User Tools

Site Tools


en:legal_notice

Legal Notice

EasternGraphics GmbH
Albert-Einstein-Straße 1
98693 Ilmenau
GERMANY
Phone: +49 3677 6782-0
Fax: +49 3677 6782-50
E-Mail: info@EasternGraphics.com

Managing Directors:
Dipl.-Math. Gabriel Bieber (CSO)
Dipl.-Inf. Frank Wicht (CEO)
Dipl.-Wirtsch.-Inf. Andreas Winkler (COO)

Jena Local Court, HRB 304052
VAT identification no. DE 173 364 373

Notice pursuant to section 36 of the German Consumer Dispute Settlement Act (VSBG): We will not participate in dispute settlement proceedings before a consumer arbitration board.

Terms of use

I. Scope of application, supplementary contract terms

(1) The General Terms and Conditions (T&C) for online services „T&C OS“ of EasternGraphics GmbH (“EGR“) are applicable to any and all online services contracts with customers, and they are deemed to be an integral part of each contract, unless separately otherwise agreed between EGR and the customer. They also apply to the free use of EGR’s online services by users (hereinafter also “Customer”).

(2) Online services are in particular online applications, cloud services and websites.

(3) These T&C OS shall apply exclusively. Any deviating, contradicting or supplementary terms and contractual conditions of Customer shall not become an integral part of the contract unless and to the extent EGR has consented to their application expressly and in writing. This consent requirement shall apply in each case, and in particular if EGR, being aware of Customer‘s terms and contractual conditions, renders services to such Customer without reservation.

(4) These T&C OS shall also apply if Customer uses the online services with which these GTC OS are provided.

(5) For the rest, the licence conditions of the manufacturer of the respective software and – if the software is installed in the server infrastructure of an external computer center – the contractual provision of such computer center shall apply.

II. Services

(1) EGR makes available to Costumer the online services in accordance with the usage rights mentioned in paragraph IV. hereof regarding the online use via Internet, via a data network or via an app. For this purpose, EGR will make available the online services, on a server infrastructure which can be reached by Customer via the Internet, the data network or the app. The procurement and maintenance of the system infrastructure required for the use of the online services (in particular hardware, operating system, software e.g. browser or app) are the responsibility of Customer. There is no obligation to provide a user manual for the online services and/or the software unless otherwise expressly agreed in writing.

(2) The user interface and/or service description describe exhaustively all functions and services of the online services and/or software if they are used in accordance with the contract. Public statements, praise or advertising do not constitute a statement of performance or quality.

(3) EGR undertakes, for the term of the contract, to maintain the online services, the software and the accessibility in accordance with paragraph VI. hereof. This obligation does not apply to free online services.

(4) The services mentioned in the paragraphs II., IV. and VI. hereof are exhaustive. Any further services are not part of the contract unless separately agreed.

III. Remuneration and Terms of Payment

The remuneration to be paid by Customer to EGR for services against payment and the terms of payment applicable thereto shall be specified separately for the respective services.

IV. Usage rights

(1) EGR grants Customer, for the term of the contract, a simple, non-exclusive, non-transferable and non-sublicensable right for natural persons to use the online services and/or the software via the user interfaces for the purpose determined by EGR for such online service. Automated use is not permitted.

(2) The type and scope of the usage rights regarding online services and/or software of third parties made available by EGR to Customer are subject to the terms of use of such third parties, and such usage rights are limited to the term of the contract. EGR will make available to Customer, at Customer’s request, the terms of use of such third party.

(3) Customer must not allow third parties to integrate the online services into systems other than those of Customer.

(4) In the case of violations of the provisions of paragraph IV. (1) to (3) and of paragraph V. (5) and (6) hereof by Customer or by a third party which has been enabled by Customer to use the online services, the usage rights will be forfeited.

(5) Usage rights granted to Customer are also forfeited if and as long as the agreed remuneration for the use of the online services is not paid to EGR at all or in due time. In such cases EGR has, in addition, the right to block the online services and/or the online access to the software immediately and without reminder.

