Data protection
DATA PROTECTION
General Information
These privacy notices for ARSA Infotech GmbH (“we,” “us,” or “our”) describe how and why we access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:
- Visit our website at [https://arsa-infotech.com](https://arsa-infotech.com) or any of our websites that link to this privacy notice
- Use business intelligence and data analytics services. We offer services such as the design and implementation of BI strategies, execution of BI solutions, optimization of existing BI systems, employee training, and integration of BI systems with other enterprise applications.
- Interact with us in other ways, including sales, marketing, or events
Questions or concerns?
These privacy notices help you understand your privacy rights and choices. We are responsible for deciding how your personal data is processed. If you do not agree with our policies and practices, please do not use our services. If you still have questions or concerns, please contact us at: jmeyerohlendorf@arsa-infotech.com
SUMMARY OF KEY POINTS
This summary contains the key points of our privacy policy. You can learn more about these topics by clicking the link under each key point or using our table of contents below to find the desired section.
- What personal data do we process? When you visit, use, or navigate our services, we may process personal data. This depends on how you interact with us and the services, the choices you make, and the products and features you use.
- Do we process sensitive personal data? Some information may be considered “special” or “sensitive” in certain jurisdictions (e.g., racial or ethnic origin, sexual orientation, religious beliefs). We do not process sensitive personal data.
- Do we collect information from third parties? We do not collect data from third parties.
- How do we process your data? We process your data to provide, improve, and manage our services, communicate with you, ensure security, prevent fraud, and comply with legal requirements. With your consent, we may also process your data for other purposes. We process your data only when we have a valid legal basis.
- What rights do you have? Depending on your location, you may have certain rights under applicable privacy laws regarding your personal data.
- How do you exercise your rights? You can most easily exercise your rights by submitting a personal data access request or contacting us. We will review and act upon any request in accordance with applicable data protection laws.
Want to know more about what we do with the information we collect? Read the full privacy policy.
TABLE OF CONTENTS
1. What information do we collect?
2. How do we process your information?
3. What legal bases do we rely on to process your personal data?
4. When and with whom do we share your personal data?
5. Do we use cookies and other tracking technologies?
6. How long do we keep your information?
7. How do we keep your information safe?
8. Do we collect information from minors?
9. What privacy rights do you have?
10. Controls for Do-Not-Track features
11. Do we update this notice?
12. How can you contact us about this notice?
13. How can you review, update, or delete the data we collect from you?
1. WHAT INFORMATION DO WE COLLECT?
Personal information you disclose to us
In short:
We collect personal information that you provide to us.
We collect personal data that you voluntarily provide when you express interest in obtaining information about us or our products and services, when you participate in activities related to the services, or when you contact us otherwise.
Personal information provided by you: The personal data we collect depends on the context of your interactions with us and the services, the choices you make, and the products and features you use. This can include:
- Names
- Phone numbers
- Email addresses
Sensitive information: We do not process sensitive information.
All personal data you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal data.
2. HOW DO WE PROCESS YOUR INFORMATION?
In short:
We process your data to provide, improve, and manage our services, communicate with you, for security and fraud prevention, and to comply with legal requirements. We may also process your data for other purposes with your consent.
We process your personal data for various reasons, depending on how you interact with our services, including:
- To protect vital interests: We may process your data when necessary to protect vital interests of a person, such as preventing harm.
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR DATA?
In short:
We only process your personal data when necessary and when we have a valid legal basis to do so under applicable law, such as your consent, compliance with laws, providing services, fulfilling contracts, protecting your rights, or pursuing legitimate business interests.
Legal bases under the GDPR and UK GDPR include:
- Consent: We may process your data when you have permitted us (i.e., given consent) to use your personal data for a specific purpose. You may withdraw your consent at any time. Learn more about withdrawal of consent.
- Legal obligations: We may process your data when we believe it is necessary to fulfill our legal obligations, for example to cooperate with law enforcement or a regulatory authority, to exercise or defend our legal rights, or to disclose your data as evidence in legal proceedings in which we are involved.
- Vital interests: We may process your data when we consider it necessary to protect your vital interests or the vital interests of third parties, for example in situations where the safety of a person is potentially at risk.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
In short: We may share information in certain situations described in this section with the following third parties.
- Business transfers: In connection with or during negotiations of a merger, sale of company assets, financing, or acquisition of our business by another company.
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
In short:
Yes, we may use cookies and other tracking technologies to collect and store your information, including for analytics and advertising purposes. Details are in our cookie notice.
We may use cookies and similar tracking technologies (such as web beacons and pixels) to collect information when you interact with our services. Some online tracking technologies help us ensure the security of our services, prevent crashes, fix bugs, save your settings, and support basic site functions.
