LexCom Privacy Statement



Protecting your personal data is of the utmost concern to our company, LexCom Informationssysteme GmbH, Rüdesheimer Str. 23, 80686 Munich, Germany (“LexCom”). This Privacy Statement is intended to inform you about LexCom’s policy regarding your personal data when you use

This Privacy Statement supplements LexCom’s General Terms and Conditions governing the use of the relevant LexCom software and LexCom web services.

1. LexCom’s Policy for Processing Your Personal Data

LexCom has adopted the following policies with a view to protecting your personal data during the use of LexCom software and web services: 

2. Terms and Definitions in the Privacy Statement

LexCom uses certain fixed terms in this Privacy Statement, which are defined as follows:

3. What does LexCom know about you, what do you allow LexCom to do, and how is your personal data handled?

3.1 Registration information

When you register, LexCom has to process certain personal data from you as your registration information. First and foremost, this information is your:

LexCom must process this registration information in order to fulfil the requirements of your contract with LexCom (GDPR Art. 6 (1) b)), as the LexCom software and LexCom web services can only work properly with this information.

The following applies to the LexCom partslink24, etkainfo, etosinfo, myasainfo and mantisinfo web services: the administrator of a company ID may create further users and therefore view the company ID/ID of these users. LexCom will never pass on this data to any third party and/or disclose it to such third parties in any other way.

Furthermore, you need to fill in certain mandatory fields during registration, for example, your first name, surname, the name and address of your company, and your e-mail address (the mandatory fields of the LexCom web services may vary). LexCom must also process this registration information in order to fulfil the requirements of your contract with LexCom (GDPR Art. 6 (1) b)). LexCom needs this information in order to contact you about any issues related to payment or performance of contracts, and to mail you the LexCom software (if you order a DVD version).

The collected user data may be forwarded to manufacturers and/or importers. This process serves the purpose of measuring the success and amount of usage and thus the product- and sales optimization for the benefit of the user. This constitutes a legitimate interest for LexCom in accordance with GDPR Art. 6 (1) f)).

In addition, you may enter optional information, which you may edit or delete at any time.

LexCom will delete your registration information as soon as it no longer has any legitimate interest in processing it (for example to verify possible claims after termination of the contract; this constitutes a legitimate interest for LexCom in accordance with GDPR Art. 6 (1) f)), unless the applicable commercial or tax laws obligate LexCom to retain the data (GDPR Art. 6 (1) c)). This obligation to retain data remains in effect for an additional ten years after the end of the contractual relationship. For this reason, LexCom will delete your registration information after the expiry of this period.

3.2 Payment data

LexCom processes your payment data such as credit card or bank details for the purpose of payment handling and accounting as necessary for the selected mode of payment. To the extent necessary to process your transaction, your payment data will be provided to service providers (Wirecard, Allpago) and banks (Deutsche Bank, Danske Bank, Credit Suisse) or may be collected directly and processed by these organisations. Your payment data is stored in order to enable payment handling and accounting for the automatic extension of your subscription. We process your credit card data in accordance with the PCI DSS security standard. That means, for example, that LexCom never stores your credit card data as plain text.

LexCom must process this payment data in order to fulfil the requirements of your contract with LexCom (GDPR Art. 6 (1) b)). LexCom needs this information in order to contact you about any issues related to payment or performance of contracts.

LexCom will delete your saved payment data as soon as it no longer has any legitimate interest in processing it (for example to verify possible claims after termination of the contract; this constitutes a legitimate interest for LexCom in accordance with GDPR Art. 6 (1) f)), unless the applicable commercial or tax laws obligate LexCom to retain the data (GDPR Art. 6 (1) c)).  This obligation to retain data remains in effect for an additional ten years after the end of the contractual relationship. For this reason, LexCom will delete your payment data after the expiry of this period.

No payment data is collected for the LexCom agroparts web service.

4. Cookies and Pixel Tags

“Cookies” are small files that enable us to store some specific information related to you as a user on your PC or other terminal device when you use the LexCom web services. For example, cookies help us to determine the frequency of use and the number of actual users of our web services, analyse the user behaviour on our website, assess the effectiveness of advertising, increase security, and design our web services so that they are as convenient, efficient and interesting for you as possible. LexCom has to process the following personal data in order to pursue these legitimate interests (GDPR (Art. 6 (1) f)). Only you and LexCom have access to these cookies, which are used for the purposes described below.