V. Customer’s obligations

(1) Customer undertakes to provide any customary and appropriate cooperation required for Customer’s use of the online services and which is within his sphere of influence and/or responsibility.

(2) Customer shall ensure that its hardware and software used within the framework of the contract is technically suitable for the use of the online services and compatible with the hardware and software used by EGR to render its contractual services. In particular, EGR is not liable for the suitability, functionality and compatibility of Customer’s hardware and software.

(3) Customer is, in particular, obliged to adapt its systems, through which it accesses the online services, to the latest versions of the interface between the online services and the systems of Customer on its own responsibility and at its own cost. The adaptation of Customer’s systems to the new version shall be completed each time within six (6) months after the provision of the information and specifications regarding the interface. On expiry of this six month period, the reachability of the online services and/or the software is only guaranteed via the new version of the interface. EGR is not liable for damages that are the result of Customer’s failure to adapt its systems to the latest interface versions at all or in due time.

(4) Customer’s online access to the Internet and/or the contractually agreed data network as well as any costs incurred in connection therewith is Customer’s responsibility.

(5) Customer shall take appropriate precautions to protect its online access and the access to the online services against unauthorized access.

(6) Customer shall refrain from taking any action that may or will put at risk the online services and/or their performance. In particular, Customer shall refrain from retrieving or sending data in an automatized manner, e.g. via scripts, and thereby transferring data volumes and/or initiating calculation processes on servers exceeding those caused by users during normal use.

VI. Availability

(1) EGR guarantees 95 % reachability on a three month average for each calendar quarter of the online services from the server infrastructure of EGR and/or of the computer center to the transfer point into the public and/or the agreed data network. Not included in the calculation of reachability are hours during which the server cannot be reached due to technical or other problems which are not within EGR’s sphere of responsibility and influence (e.g. force majeure, natural disasters, strikes, industrial disputes, fault of third parties etc.)

(2) EGR has the right to restrict or to block access to online services and/or to the software if this is required due to technical changes, system maintenance, the safety of network operation, the maintenance of network integrity, in particular to avoid network disturbances of the online services, of the software or of saved data or if Customer does not fulfill its obligations mentioned in paragraph V. (5) and (6) hereof or if there is suspicion of a breach of such obligations.

(3) Unless otherwise agreed, the online services and the software will be made available for online use on a server infrastructure chosen by EGR.

(4) Free online services may be discontinued in whole or in part, permanently or temporarily, at any time.

VII. Update usage rights

The provisions hereof shall apply to the use of updates mutatis mutandis.

VIII. Data backup

(1) The backup of the data and their recovery in case of loss is Customer’s responsibility.

(2) Security and backup of the online services and of the software as well as the restoration of availability of the server infrastructure is EGR’s responsibility.

All rights to the content (e.g. texts, images, graphics, videos, sounds, animations) of the online services shall be held by EGR or the respective authors. These contents may only be used within the authorized use of the online services in accordance with paragraph IV. hereof or under the conditions of the respective author.

X. Trademark rights

The online services may contain names and trademarks that are protected by law. The rights to the names or trademarks are exclusively owned by the respective owner. No licence is granted by publishing the names and trademarks in the online services.

XI. Data protection

(1) EGR and Customer undertake to comply with the applicable data protection laws and regulations.

(2) If Customer, itself or via EGR, collects, retrieves, processes or uses personal data in connection with the online use of the software in the capacity of controller under data protection law, Customer shall ensure beforehand that it is authorized to collect, process and/or use such data in the concrete manner in accordance with applicable law and in particular with the data protection regulations, and, in the event of violation of such law or regulation, Customer shall hold EGR free and harmless against third party’ claims on first demand.

XII Warranty and liability

(1) Customer is aware of the fact that online services, in particular software, are very complex and cannot be developed 100 %% error-free.

(2) EGR shall be immediately notified of any defect or malfunction in a comprehensible manner and in writing via e-mail or fax. EGR will remedy the defect within a reasonable time after receipt of such notification. To the extent reasonable for Customer, EGR has the right, in order to remedy the defect, to provide Customer with a new version of the online services and/or the software which no longer contain or eliminate the notified defect or to develop a fall-back solution.