We also allow third parties and service providers to use online tracking technologies in our services for analytics and advertising purposes, including managing and displaying ads, customizing advertising to your interests, or sending reminders about abandoned shopping carts (depending on your communication preferences). Third parties and service providers use the technologies they provide to serve advertising for products and services tailored to your interests, which may appear either in our services or on other websites.
Specific information about how we use such technologies and how you can refuse certain cookies can be found in our Cookie Notice.
---
6. HOW LONG DO WE KEEP YOUR INFORMATION?
In short:
We keep your data only as long as necessary to fulfill the purposes outlined in this privacy policy, unless otherwise required by law. Generally, no longer than one year.
We keep your personal data only as long as necessary for the purposes stated in this privacy policy, unless a longer retention period is required or permitted by law (for example for tax, accounting, or other legal reasons). No purpose in this notice requires us to keep your personal data longer than 1 year.
If we no longer have a continuing legitimate business need to process your personal data, we will either delete or anonymize such information, or, if this is not possible (for example because your personal data is stored in backup archives), we will securely store your personal data and isolate it from any further processing until deletion is possible.
7. HOW DO WE KEEP YOUR INFORMATION SAFE?
In short:
We aim to protect your personal information through organizational and technical security measures, but no method of transmission or storage is 100% secure.
We have implemented appropriate and reasonable technical and organizational security measures to protect the personal data we process. However, despite our safeguards and efforts to secure your data, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Therefore, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to circumvent our security and unlawfully collect, access, steal, or alter your data. Although we do our best to protect your personal data, the transmission of personal data to and from our services is at your own risk. You should only access the services within a secure environment.
8. DO WE COLLECT INFORMATION FROM MINORS?
In short:
We do not knowingly collect or market to children under 18 years old. If we discover such data has been collected, we will delete it.
We do not knowingly collect, request, or market data from children under 18, nor do we knowingly sell such personal data. By using the services, you declare that you are at least 18 years old or that you are the parent or guardian of such a minor and consent to the minor’s use of the services. If we learn that personal data from users under 18 years old has been collected, we will deactivate the account and take reasonable steps to promptly delete such data from our records. If you become aware that we have collected data from children under 18, please contact us at jmeyerohlendorf@arsa-infotech.com.
9. WHAT PRIVACY RIGHTS DO YOU HAVE?
In short:
In certain regions (e.g., EEA, UK, Switzerland), you have rights such as access, correction, deletion, restriction of processing, and data portability. You may also object to processing in certain circumstances.
In some regions (such as the EEA, UK, and Switzerland), you have certain rights under applicable data protection laws. These include the right (i) to request access to and receive a copy of your personal data, (ii) to request rectification or deletion, (iii) to restrict the processing of your personal data, (iv) where applicable, to data portability, and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal data. You can make such a request by contacting us using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.
We will review and act upon any request in accordance with applicable data protection laws.
If you are in the EEA or UK and believe we are unlawfully processing your personal data, you also have the right to lodge a complaint with your Member State’s data protection authority or the UK data protection authority.
If you are resident in Switzerland, you may contact the Swiss Federal Data Protection and Information Commissioner.
Withdrawal of your consent: If we rely on your consent to process your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us using the contact details in the section “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” below.
Please note that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect processing of your personal data carried out on the basis of other lawful processing grounds.
Cookies and similar technologies: Most web browsers accept cookies by default. You can, however, set your browser to remove or reject cookies. If you remove or reject cookies, it could affect certain features or services of our services. For more information, please see our Cookie Notice.
If you have questions or comments about your privacy rights, you may email us at jmeyerohlendorf@arsa-infotech.com.
10. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference that data about your online browsing activities not be monitored and collected. At this time, no uniform technology standard for recognizing and implementing DNT signals has been finalized, and therefore we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. Should a standard for online tracking be adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.
11. DO WE UPDATE THIS NOTICE?
In short:
Yes, we update this privacy policy as necessary to remain compliant with relevant laws.
We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date at the top of this privacy policy. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed about how we are protecting your information.
12. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO) by email at jmeyerohlendorf@arsa-infotech.com, or by post at:
ARSA Infotech GmbH
Data Protection Officer
Rotdornpfad 22
Bremen, Bremen 28355
Germany
13. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
You have the right to request access to the personal data we collect from you, details on the processing of this data, correction of inaccuracies, or deletion of your personal data. You may also have the right to withdraw your consent to the processing of your personal data. These rights may be limited under applicable law. To request to review, update, or delete your personal data, please complete and submit a personal data access request.
