protection declaration under: https://policies.google.com/privacy?hl=en.

 

10. OpenStreetMap

We sometimes display maps provided by the service “OpenStreetMap” (OSM, https://www.openstreetmap.org) on this website. The mapping content is provided by the OSM Foundation on the basis of the Open Database License (ODbL). To enable the map to be displayed, user data (IP address) is transmitted to OSM. A session cookie is also stored on the user’s computer. This happens solely in order to display the maps and to temporarily store the selected map settings.
 

Further details of data storage by OSM are provided on the OSM data protection page under: https://wiki.openstreetmap.org/wiki/Privacy_Policy

 

11. Hippo Video

We use the tool provided by Hippo Video to display videos. Hippo Video is a tool of Lyceum Technologies, Inc., 2035 Sunset Lake Road, Suite B-2, Newark, Delaware, 19702, USA.

After starting a video, a connection is established to the Hippo Video servers. In the process, Hippo Video may store cookies on your end device. Hippo Video also stores IP addresses, location, device data, and browser details. Browsers usually include a “Do Not Track” function. If you do not wish to be tracked, you will need to activate this option in each of the browsers that you use.

We use Hippo Video in the interests of presenting our online services in an attractive manner, and thereby in our legitimate interest, in accordance with Article 6(1)(f) GDPR. If your corresponding consent is requested, the processing takes place exclusively on the basis of Article 6(1)(a) GDPR; you can withdraw your consent at any time.

For further information about how Hippo Video uses your data, please see the Lyceum Technologies, Inc. data protection guidelines under: www.hippovideo.io/privacy_policy.html

 

12. Google reCAPTCHA

We use Google reCAPTCHA (“reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Republic of Ireland.

reCAPTCHA is used to verify whether data has been entered into this website (e.g. into a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes website user behavior in a variety of ways. This analysis starts automatically as soon as the visitor opens the website. reCAPTCHA evaluates a range of information (e.g. IP address, duration of stay on the website, or mouse movements undertaken by the user). The data recorded during the analysis are transmitted onwards to Google.

The reCAPTCHA analysis runs entirely in the background. No indication is given to visitors that an analysis is taking place.

The data is stored and analyzed on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting their web services from improper automated surveillance and from spam. Insofar as your corresponding consent is requested, the processing takes place exclusively on the basis of Article 6(1)(a) GDPR; you can withdraw your consent at any time.

For further information about Google reCAPTCHA, please see the Google data protection regulations and the Google terms of use, available under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

 

13. Our Own Services: How We Use Applicant Data

We offer you the option to apply for jobs with us using our software HRworks via an online application form (or alternatively via email/mail). In this section, we will inform you about the scope, purpose, and use of the personal data that we collect during the application process. We would like to assure you that your data is collected, processed, and used in compliance with current data protection legislation and all additional legal regulations, and that your data will be treated in strict confidence.

 

Scope and Purpose of Data Collection

If you send an application to us, we will process the personal data connected with this (e.g. contact and communication data, application documentation, interview notes, etc.), insofar as this is required for a decision regarding the agreement of a contract of employment. The legal basis for this is Article 26 of the new German Federal Data Protection Act (preparation for a contract of employment), Article 6(1)(b) GDPR (general preparation for a contract), and – insofar as you have given consent – Article 6(1)(a) GDPR. You can withdraw your consent at any time. Within our company, your personal data will be forwarded exclusively to staff involved in processing your application.

If your application is successful, the data you have supplied will be stored in our data processing system for the purpose of performing the contract of employment, on the basis of Article 26 of the new German Federal Data Protection Act and Article 6(1)(b) GDPR.

 

Data Retention Period

If we are unable to offer you a position, you decline the offer of a position, or you withdraw your application, we reserve the right to retain the data you have supplied to us for up to six months after the conclusion of the application process (rejection or withdrawal of the application), on the basis of our legitimate interests (Article 6(1)(f) GDPR). The data will then be deleted and physical application documents will be destroyed. We retain this data in particular for purposes of proof in the event of a legal dispute. Insofar as we anticipate that the data will be required after the expiry of the six month period (e.g. due to threatened or pending litigation), the data will only be deleted once the reason for the continued retention no longer applies.

We may also retain data for longer periods if you have given your corresponding consent (Article 6(1)(a) GDPR), or if legal retention obligations preclude deletion.

 

Data Collection during Video Interviews

When conducting digital interviews, we use the communication tool Microsoft Teams. Details of data collection by this tool are supplied in Section 7 of this document, “Audio and Video Conferencing”, in the subsection “Microsoft Teams”.