(3) If and to the extent tenancy law applies, strict liability of EGR in accordance with § 536 I of the German Civil Code is excluded. Customer’s right to termination for deprivation of use in accordance with section 543 (2) 1 of the German Civil Code and the right to reduce the remuneration are excluded as long as the reachability and/or the use of the online services due to the elimination of defects is reduced or excluded no more than 48 continuous hours.

(4) EGR is not liable for defects due to operating errors and/or that have occurred after use contrary to contract, unless Customer proves that the defects have not been caused by the events mentioned above.

(5) EGR is not liable for the content accuracy of Customer’s data in the online services and/or the software or for any defects or errors resulting therefrom.

(6) EGR is not liable for the functionality of the external data lines to its server, nor is EGR liable for power outages or for restrictions or failures of performance which are due to force majeure or to events which substantially complicate, restrict or render impossible the performance of a service. This includes, in particular, strike, lockout, official orders, failure of communication networks of other operators, malfunctions at the respective line provider as well as malfunctions that are within the risk area of other network providers.

(7) Customer must not enforce a reduction by deduction from the agreed remuneration. Claims against unjust enrichment and for damages shall remain unaffected.

(8) If it turns out that a defect reported by Customer does not actually exist and/or is not caused by the online services or the software, EGR may charge Customer for the costs arising from the analysis and other processing in accordance with EGR’s current price list for services.

(9) EGR does not guarantee the timeliness, accuracy and completeness of the information provided in free online services.

(10) EGR is not liable for the information created or published by third parties, which is accessible via the online services (e.g. via a link/hyperlink). EGR has no influence on the link text, the design, possible infringements of applicable rights (e.g. trademark rights or copyrights) and on the third parties accessible via the online services. EGR therefore expressly distances itself from all third-party content that can be accessed via EGR’s online services.

(11) The liability of EGR is limited to willful intent and gross negligence, regardless of the legal reason. In the event of willful intent and gross negligence, the statutory provisions shall apply.

(12) EGR’s liability for direct, indirect, special or other damages and consequential damages arising from the use of free online services or due to a lack of free online services is excluded.

(13) In the event of bodily injury or the breach of an essential contractual obligation („cardinal obligation”), EGR will also be liable in the event of slight negligence. If an essential contractual obligation is breached, EGR’s liability will be limited to the foreseeable damage typical of this type of contract. Cardinal obligations are obligations the fulfillment of which is required for the proper implementation of the contract and on the compliance of which the contracting parties regularly rely on and may rely.

(14) EGR is not liable for the loss of data if the damage could have been prevented by means of proper data protection for which Customer is responsible. Proper data protection is ensured if Customer performs daily data backups in machine-readable form as can be proven thus ensuring that such data can be recovered with reasonable efforts. The liability of EGR for the loss of data – unless caused by willful intent or gross negligence on the part of EGR – is limited to the typical recovery expenses that would have incurred if proper data protection had been performed

(15) EGR is not liable for the dissemination of confidential data stored in EGR’s system if and to the extent the dissemination of such data is due to the misuse of passwords and login data for which EGR is not responsible.

(16) To the extent EGR’s liability is excluded or limited, the same exclusion and limitation shall apply to the personal liability of EGR’s employees and staff as well as for third parties acting by and for EGR.

(17) Liability under the German Product Liability Act shall remain unaffected.

XIII. Control rights of EGR

(1) EGR has the right to read and check any data transmitted and retrieved via Customer’s online access if there is reason to suspect that such data is connected with illegal activities or the contents of the data violate applicable law or the accepted principles of morality.

(2) EGR has the right of access to the data transmitted and retrieved by Customer via the online access if and to the extent this is required to check the system.

XIV. Commencement, term and termination of the contract

(1) The provisions of this paragraph XIV. regarding commencement, term and termination of the contract will apply unless and to the extent otherwise agreed:

(2) The contract shall commence upon provision of the service by EGR. It is concluded for an indefinite period and can be terminated with a three (3) month notice to the end of each calendar month. The contract for online services, software and apps provided free of charge shall begin with their use and may be terminated at any time without notice; it shall end in any event as soon as EGR discontinues the services or the customer no longer uses them.

