Aydınlatma Metinleri

Data Privacy Statement

Note on the responsible body:

 

ORGADATA AG
Am Nesseufer 14
26789 Leer

We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with data protection regulations, in particular the European Data Protection Basic Regulation (EU DS-GVO) and the Federal Data Protection Act (BDSG-neu).

Cookie-Settings:  https://www.orgadata.com/en/cookie-consent/

General information on data processing

The information below gives an overview of the type, extent and purpose of collection, processing and disclosure of personal data, as well as the security precautions taken to protect this data.

Personal data refers to individual information about the personal or material circumstances of a specific or identifiable natural person, such as name, address, telephone number, date of birth, as well as your email and IP address.

Legal basis for the processing of personal data

  • Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a EU DS-GVO serves as the legal basis. You can revoke this processing at any time in the future in accordance with Article 7 (3) EU DS-GVO.
  • Article 6 (1) lit. b EU DS-GVO serves as the legal basis for the processing of personal data that is necessary for the performance of a contract or for the implementation of pre-contractual measures.
  • Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) lit. c EU DS-GVO serves as the legal basis.
  • If the processing is necessary to safeguard a legitimate interest of our company or of a third party and does not outweigh the interests, fundamental rights and freedoms of the data subject, Article 6 (1) lit. f EU DS-GVO serves as the legal basis for the processing. In this case, you have a right of objection under Article 21 EU DS-GVO.

Data deletion and storage period

Personal data will be deleted as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by statutory retention obligations to which our company is subject (e.g. retention periods of up to 10 years under accounting and tax law in accordance with the German Fiscal Code (AO) and German Commercial Code (HGB)). 

Provision of the Webseite

Use of hosting service providers

Our website is hosted on servers of a hosting service provider located in the EU on the basis of an order processing according to Art. 28 EU DS-GVO. Within the scope of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated in the course of technical communication between you and our website (e.g. server log files). He may not use these for his own purposes. The use of a hosting service provider is based on our legitimate interests in the provision of infrastructure and platform services, computing capacity, e-mail dispatch and security services in accordance with Art. 6 Para. 1 letter f EU DS-GVO.

Server log files

When you visit our website or use its services, the device with which you access the site automatically transmits log data (connection data) to our server. The corresponding information consists of:

  • Type and version of the browser you are using,
  • Type and version of the operating system you use,
  • Referrer URL of the page from which you reached our website,
  • Date and time of access to our website,
  • Name of the subpages you have called up,
  • IP address of your computer system,
  • Amount of data transferred in each case.

The collected data is used exclusively for statistical evaluations for the purpose of operation, security and optimization of the offer. For security reasons, however, we reserve the right to subsequently check the log data if there is a justified suspicion of illegal use based on concrete evidence. The data will not be stored longer than necessary for this purpose. This collection is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f EU DS-GVO.

Cookies

We use so-called cookies in some areas of the website in order to recognise visitor preferences and to be able to design the website in an optimal and attractive way. This facilitates navigation and a high degree of user-friendliness of the website. The processing by cookies represents a legitimate interest in accordance with Art. 6 para. 1 lit. f EU GDPR / § 25 para. 2 TDDDG (optimisation and economic operation of our online offer). In addition, the legal basis is Art. 6 para. 1 lit. a EU DS-GVO or § 25 para. 1 TDDDG, insofar as we require your consent for the use of cookies (e.g. for marketing or analysis purposes). 

Cookies are small text files that your browser automatically creates and stores on your device when you visit our website. Cookies do not damage your computer and do not contain viruses. Most of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer during your next visit (so-called permanent or session-spanning cookies). Thanks to these files, it is possible, for example, that you will be shown information on the site that is specifically tailored to your interests.

You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. If you completely exclude the use of cookies, you may not be able to use certain functions of this website.

Webcare

In order to obtain consent for the use of cookies on our website in accordance with data protection regulations, we use the Consent Banner of DataReporter WebCare. This is a service provided by DataReporter GmbH, Zeileisstraße 6, 4600 Wels, Austria ("DataReporter"). More information about this company can be found at www.datareporter.eu. The Consent Banner records and stores the consent to cookie use for the respective user of our website. Our Consent Banner ensures that statistical and marketing cookies are only set when the user has given his express consent to their use.

We store information on the extent to which the user has confirmed the use of cookies. The user's decision can be revoked at any time by calling up the setting for cookies and managing the declaration of consent. Existing cookies will be deleted after revocation of the consent. A cookie is also set to store information on the status of the user's consent, which is indicated in the cookie details. Furthermore, the IP address of the respective user is transmitted to DataReporter's server for calling this service. The IP address is neither stored nor associated with any other data of the user, it is only used for the correct execution of the service. The use of the above-mentioned data is therefore based on our legitimate interest in the legally compliant design of our website in accordance with Art. 6 para. 1 lit. f GDPR and Art. 6 para. 1 lit. c GDPR to comply with legal obligations and to provide evidence of the consent given. 

Further information can be found in the DataReporter data protection declaration at https://www.datareporter.eu/de/privacystatement.html Please feel free to send your enquiries about this service to office@datareporter.eu.

Security of your data

We use technical and organizational security measures to protect the data you provide us from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We therefore use SSL encryption for the transmission of confidential content, such as requests that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If the SSL encryption is activated, the data that you send to us cannot be read by third parties. Our security measures are developed further in accordance with the state of the art.