When you log in (with your user name and password), the LexCom web services utilise session cookies with which you can be identified for the duration of your visit. The session cookies expire automatically after the end of your session, meaning that they are deleted.

In addition, the LexCom web services use permanent cookies. These cookies store information about visitors accessing the LexCom web services repeatedly (for example, company ID, user name, language, time stamp of previous access). The purpose of these permanent cookies is, firstly, to present you with the relevant web service in the correct language even before you have logged in. Secondly, they enable you to return directly to your previous session if you did not log out after the last time you used the LexCom web service. The cookies we set do not generate an individual profile of your user behaviour. The cookies are automatically deleted within four weeks of your last session.

Under certain circumstances, you may disable the storage of cookies or restrict it to specific websites in your browser, or set your browser to notify you as soon as a cookie is sent. You may also delete cookies from your terminal device at any time. However, please note that the use of LexCom web services is not possible if user cookies are rejected.

We utilise pixel tags, web beacons, clear GIFs or similar mechanisms (“pixel tags”). A pixel tag is an image file or a link to an image file that is inserted into the code of the web page but not stored on your terminal device (e.g. computer, smartphone etc.). Pixel tags enable us, for example, to count the number of users who visit our web pages after clicking online advertisements. In this way, pixel tags help us optimise the efficiency of our web pages, and revise and optimise our offers and publicity activities. Our use of pixel tags does not involve any reference to any person; nor does any personalised tracking occur. Pixel tags usually work in conjunction with cookies. If you turn off cookies, the pixel tag will simply detect an anonymous website visit.

5. Log Files

Whenever you log in to the LexCom software or LexCom web services, access data is saved in a log file. The data stored includes the IP address, LexCom company ID, user name, session ID, login time and cookies.

LexCom requires this log data, firstly, to detect and correct any technical problems such as defective links or program bugs, i.e. to improve and develop the LexCom software and LexCom web services. Secondly, LexCom needs this log data to detect any illegal and/or improper use of the LexCom software or LexCom web services. For this reason, LexCom reserves the right to use the log data if there is evidence that users have used the LexCom software and/or LexCom web services in a way that is illegal or violates the contract. This serves to protect the LexCom users, the security of their user data and LexCom itself.

LexCom has to process the following personal data in order to pursue these legitimate interests (GDPR (Art. 6 (1) f)).

The log files are stored in our data centre for twelve months and then automatically deleted.

6. Transmission to Third Countries

We process the aforementioned personal data in Germany and, in some cases, in Brazil, China and Japan. Data is only processed in these third countries in accordance with the EU’s standard data protection clauses as defined in GDPR Art. 46. You can view these clauses at the following link: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de

7. Availability of the Privacy Statement

You can retrieve and print out this Privacy Statement from any page of the website of each LexCom web service or within the LexCom software by clicking the “Privacy” link.

8. Assertion of Claims and Rights

In accordance with the applicable data protection legislation, you have the right to information about your data (GDPR Art. 15), to rectification of it (GDPR Art. 16) and to deletion of it (GDPR Art. 17) or to restriction of its processing (GDPR Art. 18), as well as to data portability (GDPR Art. 20).

If you have any further questions regarding data security when using LexCom software and/or LexCom web services, or if you would like to assert the aforementioned claims, please contact us directly:

 

LexCom Informationssysteme GmbH
Mr. Julian Schöntag
Ruedesheimer Strasse 23
80686 Munich
Germany
datenschutz@lexcom.de

 

You also have the right to file a complaint with the supervisory authority responsible for data protection if you believe that LexCom has failed to comply with the applicable data protection legislation. The supervisory authority responsible for LexCom is:

The Data Protection Authority of Bavaria for the Private Sector (www.lda.bayern.de)

9. Right to Object

You have the right to object to the processing of personal data that refers to you under the terms of items 4 and 5 of this Privacy Statement (i.e. processing in accordance with GDPR Art. 6 (1) f) for reasons resulting from your specific situation at any time. In this case, LexCom will no longer process the personal data unless LexCom can demonstrate that it has compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.