(3) The right to extraordinary termination and, as the case may be, without notice, for good reason shall remain unaffected.

(4) A termination is subject to the formal requirements set forth under XV. (3).

(5) The provisions regarding the limitations and exclusions of E’s liability shall continue to apply after termination of the contract or use until expiry of the limitation periods of claims for damages and/or reimbursement of expenses.

XV. Miscellaneous provisions

(1) The law of the Federal Republic of Germany shall apply exclusively. Any application of the United Nations Convention on Contracts for the International Sale of Goods (CISG) is excluded.

(2) The place of jurisdiction for both contractual partners shall be Erfurt (Germany) to the extent permissible by law.

(3) Any agreements between the contractual partners must be in writing in order to become valid with e-mail with sender’s name signature fulfilling this requirement.

(4) In the event any provision is not effective or loses its effectiveness due to a later circumstance, or if a gap is detected, the effectiveness of the remaining provisions shall remain unaffected. In this event, the both contractual partners shall replace such ineffective provisions immediately and/or fill the gap with such effective provisions that correspond to the economic purpose of the contract. In the event the contracting parties fail to do so although proven serious effort was made, such ineffective provisions and/or gaps shall be replaced with the legal provisions of the Federal Republic of Germany.

Data Privacy Statement

§ 1 Information on the collection of personal data

(1) Please find below information on the personal data that is collected when our website is used. Personal data is all data related to you personally, e.g. name, address, email addresses, IP, user behavior.

(2) The controller in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR) is

EasternGraphics GmbH Albert-Einstein-Str. 1 98693 Ilmenau email: info@easterngraphics.com (see our Legal Notice).

You can reach our data protection officer at datenschutz@easterngraphics.com or at our postal address adding the words „the data protection officer“ (“der Datenschutzbeauftragte”).

(3) If you contact us via email or a contact form, we will store the data provided by you (your email address, and, as the situation may be, your name and your telephone number) on the legal basis (Article 6 (1) point f of the GDPR legitimate interests) in order to answer your questions. We will delete any data collected in this context after their storage is no longer required, or we restrict their processing if any statutory storage obligations apply.

(4) If we use the service of service providers for individual functions of the services offered by us or if we wish to use your data for marketing purposes, we will inform you in detail about the related processes. We will also inform you about the criteria according to which the duration of the storage is determined.

§ 2 Your rights

(1) You have the following rights against us with regard to the personal data concerning you:

  • right to obtain information,
  • right to rectification or erasure,
  • right to restriction of processing,
  • right to object to processing,
  • right to data portability.

(2) In addition you have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data by us, in particular with the data protection supervisory authority of your habitual residence, your place of work or the place of the alleged infringement.

§ 3 Collecting personal data when visiting our website

(1) If you use the website solely for information, i.e. if you do not register or otherwise transmit information to us, only the personal data transmitted by your browser to our server will be collected. If you want to view our website, we will collect the following data, which are required from a technical point of view to show you our website and to guarantee the stability and security (legal basis: Article 6 (1) sentence 1 point f of the GDPR and section 25 (2) of the TTDSG (Gesetz über den Datenschutz und den Schutz der Privatsphäre in der Telekommunikation und bei Telemedien -German Act on Data Protection and the Protection of Privacy in Telecommunications and Telemedia):

  • IP address
  • Date and time of the query
  • Time difference to Greenwich Mean Time (GMT)
  • Contents of the request (individual site)
  • Access status/http status code
  • Transferred individual data volume
  • Website from which the request was sent
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

(2) In addition to the data mentioned above, cookies are placed on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you have used and through which the site placing the cookie (here: us) obtains certain information. Cookies are not able to execute programs or to place viruses on your computer. Their purpose is to enhance the overall user-friendliness and efficiency of the Internet services offered.