Contact

If you contact us (e.g. via contact form, e-mail, telephone, social media), your personal data will be stored and processed by us for the purpose of processing your enquiry and, if applicable, any related follow-up questions in accordance with Art. 6 Para. 1 letter b EU DS-GVO (in the context of pre-/contractual measures) or in accordance with Art. 6 Para. 1 letter f EU DS-GVO (general enquiries). We will not pass on this data without your respective consent.

The data provided by you will remain with us until you request us to delete it, object to its storage or until the purpose for which it was stored ceases to apply (i.e. after processing of your enquiry has been completed), unless this is contrary to any statutory storage obligations.

Registration for the "GoToWebinar" webinar

If you register for a webinar on our website, personal data will be collected. This includes the name, address, company, industry, telephone number and e-mail address as contact and communication data.

Your data will be used for the registration process, interest analysis and communication regarding the webinar and other topics. For this purpose we use "GoToWebinar", a service provided by LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson's Quay, Dublin 2, Ireland. LogMeIn processes your information on our behalf. We will only share your information with third parties if they participate in the webinar. The processing of your personal data is carried out on the basis of the execution of the contract (according to article 6 paragraph 1 lit. b EU DS-GVO). This data will be deleted in accordance with the statutory storage obligations.

Registration

If you register on our website in order to order goods, services and information in our online portal, personal data is collected. Registration enables access to services and contents that are only available to registered users. If necessary, registered users have the possibility to change or delete the data provided during registration at any time. Your data may be passed on to shipping and payment service providers commissioned by us to process your order. Any further transfer to third parties will not take place. The processing of your personal data is carried out on the basis of contract processing (in accordance with Art. 6 Par. 1 lit. b EU DS-GVO). These data are deleted in accordance with the statutory storage obligations.

Dialogue marketing for existing customers

As an existing customer, you will regularly receive information about our software products and services. This processing is carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in direct advertising or to inform our customers about current topics and offers from our company. You can object to the use of your data for sending information at any time without giving reasons in accordance with Art. 21 GDPR, without incurring any costs other than the transmission costs according to the basic tariffs. You will find a cancellation link at the end of each newsletter. 

Applicant management

The data transmitted in the context of the application procedure will be used for the purposes of application processing. The processing is based on Art. 6 Par. 1 lit. c,c EU DS-GVO in conjunction with § 26 BDSG-neu. During the application process, employees of the Human Resources Department and the position named in the advertisement will have access to the data you have provided. The parties involved have been expressly obliged to maintain confidentiality. Your data will be treated as strictly confidential and will not be passed on to third parties without your respective consent. Your application data will be deleted 180 days after the position has been filled. If you are also interested in positions advertised in the future, we need your written consent to store your application documents for a longer period of time. You can revoke this consent at any time for the future in accordance with Art. 7 Para. 3 EU DS-GVO. To do so, please send an e-mail with a corresponding note to the contact address given below.

If special categories of personal data within the meaning of Art. 9 (1) EU DS-GVO are voluntarily communicated as part of the application procedure, they will also be processed in accordance with Art. 9 (2) b EU DS-GVO.

Analysis tools

The analysis measures listed below and used by us are carried out on the basis of Art. 6 para. 1 lit. a EU DS-GVO (consent). With the use of these analysis measures, we want to ensure that our website is designed to meet your needs and is continuously optimised. By means of the analysis tools we record the use of our website pseudonymously and evaluate it for the purpose of optimising our offer.

You can withdraw your consent at any time with effect for the future.

Adobe Analytics

The controller uses Adobe Analytics on the website, a web analytics service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland (hereinafter: "Adobe"). In this context, pseudonymised usage profiles are created and cookies are used.

The information generated by the cookie about your use of our website will be transmitted to and stored by Adobe on servers in the United Kingdom. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Adobe data. The IP addresses are anonymised so that an allocation is not possible (IP masking).

If you log in to the website with access data, the controller combines the information collected via Adobe Analytics about your use of our website with other data relating to you that the controller has stored in its customer systems in order to be able to serve you optimised advertising content tailored to your needs, which is also in the legitimate interests of the controller.

You can allow the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) as well as the processing of this data by Adobe by consenting to the collection by Adobe Analytics (opt-in cookie). You can revoke your consent once given at any time under the following link: https://www.adobe.com/de/privacy/opt-out.html

Further information on data protection in connection with Adobe Analytics can be found here.

Adobe Target

The controller uses Adobe Target on the website, a web analytics service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland (hereinafter: "Adobe"). In this context, pseudonymised usage profiles are created and cookies are used to enable tests of our site and to be able to offer you the appropriate content when you visit our website again.

The information generated by the cookie about your use of our website will be transmitted to and stored by Adobe on servers in London, England. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Adobe data.

You can allow the collection of data generated by the cookie and related to your use of the website by consenting to the collection by Adobe Target. Once you have given your consent, you can revoke it at any time using the following link: https://www.adobe.com/de/privacy/opt-out.html

Further information on data protection in connection with Adobe Target can be found here.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Analytics uses so-called cookies. These are text files that are stored on your computer. They make it possible to analyse your use of the website. User and event data are automatically deleted after 14 months.

  • IP anonymisation

We have activated the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google uses this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and Internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

  • Browser plug-in / prevention of data collection

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that, if you do this, you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugging available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB

For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

  • Data processing agreement

We have entered into a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Ads

Our website uses the online advertising programme "Google Ads". The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Ads enables us to draw attention to our attractive offers with the help of advertising material on external websites. This allows us to determine how successful individual advertising measures are. For this purpose, Google stores a cookie in your browser when you visit Google services or websites in the Google advertising network. 