 

Inclusion in the Applicant Pool

Even if we are unable to offer you a position, we may however be able to include you in our Applicant Pool. If you are accepted, all the documents and information from your application will be transferred to the applicant pool so we can contact you if suitable vacancies arise.

Inclusion in the Applicant Pool takes place exclusively on the basis of your explicit consent (Article 6(1)(a) GDPR). Consent is voluntary and has no influence on any pending applications. Applicants selected for the Pool may withdraw their consent at any time. In this case, your data will be permanently deleted from the Applicant Pool, unless there are any legal grounds for retention.

Data from the Applicant Pool is permanently deleted a maximum of two years after consent has been given for its storage.

 

Data Processing Location

Your data is processed in the Federal Republic of Germany and in a member state of the European Union (EU). HRworks and its subcontractor AWS have agreed a contract (“data processing addendum”) that ensures that data will be processed in a permissible manner.

 

Your Right to Information and Revocation

By submitting your application, you consent to the storage of your personal data. You may withdraw your consent and prohibit the storage of your data at any time.

In accordance with current legal requirements, we will be happy to inform you upon request about which of your personal data we are processing (“right to information”). You also have the right to rectification of incorrect data, and to the cessation, deletion, and restriction of processing of your personal data, insofar as this is not precluded by any legal retention obligation. You will find our contact details here.

 

General Data Protection Notice 

We reserve the right to modify this data protection notice in accordance with changes to current legal regulations. If you revisit our website, or reapply to our company, the new data protection notice will then apply.

 

14. Rights of the Data Subject

You have the right:

  • in accordance with Article 15 GDPR, to information about the personal data concerning you that we are processing. In particular, you may request information about the purposes of processing, the categories of personal data, the categories of recipients of your personal data, the planned retention duration, the existence of a right to information, deletion, restriction or prohibition, the existence of a right to complain, the source of your data if this has not been collected by us, and about the existence of automated decision-making, including profiling, and where applicable request meaningful details of these.
  • in accordance with Article 16 GDPR, to request the immediate rectification of incorrect or incomplete personal data concerning you stored by us
  • in accordance with Article 17 GDPR, to request the deletion of the personal data concerning you stored by us, insofar as the processing is not required for the exercise of the right to free expression of opinion and information, to the fulfillment of a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims
  • in accordance with Article 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you decline its deletion and we no longer require the data, you however require this for the establishment, exercise, or defense of legal claims, or you have objected to the processing in accordance with Article 21 GDPR
  • in accordance with Article 20 GDPR, to request receipt of the personal data that you have supplied to us in a structured, commonly used, and machine-readable format or its transmission to another controller
  • in accordance with Article 7(3) GDPR, to withdraw your consent from us at any time. The consequence of this will be that we may no longer continue to process data on the basis of this consent.
  • in accordance with Article 77 DGPR, to lodge a complaint with a supervisory authority You may contact the relevant supervisory authorities for your usual place of residence or for your company’s registered office for this purpose.

 

15. Right to Object

Insofar as your personal data is processed on the basis of legitimate interests in accordance with the first sentence of Article 6(1)(f) GDPR, you have the right in accordance with Article 21 GDPR to object to the processing, insofar as there are reasons for this arising from your particular situation, or the objection applies to direct advertising. In the latter case, you have a general right to object, which we will implement without reference to a particular situation.

If you wish to exercise your right to revoke your consent or to object, you simply need to send an email to: info@quanos-solutions.com.

 

16. Data Security

During your visit to our website, we use the common security process SSL (Secure Socket Layer), in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, then we revert to 128-bit V3 technology. You will see whether each individual page within our website is being transmitted with encryption by means of the closed lock or key icon in your browser’s address bar.

We also employ appropriate technical and organizational security measures to protect your data from random or intentional manipulation, full or partial loss, destruction, and to prevent unauthorized third parties from gaining access to it. Our security measures are subject to continuous improvement in accordance with technological development.

 

17. Currency and Validity of This Data Protection Declaration

This Data Protection Declaration is dated December 2022 and is currently valid.

As we develop our website and the services we provide by this means, or due to changes to legal or official regulations, it may become necessary to modify this Data Protection Declaration. You will find the currently valid Data Protection Declaration available to view and print from our website. 

 

18. UserGuiding

We use UserGuiding to onboard customers to our product. The provider is Ynot Partners, Inc., 316 High Street, Palo Alto, CA 94301, USA. The provider processes meta/communication data (e.g. device information, IP addresses) in the US.

The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a) GDPR. 

The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.

We delete the data when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at userguiding.com/privacy-policy/.