(3) Using cookies:

a) This website uses the following types of cookies with the following scope and functions:

– transient cookies (see b) – persistent cookies (see c).

b) Transient cookies are automatically erased when you close your browser. This, in particular, includes session cookies. They store a so-called session ID which various queries of your browser can be assigned to one and the same session. Thus your computer can be recognized if you return to our website. The session cookies are erased, when you log out or close the browser.

c) Persistent cookies are erased automatically after a defined period of time which may vary from one cookie to another. You can erase the cookies with your browser’s security settings anytime.

d) You can configure your browser setting according to your needs, for example you can refuse to accept third party cookies or any cookies at all. Please note that, as a consequence, you may not be able to use all functions of the website.

e) We use cookies to be able to identify you during your subsequent visits if you have an account with us. Otherwise you will have to log in again for each visit.

f) In addition we use HTML5 storage objects that are placed on your device. These objects store the required data regardless of which browser you use and have no automatic expiry date. You can avoid the use of HTML5 storage objects by setting your browser to private mode. We also recommend to regularly delete manually your cookies and your browsing history.

§ 4 Use of social media plugins

(1) We currently use the following social media plugins: [Facebook, Google+, X (fomerly Twitter), LinkedIn, Xing] applying the so-called two-click solution. This means that if you visit our website, no personal data will be passed on to the plugin provider in the first instance. You can view the plugin provider by selecting the box over the initial letter of its name or logo. We give you the opportunity to communicate directly with the plugin provider via the button. Only if you enable the selected field by clicking it will the plugin provider be informed that you have accessed the relevant page on our website. The data specified in § 3 hereof is also sent. In the case of Facebook and Xing, the providers have stated that in Germany the IP address is anonymized immediately upon its collection. If you enable the plugin, personal data concerning you will be sent to the plugin provider and stored by it (in the USA in the case of US providers). As plugin providers in particular use cookies to collect data, we recommend that you delete all cookies via your browser’s security settings before clicking on the grayed-out box.

(2) We have no influence over the data collected and the processing operations performed, nor do we have knowledge of the full scope of the data collection, the purposes of the processing, or storage periods. We also have no information regarding erasure of data collected by plugin providers.

(3) The plugin provider stores the information it collects about you as a user profile, which it uses for advertising and market research purposes and/or to tailor its website to the needs of users. In particular, this analysis is carried out (even for users who are not logged in) to serve relevant advertising and in order to inform other social network users of your activities on our website. You have the right to opt out of the creation of these user profiles, but to exercise this right you must refer to the plugin provider. We provide the plugins to enable you to interact with the social networks and other users so that we can improve our website and make it more interesting for you as a user. The legal basis for the use of plugins is Article 6(1) sentence 1 (f) of the GDPR and section 25 (2) of the TTDSG.

(4) The data will be passed on regardless of whether or not you have an account with the plugin provider and are logged into that account. If you are logged in to an account with the plugin provider, the data collected on our website will be directly linked with that account. If the button is activated you click on it and e.g. link to the page, the plugin provider will also store this information in your user account and inform your contacts publicly. We recommend that you log out regularly after using social networks, especially before activating a button, as this will prevent your actions being linked to your profile with the plugin provider.

(5) For further information regarding the purpose and scope of the collection and processing of data by the plugin provider, please see the privacy statements of those providers as specified below. Here you will also find further information about your rights in this regard and settings you can use to protect your privacy.

(6) Addresses of the individual plug-in-providers and URL with their data privacy statements:

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, U.S.A.; https://www.facebook.com/help/186325668085084

The company facebook (Meta Platforms) is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, U.S.A.; https://www.google.com/policies/privacy/partners/?hl=de.

The company google is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

c) X (fomerly Twitter), Inc., 1355 Market St, Suite 900, San Francisco, California 94103, U.S.A.; https://twitter.com/en/privacy.

Information about your data: https://twitter.com/settings/your_twitter_data

d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, U.S.A.; https://www.linkedin.com/legal/privacy-policy.

LinkedIn is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

§ 5 Embedding of YouTube videos

(1) We have embedded YouTube videos into our online offer that are stored at https://www.YouTube.com and can be played directly from our website. These videos are embedded in „extended privacy mode“ which means that no data concerning you as a user are transmitted to YouTube if you do not play the videos. Only if you play the videos, the data specified in paragraph 2 hereof will be transmitted. We have no influence over this data transmission.