These cookies enable Google to recognise your internet browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical analyses from Google. These analyses enable us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information.

The legal basis for this processing is Art. 6 para. 1 lit. a EU GDPR (consent). You can deactivate the use of cookies by Google and thus revoke the consent you have given us for the use of the Google Ads service by following the following link and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin.

Further information on Google Ads and Google's privacy policy can be found at: https://support.google.com/My-Ad-Center-Help/answer/12155656?visit_id=638458414235011032-2255189398&rd=1 and on the legal basis for third country transfers: Data Privacy Framework (DPF); data processing conditions between controllers and standard contractual clauses for third country transfers of data: https://business.safety.google/adscontrollerterms.

Google Tag Manager

Google Tag Manager is used on our website. Google Tag Manager is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland with which we can manage website tags via an interface. The tool itself (which implements the tags) is a cookie-less domain that does not collect any personal data. The Google Tag Manager takes care of triggering other tags, which in turn may collect data. The Google Tag Manager does not access this data. If a deactivation has been made by the user at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. The tags used are named separately below and can be edited individually by you in the privacy settings, for example by deactivating cookies for these elements.

More information: https://www.google.de/tagmanager/use-policy.html.

Use of Meta services

Meta Pixel

This website uses the visitor action pixel from Meta to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Meta, the data collected is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Meta ad. This allows the effectiveness of the meta ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with the Meta Data Usage Policy. This enables Meta to place advertisements on Meta pages and outside Meta. This use of the data cannot be influenced by us as the website operator.

The use of meta pixels is based on Art. 6 para. 1 lit. f EU GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. A corresponding consent is requested for the processing of your data (e.g. consent to the storage of cookies). This processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a EU GDPR; consent can be revoked at any time.

You can find further information on protecting your privacy in Meta's privacy policy: https://www.facebook.com/about/privacy

You can also deactivate the remarketing function "Custom Audiences" in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen or on the website of the European Interactive Digital Advertising Alliance: https://www.youronlinechoices.com/uk/your-ad-choices.

Meta Ads (Ad manager)

We use Meta Ads to advertise this website on Facebook (by Meta) and on other platforms. The placement of advertisements within the Facebook platform and evaluation of the advertising results is carried out by the service provider Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

We determine the parameters of the respective advertising campaign. Meta is responsible for the exact implementation, in particular the decision on the placement of the adverts with individual users. User data, i.e. behavioural and interest data, is processed for the purposes of targeted advertising and targeting on the basis of the joint controllership agreement ("Controller Addendum", https://www.facebook.com/legal/controller_addendum). The joint controllership is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transfer of data to the parent company Meta Platforms, Inc. in the USA (on the basis of the standard contractual clauses concluded between Meta Platforms Ireland Limited and Meta Platforms, Inc.)

Based on the pseudonymous cookie ID set by Meta Pixel and the data collected about your usage behaviour on our website, we operate personalised advertising via Meta Pixel and measure your subsequent usage behaviour for web analysis and event tracking if you have reached our website via an advertisement from Meta Ads. 

LinkedIn Insight Tag

This website uses functions of the LinkedIn Insight Tag conversion tracking technology. The provider is LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn uses so-called "cookies". These are text files that are stored on your computer and enable personalised advertisements on LinkedIn. We also receive anonymous reports on the performance of the adverts and information on website interaction. The LinkedIn Insight Tag establishes a connection to the LinkedIn server, stores your data in encrypted form and anonymises it within seven days.

Please note that LinkedIn is also based in the USA and also processes user data in the USA. LinkedIn only transfers user data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 EU GDPR or on the basis of suitable guarantees in accordance with Art. 46 EU GDPR (e.g. standard contractual clauses). LinkedIn also undertakes to comply with the European level of data protection in the USA by providing appropriate guarantees. You can find more information on this at: https://www.linkedin.com/legal/l/lsa and https://www.linkedin.com/legal/l/eu-sccs

Further information on the collection and processing of your data using conversion tracking technology can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy. You can find further setting options to protect your privacy or opt-out in your user account at: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Third Party Content and Services

On the basis of our legitimate interest in accordance with Art. 6 Para. 1 lit. f EU DS-GVO, content, services and performances of other providers that supplement our offer are integrated within our online offer. With the use of the services listed below, we want to ensure that our website is designed to meet your needs and is continuously optimised.

Links to third party websites

On the basis of our legitimate interest, it may happen that links to other providers that supplement our offer are included within this online offer. When calling up websites referred to on this website, you may be asked again for information such as name, IP address, browser characteristics, etc. This privacy policy does not regulate the collection, transfer or handling of personal data by third parties. In this context, please note the special data protection declarations of the individual third-party providers and service providers whose links we include on our website.

Albacross

We obtain your consent to process personal data on behalf of Albacross Nordic AB ("Albacross"). The information collected by cookies on your device, which may be referred to as personal data, is processed by Albacross, a company that provides lead identification and ad targeting through its offices in Stockholm and Krakow. Please see below for full contact details.

Through the processing of personal data, Albacross may improve a service provided by us and our website (e.g. lead generation service) by adding data to the database of companies.

The data collected and used by Albacross is intended to provide information about the IP address you used to access our Website and technical information that allows Albacross to distinguish different users with the same IP address. Albacross stores the domain of the form input to assign the IP address to your employer. For full information on the processing of personal data, please refer to our Privacy Policy.