(2) When you visit the website, YouTube is notified that you have accessed the relevant the page of our website. In this case the data specified under § 3 of this Statement is also transmitted. This happens regardless of whether or not you have a YouTube account or are logged into such account. If you are logged into Google, your data will be directly linked with your account. If you do not want the data to be associated with your YouTube profile, you must log out before activating the button.

YouTube stores your data as a user profile, which it uses for advertising and market research purposes and/or to tailor its website to the needs of users. In particular, this analysis is carried out (even for users who are not logged in) to serve relevant advertising and in order to inform other social network users of your activities on our website. You have the right to opt out of the creation of these user profiles, but on order to exercise this right you must refer to YouTube.

(3) For further information regarding the purpose and scope of the collection and processing of data by YouTube, please see the privacy statement. Here you will also find further information about your rights and settings you can use to protect your privacy: https://policies.google.com/privacy?hl=en&gl=de.

The company google is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

§ 6 Use of the blog functions

(1) You can make public commentaries in our blog, where we publish various posts regarding topics that are related tour activities. Your commentaries will be published together with the user name you have provided. We recommend you to use a pseudonym and not your real names. Providing a user name and an email address is required, any further information is optional. If you make a commentary, we will continue to store your IP address. We must store it in order to be able to defend ourselves against liability claims in the event of the publication of unlawful contents. We need your email address in order to contact you if a third party criticizes your commentary as being unlawful. The legal basis is Article 6 (1) sentence 1 point b and f of the GDPR. The comments are checked before publication and we reserve the right to delete commentaries that are criticized by third parties as being unlawful.

§ 7 Sentry Error Logging

We use the web analysis service Sentry. The service is offered by Functional Software, Inc, 132 Hawthorne St, San Francisco, CA 94107 and collects and stores data that is created from anonymized usage profiles. These are used exclusively to analyze errors and to monitor system stability. Cookies are used for this purpose. You can object to the collection and storage of data by Sentry at any time with effect for the future by deactivating the cookies in your browser settings. Sentry's privacy policy is available at https://sentry.io/privacy/

Sentry is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

§ 8 Newsletter

(1) With your consent, you can also be subscribed to our newsletter, in which we provide information about our current offers.

(2) We use the “double opt-in” procedure for subscriptions to our newsletter. This means that after you sign up, we send an email to the email address provided by you asking you to confirm that you wish to receive the newsletter. We also store the IP addresses from which you sign up and confirm, and the date of subscription and confirmation. The purpose hereof is to verify your subscription and to enable us to clarify any misuse of your personal data.

(3) The only obligatory information in order to receive the newsletter is your email address. After you have confirmed, we store your email address so that we can send you the newsletter. The legal basis for this is Article 6(1) sentence 1 (a) of the GDPR.

(4) You may withdraw your consent at any time and unsubscribe from the newsletter. You may declare your withdrawal by clicking on the link you find in every newsletter email, via this form on the website, via email to [info@easterngraphics.com] or by sending a notification to the contact date provided in the “Contact” section.

§ 9 Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is carried out on the basis of Article 6 (1) point f of the GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.htmlhttps://www.google.com/recaptcha/intro/android.html

The company google is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework. This corresponds to an adequacy decision between the EU and the USA.

§ 10 Use of Matomo (was: Piwik)

(1) This website uses the web analysis service Matomo. Matomo serves to analyze and regularly improve the use of our website. The resulting statistics allow us to improve our services and make it more interesting for you as a user. The legal basis for the use of Matomo is Article 6 (1) of the GDPR and section 25 (1) of the TTDSG.

(2) For the evaluation process, cookies are stored on your computer. The information collected in this way is exclusively stored on a server run by the controller in Germany. You can avoid the evaluation by deleting existing cookies and preventing the storage of cookies. In case you prevent the storage of cookies, we would like to point out to you that you might not be able to use the website to its fullest. You avoid the storage of cookies by means of your browser settings. It is possible to prevent the use of Matomo by removing the statistics box checkmark in the cookie settings dialog.

(3) This website uses Matomo together with the ‘AnonymizeIP’ extension. As a result, IP addresses are abbreviated for further processing, so that direct personal references can be ruled out. The IP address that Matomo submits from your browser is not merged with other data collected by us.

(4) Matomo is open source. Information on data protection from the third party provider can be found at https://matomo.org/privacy/policy.

§ 11 pCon.login

(1) If you wish to use pCon.login, you must register by providing your title, name, e-mail address and a password. We use the so-called double opt-in procedure for registration, i.e. your registration is not completed until you have confirmed your registration by calling up a link contained in a confirmation e-mail sent to you. If you do not confirm your registration within 30 days, your registration will be automatically deleted. Depending on the functions and services to be used with pCon.login, further information may be required. In order to minimise the data to be collected, only those fields that are required for the functions and services you use are treated as mandatory fields. The mandatory fields are marked in the respective places. If you do not provide mandatory fields, you will not be able to use the corresponding functions and services, e.g. manufacturers will not be able to check your authorization to use OFML data and will reject your release request. All other information is voluntary.

(2) We will store your data required to provide the service until you permanently delete your access and the data is no longer required (e.g. for billing purposes). You can delete your access at any time and revoke your consent to data processing with effect for the future by calling up the function for deleting your user account in the user interface. You can view and correct your personal data at any time on the pCon.login website.

(3) If you use several employee user accounts within an organizational account at pCon.login, your user data will be shared within your organization as follows: Administrators in your organization have read and write access to the personal data of all employees. Standard users have read access to the names, email addresses and phone numbers of the administrators in your organization. All administrators have write access and all standard users have, at most, read access to the organization-related details (name, address, settings such as manufacturer catalogues). The purpose of this data sharing is to make it easier for you to use our services, in particular by requiring various administrative tasks to be performed only once for your organization instead of individually for each employee (e.g. requesting manufacturer catalogues). It is also intended to allow organizations to control the authorizations of their members, in particular, in the case of members leaving.

(4) If you use your pCon.login to log in to connected services (e.g. pCon.update, pCon.facts), the connected services have read access to all your personal data recorded in your user account. This also applies to third-party services. The purpose of this data sharing is to make it easier for you to use our services by requiring only one registration for all services and performing certain administrative tasks (e.g. obtaining manufacturer authorizations) only once. The third party service providers have been obligated by us to use your data in compliance with data protection provisions and for the intended purpose.

(5) If you use your pCon.login to subscribe or unsubscribe manufacturer catalogues or to suggest new manufacturers, details of your organization and the contact details of the initiating user are transmitted to the respective manufacturer. The manufacturer needs these details to check your authorization to use the OFML data and to contact you if they have any queries. The manufacturers have been obligated by us to use your data in compliance with data protection provisions and for the intended purpose.

(6) The information about your person, your organization, your manufacturer authorizations as well as information about the services you use connected to pCon.login (service name and date of use) are transmitted to the responsible EasternGraphics sales partner. The sales partners use this information to support you in case of technical problems, to assign you to user agreements (e.g. pCon.update user agreement) and to activate the corresponding functions and licences, to contact you in case of queries and for market analysis. The sales partners have been obligated by us to use your data in accordance with data protection provisions and for the intended purpose.

(7) We use your data stored at pCon.login for the following purposes:

  • Checking eligibility for the pCon community
  • Provision of pCon applications
  • Provision of licences
  • Sending information e-mails in case of new manufacturers and important changes at pCon.login
  • Support in case of technical problems
  • Monitoring and further development of the software systems
  • Market analyses

If you have any queries in this regard, we can contact you via any of the specified contact channels.

(8) When you use pCon.login to register with connected services, we collect the following usage data: name of the service, user concerned and date. This data is used within the framework of paragraphs 6, 7.

(9) If you use pCon.login and make certain settings (e.g. language, definition of table columns, login status), these settings are stored either in your user account or in your browser in the form of cookies or HTML 5 web storage. This data is used exclusively by you and serves to make it easier for you to use our services.