You can withdraw your consent to this processing at any time. Please address your withdrawal either to us or directly to Albacross: Albacross Nordic AB, Company reg. no 556942-7338, Kungsgatan 26, 111 35 Stockholm, Sweden

Microsoft Clarity

Personal data is processed when you visit this website. Processed data categories: data for creating usage statistics. Purpose of processing: Anonymization and creation of statistics and analysis of user behavior.

The legal basis for processing:Your consent according to Art. 6 (1) a GDPR. Data is transmitted: to the data controller Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. The legal basis for the data transfer to Microsoft Ireland Operations Ltd. is Your consent according to Art. 6 (1) a GDPR. This may also mean a transfer of personal data to a country outside the European Union.

The data is transferred to the USA on the basis of Art. 45 GDPR in conjunction with the European Commission's adequacy decision C(2023) 4745, since the data recipient has committed to comply with the data processing principles of the Data Privacy Framework (DPF). Information about DPF membership of Microsoft Ireland Operations Ltd. To contact the data protection officer by email Microsoft Ireland Operations Ltd.To contact the data protection officer by email Microsoft Ireland Operations Ltd.: To contact the data protection officer by email Microsoft Ireland Operations Ltd.To contact the data protection officer by email Microsoft Ireland Operations Ltd.: https://www.microsoft.com/de-at/concern/privacy. The privacy policy of Microsoft Ireland Operations Ltd.: https://privacy.microsoft.com/de-de/privacystatement.

Social Media

We maintain publicly accessible online presences in social networks to communicate with the customers and interested parties active there and to present our services.

We point out that user data may be processed outside the European Union. Furthermore, user data is generally processed for market research and advertising purposes. To the best of our knowledge, the providers also use cookies to store your usage behaviour (also across different end devices). This enables targeted advertising to be played out within the framework of the own platform as well as on third party sites.

The processing of users' personal data is based on our legitimate interest in effective information of users and communication with users in accordance with Art. 6 para. 1 lit. f. EU DS-GVO. If the users are asked by the respective platform providers for their consent to data processing or if the user voluntarily sends information to our online presences, the legal basis for processing is Art. 6 Para. 1 lit. a EU DS-GVO in conjunction with Art. 7 EU DS-GVO. If the information contains contractually relevant content, the legal basis is Art. 6 Paragraph 1 lit. b EU DS-GVO.

For a detailed presentation of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information provided by the providers.

Also in the case of requests for information and the assertion of user rights, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. Should you nevertheless require assistance, you can contact us.

Facebook and Instagram (Meta)

If you interact with our social media pages on Facebook and Instagram (comment, like posts or send us a message), your data will be stored by us. These social networks are operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: Meta).

When operating a company profile on these channels, Meta and our company are jointly responsible under data protection law in accordance with Art. 26 EU GDPR. Accordingly, we have concluded an agreement with Meta in which the respective obligations under the EU GDPR are regulated: https://www.facebook.com/legal/terms/page_controller_addendum.

Meta provides the profile operators with statistics and insights into the types of actions of our profile visitors (‘Page Insights’). We have no influence on the collection of this data by Meta. According to Meta, this data is only provided to us in anonymised form so that the user cannot be identified from the information.

Personal data will be deleted as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by statutory retention obligations to which our company is subject.

Please note that when you use and access our Facebook and Instagram pages, your personal data will also be processed by the provider Meta. Meta is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland and the parent company based in the USA. Meta processes your data in addition to the above-mentioned processing for analysis and advertising purposes. To the best of our knowledge, Meta also uses cookies that store your usage behaviour (including across different end devices). This enables Meta to display targeted advertising on its own platform and on third-party sites. Further information can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/, Instagram https://help.instagram.com/519522125107875.

Facebook and Instagram also offer the option to object to certain data processing; information and opt-out options in this regard can be found at: https://www.facebook.com/settings?tab=ads and https://www.instagram.com/accounts/privacy_and_security/. Please note that user data is also processed in the USA or other third countries in accordance with the Meta Privacy Policy. Meta only transfers user data to countries for which an adequacy decision has been issued by the European Commission in accordance with Art. 45 EU GDPR or on the basis of suitable guarantees in accordance with Art. 46 EU GDPR.

With regard to data processing via our Facebook and Instagram page, you also have the option of asserting your data subject rights against Meta. Further information on this can be found in Meta's privacy policy: https://www.facebook.com/about/privacy/.

Minors

Our online offer is basically aimed at persons of full age. Personal information of persons who have not yet reached the age of 16 may only be made available to us if the express consent of a parent or guardian has been obtained (Art. 8 EU DS-GVO). Processing without the consent of a parent or guardian is not permitted. We therefore reserve the right to delete all data relating to minors, unless we have the consent of a parent or guardian.

Your Rights

Upon written request, we will inform you in accordance with Art. 15 EU DS-GVO and our legal obligation under Art. 12 EU DS-GVO whether and which of your personal data is processed or stored by us. Furthermore, you have the right to correct incorrect data in accordance with Art. 16 EU DS-GVO, data transferability in accordance with Art. 20 EU DS-GVO, blocking and deletion of your personal data in accordance with Art. 17 EU DS-GVO - provided there are no legal obligations to retain data - and the right to restrict processing in accordance with Art. 18 EU DS-GVO. You also have the right to contact the competent supervisory authority in accordance with Art. 77 EU DS-GVO.

In addition, you have the right to object in accordance with Art. 21 EU GDPR if the processing is based on legitimate interests in accordance with Art. 6 para. 1 lit. f EU GDPR. 

Of course, you can revoke your consent for the future at any time in accordance with Art. 7 para. 3 EU DS-GVO. To do so, please contact us at the contact address given below.

If you have any questions regarding the processing of your personal data, you can contact our data protection officer, who is also available to you in the event of requests for information, suggestions or complaints.

Data protection officer of ORGADATA AG

Am Nesseufer 14
26789 Leer
E-mail: datenschutz@orgadata.com

Changes to our privacy policy

In order to ensure that our data protection declaration always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection declaration has to be adapted due to new or revised services, for example new services.

Status: December 2024

ORGADATA AYDINLATMA METNİ

Orgadata ile etkileşime geçildiğinde, kişisel bilgilerinizi bu Aydınlatma Metni’nde (“Metin”) belirtildiği şekilde toplanabilir ve kullanılabilir. Kişisel bilgilerinizin Orgadata ve dünya çapındaki bağlı kuruluşları (“Orgadata Grubu”) tarafından nasıl toplandığı, hangi amaçla ve hangi hukuki sebeple işlendiği, hangi amaç ve hukuki sebebe dayanarak aktarıldığı hususlarını açıklayan bu Metni dikkatle okuyunuz. Metin; size, kişisel bilgilerinize nasıl erişeceğinizi ve onları nasıl güncelleyeceğinizi ve kişisel bilgilerin nasıl kullanılacağı hakkında belirli seçimleri nasıl yapacağınızı ve 6698 sayılı Kişisel Verilerin Korunması Kanunu (“KVKK”) kapsamında ilgili kişi olarak haklarınızı açıklamaktadır.

Bu Metin, Orgadata tarafından KVKK 10. madde ve Aydınlatma Yükümlülüğünün Yerine Getirilmesinde Uyulacak Usul ve Esaslar Hakkında Tebliğ’den (“Tebliğ”) doğan aydınlatma yükümlülüğümüzü yerine getirmek amacıyla hazırlanmıştır.

1.  Kişisel Verilerinizin Toplanma Yöntemleri ve Toplanan Kişisel Veriler

Aşağıda yer alan kişisel verileriniz, Orgadata tarafından sunulan hizmet, ürün ya da ticari faaliyetin niteliği itibariyle farklılık gösterebilmekle birlikte otomatik ya da otomatik olmayan yöntemlerle, ofislerimiz, internet siteleri, gibi vasıtalarla sözlü, yazılı ve elektronik olarak, müşterilerimizin açık rızaları veya onayları ve mevzuat hükümleri uyarınca işlenmektedir.

Kimlik bilgileri; kategorisinde isim, soy isim, tarafınızca paylaşılması halinde cinsiyet, doğum tarihi ve meslek bilgisi, medeni durum, evlilik tarihi

İletişim bilgileri kategorisinde telefon numarası, e-posta adresi, telefon veya diğer çevrimiçi kanallar aracılığıyla bizimle iletişime geçtiğinizde, bize verdiğiniz diğer kişisel bilgiler

Lokasyon kategorisinde tedarikçilerden veya ürün alan kişilerden alınana adres bilgisi

Müşteri işlem bilgileri kategorisinde sipariş ve fatura bilgileri, teslimat işlem bilgileri, ürünlerimiz ile ilgili gerçekleşen işlem geçmişi bilgisi, talep ve şikâyet bilgileri

İşlem Güvenliği kategorisinde IP adresi bilgisi, bağlanılan ülke ve mobil cihazın tam konumu (uygun bildirim ve seçim hakkı sağlamış olmamız şartıyla) gibi konum verileri, çerez bilgileri

Finans bilgileri kategorisinde bizden ürün veya hizmet satın alırken verdiğiniz kredi kartı numaranız gibi finans bilgileri

Temin Edildiği Faaliyet

  • Otomatik Yöntemle
    Şirket faaliyetleri kapsamında Orgadata tarafından kullanılan uygulama ve yazılımlar üzerinden elde edilen bilgiler ile Orgadata web sitesi ziyaret edildiğinde alınan bilgiler
  •  Otomatik Olmayan Yöntemle
    Doğrudan sözlü veya yazılı olarak iletilen bilgiler, müşteri ilişkileri kapsamında müşterilerden alınan bilgiler
  •  Yarı Otomatik Yöntemle
    Orgadata’ ya e-posta yoluyla iletilmesi halinde

    Kişisel bilgilerinizi işlememize ve aktarmamıza rıza göstermeniz zorunlu değildir. Bununla birlikte bazı durumlarda kişisel bilgileriniz olmadan size hizmetlerimizin tümünü sağlayamayabileceğimizi hatırlatırız.