(10) When using pCon.login, usage data is generated in the form of the standard logs of the server software, e.g. log files of the web server (including IP address, time stamp), log files of the e-mail software (including destination address, time stamp). This data is used for monitoring and troubleshooting the respective software.

(11) Your data stored at pCon.login will also be transmitted to third countries within the framework of paragraphs 3, 4, 5 and 6 if the data recipients concerned are based in third countries.

(12) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

(13) The legal bases for data processing at pCon.login and the affiliated services are: provision of software and product data within the framework of licence and usage agreements: Art. 6 1. sentence 1 (b) GDPR. Verification of authorizations Art. 6 1. sentence 1 (f) GDPR. Technical monitoring, troubleshooting and further development of the software systems Art. 6 1. sentence 1 (f) GDPR. All other processing: Art. 6 1. sentence 1 (a) GDPR.

§ 11a pCon.update

(1) A pCon.login is required to use pCon.update. pCon.update is a service connected to pCon.login for the purpose of §11 para. 4.

(2) When you download installation packages (e.g. manufacturer catalogues) with pCon.update, we collect the following usage data: organization, channel, data package, package version, date, time, error code. This information is used for billing, error analysis, monitoring and further development of the software system and market analysis. In the case of manufacturer catalogues, this information plus the contact details of the respective channel administrators is provided to the manufacturer concerned. The manufacturers receive this data in order to be able to check the correctness of the billing, to be able to check the current distribution status of their data and for support in the event of technical problems.

(3) If you use the installation status notification in pCon.update DataClient PRO or DataPool (in DataClient/DataPool under Settings/Autom. installation/Email notification), the following information is stored on our server: specified computer name, unique ID of the computer, notification e-mail address, the notification options, result of the last update as well as the next due date of the next update for your computer. This information is used to send the desired notification e-mails. Furthermore, the data is used for error analysis and for monitoring and further development of the software system.

(4) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

§ 11b Use of additional product information

(1) In some pCon applications, additional product information (e.g. inspiration images, product brochures, operating instructions) can be used. If you are not logged in when using this information, no personal data is collected other than the usual web server logs. If you are logged in when using it, the product information service is to be regarded as a service connected to pCon. for the purpose of §11 para. 4.

(2) If you use an application that provides the additional product information and you are logged in, we collect the following usage data: date, time, user ID, pCon application, manufacturer, article number, information category, query duration. This information is used for error analysis, for monitoring and further development of the software system and for market analysis.

(3) To prevent unauthorised access to your personal data by third parties, all connections are encrypted using TLS technology.

§ 12 Use of the Amazon Simple Email Service

We would like to point out that we use Amazon Simple Email Service (Amazon SES) technologies from the technical provider Amazon Web Services (AWS), Inc. (410 Terry Avenue North, Seattle WA 98109, United States) when sending emails from our applications.

The storage and processing of the data on the servers of AWS takes place exclusively on the basis of your consent (Article 6 (1) point a of the GDPR) and within the EU.

Amazon Web Services is a provider from the USA and is certified in accordance with the Trans-Atlantic Data Privacy Framework.

This corresponds to an adequacy decision between the EU and the USA.

You can revoke the consent to the storage of data (e.g. e-mail address) and to its use, given by you, at any time.

The lawfulness of the data processing operations that have already taken place remains unaffected by the revocation.

We have concluded an order processing contract with Amazon SES (“Data Processing Addendum”, available at https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf), in which we oblige Amazon SES to protect our customers' data and not to pass it on to third parties.

For the transfer of data from the EU to other regions, Amazon SES refers to so-called Standard Contractual Clauses (SCC) for data transfers between EU and non-EU countries of the European Commission, which are intended to ensure compliance with the European level of data protection, e.g. also in the USA.

You can view the privacy policy of Amazon Web Services, Inc. here: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2020-08-15.pdf

en/legal_notice.txt · Last modified: 2024/08/27 15:07 by fbeetz

Page Tools



Legal Notice and Data Protection