2. KİŞİSEL VERİLERİNİZİ HANGİ AMAÇLA VE HANGİ HUKUKİ GEREKÇE İLE İŞLİYORUZ?

Orgadata, kişisel verilerinizi aşağıdaki tabloda belirtilen amaçlar doğrultusunda ve aşağıda kategorize edilerek belirtilen hukuki sebepler ile işlemektedir:

Kişisel Veri Kategorisi

  • Kimlik (1)
  • İletişim (1)
  • Lokasyon (1)
  • Müşteri İşlem (1)
  • İşlem Güvenliği (2)
  • Finans (3)

İşleme Amacı

  • Denetim/Etik Faaliyetlerinin Yürütülmesi (1)
  • Eğitim Faaliyetlerinin Yürütülmesi (1)
  • Faaliyetlerin Mevzuata Uygun Yürütülmesi (1)
  • Finans ve Muhasebe İşlerinin Yürütülmesi (1)
  • İletişim Faaliyetlerinin Yürütülmesi (1)
  • İş Faaliyetlerinin Yürütülmesi/Denetimi (1)
  • İş Sağlığı/Güvenliği Faaliyetlerinin Yürütülmesi (1)
  • İş Süreçlerinin İyileştirilmesine Yönelik Önerilerin Alınması ve Değerlendirilmesi (1)
  • Mal/Hizmet Satış Süreçlerinin Yürütülmesi (1)
  • Müşteri İlişkileri Yönetimi Süreçlerinin Yönetilmesi (1)
  • Müşteri Memnuniyetine Yönelik Aktivitelerin Yürütülmesi (1)
  • Saklama ve Arşiv Faaliyetlerinin Yürütülmesi (1)
  • Tedarik Zinciri Yönetimi Süreçlerinin Yönetilmesi (1)
  • Sistemlerimizin, ağlarımızın ve personelimizin korunması (2)
  • Bilgi güvenliği süreçlerinin yürütülmesi (2)
  • Mal/Hizmet Satış Süreçlerinin Yürütülmesi (2)
  • Finans ve muhasebe işlerinin yürütülmesi (3)

Hukuki Sebep

  • Sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması (1)
  • İlgili kişinin temel hak ve özgürlüklerine sarar vermemek kaydıyla Şirket’in meşru menfaatleri için veri işlenmesinin zorunlu olması (1)
  • Hukuki yükümlülüklerin yerine getirilmesi için zorunlu olması (1)
  • Açık rıza bulunması halinde (1)
  • Bir sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması kaydıyla, sözleşmenin taraflarına ait kişisel verilerin işlenmesinin gerekli olması (2)
  • Veri sorumlusunun hukuki yükümlülüğünü yerine getirebilmesi için zorunluluk (3)
  • Bir sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması kaydıyla, sözleşmenin taraflarına ait kişisel verilerin işlenmesinin gerekli olması (3)

3. KİŞİSEL VERİLERİNİZİ KİMLERE VE HANGİ AMAÇ İLE AKTARIYORUZ?

Kişisel verileriniz aşağıdaki tablodaki şekilde yurt dışına aktarılmakta ve üçüncü kişilerle paylaşılmaktadır:

Aktarılan Kişi/Kuruluşlar

  • Hissedarlar (1)
  • İş Ortakları (1)
  • İştirakler ve bağlı ortaklıklar (1)
  • Topluluk Şirketleri (1)
  • Tedarikçiler (2)
  • Yetkili Kamu Kurum ve Kuruluşları (3)

Aktarım Amaçları

  • Mal/Hizmet ve satış sonrası hizmet faaliyetlerinin yürütülebilmesi (1)(2)
  • Finans ve muhasebe işlerinin yürütülmesi (1)(2)
  • Hukuk işlerinin takibi ve yürütülmesi (3)

Hukuki Sebep

  • KVKK m. 9/1 Kişisel verilerin yurtdışına aktarılması amacıyla açık rıza alınması (1)
  • Sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması (2)
  • İlgili kişinin temel hak ve özgürlüklerine zarar vermemek kaydıyla Şirket’in meşru menfaatleri için veri işlenmesinin zorunlu olması (2)
  • Kanunlarda açıkça öngörülmesi (3)

Kişisel verilerin üçüncü kişiler ile paylaşımı, ilgili kişilerin izni çerçevesinde gerçekleşmekte ve kural olarak ilgili kişilerin açık rızası olmaksızın kişisel veriler üçüncü kişilere aktarılmamaktadır. Bununla birlikte, yasal yükümlülüklerimiz nedeniyle ve bunlarla sınırlı olmak üzere mahkemeler ve diğer kamu kurumları ile kişisel veriler paylaşılmaktadır. Ayrıca, taahhüt ettiğimiz hizmetleri sağlayabilmek ve verilen hizmetlerin kalite kontrolünü yapabilmek için anlaşmalı üçüncü kişilere mevzuatın öngördüğü sınırlar dahilinde kişisel veri aktarımı yapılmaktadır. Üçüncü kişilere veri aktarımı sırasında hak ihlallerini önlemek için gerekli teknik ve idari tedbirler alınmaktadır. Üçüncü kişilerin veri koruma politikalarından dolayı ve üçüncü kişinin sorumluluğundaki risk alanında meydana gelen ihlallerden Orgadata sorumlu değildir.

4. KİŞİSEL BİLGİLER NEREDE SAKLANIR?

Orgadata; merkezi Almanya olan global bir şirkettir. Kişisel bilgileriniz Orgadata'nın veya ilgili hizmet sağlayıcılarının faaliyette bulunduğu herhangi bir yere aktarılabilir, herhangi bir yerde işlenebilir. Kişisel verileriniz lokal serverlerda ve/veya bulut serverlarında saklanabilir.

Kişisel bilgilerinizi, bu bildirimde belirtilen amaçlarla, ikamet ettiğiniz ülkenin dışında işlenebilir. Kişisel bilgilerinizi diğer ülkelere aktarıldığında, ulusal ve uluslararası hukuk bağlamında geçerli mevzuatın uygulanması sağlanır. Sizin onayınıza dayalı olarak yasaların gerektirdiği ölçülerde hareket edilir.

5. ORGADATA KİŞİSEL BİLGİLERİ NE KADAR SÜRE TUTACAKTIR?

Kişisel verileriniz, saklanma amacı artık geçerli olmadığında silinecektir. Ayrıca kişisel verileriniz düzenleyici ve yasal kayıt tutma yükümlülüklerinin yerine getirilmesi amacıyla gerekli olan süre kadar tutulacaktır. Bundan sonra artık sizinle ilişkili olmaması için söz konusu bilgiler silme, yok etme veya anonim hale getirme yöntemlerinden uygun olan yöntem kullanılmak suretiyle kaldırılır.

6. KİŞİSEL VERİLERİNİZİN KORUNMASI İÇİN NELER YAPIYORUZ?

Orgadata, kişisel bilgilerin kötüye kullanımının, kaybolmasının ve bunlara izinsiz erişimin veya bunların açıklanmasının engellenmesini sağlamak amacıyla uygun fiziksel, idari, teknik ve kurumsal önlemleri uygulamaya koymuştur. Güvenlik önlemlerimiz uygun erişim kontrolünü ve düzenli güvenlik değerlendirmelerini içerir.

7. KVKK MADDE 11 UYARINCA HAKLARINIZ

KVKK madde 11 uyarınca aşağıda sıralanan haklarınızı kullanabilirsiniz:

a) Kişisel veri işlenip işlenmediğini öğrenme,
b) Kişisel verileri işlenmişse buna ilişkin bilgi talep etme,
c) Kişisel verilerin işlenme amacını ve bunların amacına uygun kullanılıp kullanılmadığını öğrenme,
ç) Yurt içinde veya yurt dışında kişisel verilerin aktarıldığı üçüncü kişileri bilme,
d) Kişisel verilerin eksik veya yanlış işlenmiş olması hâlinde bunların düzeltilmesini isteme,
e) 7 nci maddede öngörülen şartlar çerçevesinde kişisel verilerin silinmesini veya yok edilmesini isteme,
f) (d) ve (e) bentleri uyarınca yapılan işlemlerin, kişisel verilerin aktarıldığı üçüncü kişilere bildirilmesini isteme,
g) İşlenen verilerin münhasıran otomatik sistemler vasıtasıyla analiz edilmesi suretiyle kişinin kendisi aleyhine bir sonucun ortaya çıkmasına itiraz etme,
ğ) Kişisel verilerin kanuna aykırı olarak işlenmesi sebebiyle zarara uğraması hâlinde zararın giderilmesini talep etme, haklarına sahiptir.

BİZE ULAŞIN

KVKK madde 11 uyarınca haklarınızı kullanabilmek veya kişisel verileriniz işlenmesi veya aktarılmasına dair daha detaylı bilgi edinmek üzere aşağıdaki seçeneklerden birini kullanarak bize ulaşabilirsiniz:

  • Gökevler Mahallesi 2312. Sokak Kristal Şehir Sitesi. 18. Blok Apt. No: 18J-114 34510 Esenyurt/İstanbul Türkiye
  •  info@orgadata.com.tr
  • +90 212 445 91 53 

ÇALIŞAN ADAYLARINA YÖNELİK AYDINLATMA METNİ

Orgadata Yazılım Ticaret Limited Şirketi (“Orgadata”) ve dünya çapındaki bağlı kuruluşları (“Orgadata Grubu”), kişisel bilgilerinizi korumayı taahhüt eder. Kişisel Verilerinizi (veri sorumlusu olarak) Orgadata Aydınlatma Metni ve bu Çalışan Adaylarına Yönelik Aydınlatma Metni (” Aydınlatma Metni”) ile belirlenen işleme ve aktarım şartlarına uygun olarak 6698 sayılı Kişisel Verilerin Korunması Kanunu ("Kanun” veya “KVKK”) uyarınca işleriz. Bu Aydınlatma Metninin değişikliğe uğraması halinde size uygun bir bildirimde bulunacağız.

Bu Aydınlatma Metni, Orgadata tarafından KVKK 10. madde ve Aydınlatma Yükümlülüğünün Yerine Getirilmesinde Uyulacak Usul ve Esaslar Hakkında Tebliğ’den (“Tebliğ”) doğan aydınlatma yükümlülüğümüzü yerine getirmek amacıyla hazırlanmıştır.

1. Kişisel Verilerin Toplanma Yöntemleri ve Toplanan Kişisel Veriler

Aşağıdaki kişisel verileriniz, Orgadata tarafından otomatik ya da otomatik olmayan yöntemlerle, sözlü, yazılı ve elektronik olarak, çalışanların açık rızaları veya onayları ve mevzuat hükümleri uyarınca işlenmektedir.

Kimlik bilgileri; kategorisinde isim, soy isim, tarafınızca paylaşılması halinde cinsiyet, doğum tarihi ve meslek bilgisi, medeni durum, evlilik tarihi

İletişim bilgileri kategorisinde telefon numarası, e-posta adresi, telefon, çevrimiçi kanallar aracılığıyla bizimle iletişime geçtiğinizde, bize verdiğiniz diğer kişisel bilgiler

Lokasyon kategorisinde adres bilgisi

Eğitim, İş ve Profesyonel Yaşama İlişkin Bilgiler (Mesleki Deneyim ve Özlük) kategorisinde; meslek, unvan, çalışma bilgisi, eğitim durumu, diploma bilgileri, gidilen kurslar, meslek içi eğitim bilgileri, sertifikalar, transkript bilgileri

Temin Edilme Yöntemleri

  • Otomatik Yöntemle
    Şirket faaliyetleri kapsamında kullanılan uygulama ve yazılımlar, istihdam platformları üzerinden edinilen özgeçmişler vasıtasıyla
  • Otomatik Olmayan Yöntemle
    Doğrudan sözlü veya yazılı olarak tarafınızdan iletilen bilgiler, insan kaynakları özlük bilgilerinden alınan veriler
  • Yarı Otomatik Yöntemle
    Özgeçmiş vb. insan kaynakları süreçlerine ilişkin dokümanların Orgadata’ya e-posta yoluyla iletilmesi halinde

2. İşleme Faaliyetlerinin Amacı ve Hukuki Sebebi

Kişisel verileriniz aşağıdaki kategorize edilen amaçlar doğrultusunda işlenmektedir:

Kişisel Veri Kategorisi

  • Kimlik (1)
  • İletişim (1)
  • Lokasyon (1)
  • Özlük (1)
  • Mesleki Deneyim (1)
  • Sağlık Bilgileri (2)

İşleme Amacı

  • Çalışan adaylarının iş başvuru süreçlerinin yürütülmesi (1)
  • İnsan kaynakları süreçlerinin yürütülmesi (1)
  • Özel statüde bulunan adaylar açısından “engellilik” durumu kapsamında hukuki süreçlerin yerine getirilmesi (2)

Hukuki Sebep

  • Sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması (1)
  • İlgili kişinin temel hak ve özgürlüklerine zarar vermemek kaydıyla Şirket’in meşru menfaatleri için veri işlenmesinin zorunlu olması (1)
  • Hukuki yükümlülüklerin yerine getirilmesi için zorunlu olması (1)
  • Hukuki yükümlülüğün yerine getirilebilmesi için zorunlu olması (2)

3.      Kişisel Verilerin Aktarım Amacı ve Hukuki Sebebi

Kişisel verileriniz aşağıdaki şekilde yurt dışına aktarılmakta ve üçüncü kişilerle paylaşılmaktadır;

Aktarılan Kişi/Kuruluşlar

  • Hissedarlar
  • Topluluk Şirketleri

Aktarım Amaçları

  • İşe ve iş sürekliliği faaliyetlerinin yürütülebilmesi
  • İnsan kaynakları süreçlerinin planlanması ile İnsan Kaynakları politikalarının geliştirilmesinin ve sürdürülmesinin planlanması

Hukuki Sebep

  • KVKK m. 9/1 Kişisel verilerin yurtdışına aktarılması amacıyla açık rıza alınması

Kişisel verilerin üçüncü kişiler ile paylaşımı, ilgili kişilerin izni çerçevesinde gerçekleşmekte ve kural olarak ilgili kişilerin açık rızası olmaksızın kişisel veriler üçüncü kişilere aktarılmamaktadır. Ayrıca, taahhüt ettiğimiz hizmetleri sağlayabilmek ve verilen hizmetlerin kalite kontrolünü yapabilmek için anlaşmalı üçüncü kişilere mevzuatın öngördüğü sınırlar dahilinde kişisel veri aktarımı yapılmaktadır. Üçüncü kişilere veri aktarımı sırasında hak ihlallerini önlemek için gerekli teknik ve idari tedbirler alınmaktadır. Üçüncü kişilerin veri koruma politikalarından dolayı ve üçüncü kişinin sorumluluğundaki risk alanında meydana gelen ihlallerden Orgadata sorumlu değildir.

4. Kişisel Veriler ile ilgili Haklar

Kişisel Verilerinizle ilgili olarak 6689 sayılı Kişisel Verilerin Korunması Kanunu madde 11 uyarınca sayılan aşağıdaki haklara sahipsiniz:

a) Kişisel veri işlenip işlenmediğini öğrenme
b) Kişisel verileri işlenmişse buna ilişkin bilgi talep etme
c) Kişisel verilerin işlenme amacını ve bunların amacına uygun kullanılıp kullanılmadığını öğrenme
ç) Yurt içinde veya yurt dışında kişisel verilerin aktarıldığı üçüncü kişileri bilme
d) Kişisel verilerin eksik veya yanlış işlenmiş olması hâlinde bunların düzeltilmesini isteme
e) 7 nci maddede öngörülen şartlar çerçevesinde kişisel verilerin silinmesini veya yok edilmesini isteme
f) (d) ve (e) bentleri uyarınca yapılan işlemlerin, kişisel verilerin aktarıldığı üçüncü kişilere bildirilmesini isteme
g) İşlenen verilerin münhasıran otomatik sistemler vasıtasıyla analiz edilmesi suretiyle kişinin kendisi aleyhine bir sonucun ortaya çıkmasına itiraz etme
ğ) Kişisel verilerin kanuna aykırı olarak işlenmesi sebebiyle zarara uğraması hâlinde zararın giderilmesini talep etme

Kişisel Veriler ile ilgili 6689 sayılı Kişisel Verilerin Korunması Hakkında Kanun madde 11 kapsamında sayılan haklarınızı kullanmak veya bu haklarla ilgili soru sormak amacıyla aşağıdaki kanallardan bize ulaşabilirsiniz:

  • Gökevler Mahallesi 2312. Sokak Kristal Şehir Sitesi. 18. Blok Apt. No: 18J-114 34510 Esenyurt/İstanbul Türkiye
  • info@orgadata.com.tr
  • +90 212 445 91 53