ambiFOX

Privacy policy

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.

This privacy policy applies to the website of ambiFOX GmbH, which can be accessed under the domain status.ambifox.com .

Who is responsible and how do I contact you?

Person in charge

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

ambiFOX GmbH
Fleehook 1
48683 Ahaus – DE
+49 (0) 2561 8693 – 0
post@ambiFOX.com

DATA PROTECTION SUPERVISOR

We have appointed a data protection officer, who can be reached by e-mail at the e-mail address datenschutz@ambifox.com or by post at the above address. Please provide postal correspondence with the addition “Data protection – personal / confidential”

What is it about?

This privacy policy meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior when visiting a website. Information for which we cannot (or only with a disproportionate effort) relate to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and in the presence of statutory retention obligations.

What rights do I have?

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights:

  • Information pursuant to Article 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
  • Correction pursuant to Article 16 GDPR of incorrect or incomplete data stored by us;
  • Deletion in accordance with Article 17 GDPR of the data stored by us, insofar as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Restriction of processing in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Article 21 GDPR.
  • Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transmit the data directly to another person responsible, as far as this is technically feasible.
  • Objection pursuant to Art. 21 GDPR against the processing of your personal data, insofar as this is based on Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing are proven or the processing is carried out to assert, exercise or defend legal claims. Insofar as the right to object to individual processing operations does not exist, this is stated there.
  • Revocation in accordance with Article 7 (3) GDPR of your consent with effect for the future.
  • Complaint pursuant to Article 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.
Who gets my data?

We only pass on your personal data, which we process on our website, to third parties if this is necessary for the fulfilment of the purposes and is covered by the legal basis (e.g. consent or protection of legitimate interests) in individual cases. In addition, we pass on personal data to third parties in individual cases if this serves the establishment, exercise or defence of legal claims. Possible recipients can then be, for example, law enforcement authorities, lawyers, auditors, courts, etc.

Insofar as we use service providers for the operation of our website who process personal data in accordance with Article 28 GDPR in the context of order processing on our behalf, these may be recipients of your personal data. Further information on the use of processors and web services can be found in the overview of the individual processing operations.

Do you use cookies?

Cookies are small text files that are sent by us to the browser of your device during your visit to our website and stored there. As an alternative to the use of cookies, information may also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses, so that, for example, we are able to recognise the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website.

How is my data processed in detail?

Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Type and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Purpose and legal basis

The processing takes place to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of Art. 6 para. lit. f GDPR. The collection of data and the storage in log files is absolutely necessary for the operation of the website. There is no right to object to processing due to the exception under Article 21 (1) GDPR. Insofar as the further storage of the log files is required by law, the processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically not possible to access our website without providing the data.

Hosting

Our website is not hosted by ourselves, but by a service provider who processes the aforementioned data on our behalf in accordance with Article 28 GDPR for the purpose of the GDPR.

Storage PERIOD

The aforementioned data will be stored for the duration of the display of the website.

Technical storage period

The aforementioned data for the display of the website will be stored for a maximum of 7 days for technical reasons.

Instatus

We use hosting. Provider is Instatus, Inc, 9450 SW Gemini Dr PMB 30900 Beaverton, Oregon, USA (Delaware C Corporation)

Instatus offers globally distributed hosting for status pages. Technically, the transfer of information between your browser and our website is routed via the Instatus network  . This allows us to increase the worldwide accessibility and performance of our website.

The use of Instatus is based on our legitimate interest in the most error-free and secure provision of our website (Art. 6 para. 1 lit. f GDPR).

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here https://instatus.com/instatus-dpa-2022-06.pdf.

More information about Instatus can be found here: https://instatus.com/policies/gdpr.

Data Processing

We have concluded a contract for order processing (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

SendGrid

This website uses SendGrid to send mails. Provider is Twilio Inc.  (Delaware corporation), 101 Spear Street, 1st Floor, San Francisco, California, 94105, United States of America (hereinafter “SendGrid”).  SendGrid is a service that  can be used to organize the sending of e-mails. The data entered by you for the purpose of receiving e-mails(e.g. e-mail address) will be stored on SendGrid’s servers. 

Data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the e-mail . The legality of the data processing operations already carried out remains unaffected by the revocation.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.twilio.com/legal/data-protection-addendum.

 The data stored by you for the purpose of receiving e-mails will be stored by us  or e-mail providers until you unsubscribe from us or .dem e-mail provider and deleted  from the  list of e-mailers after unsubscribing. Data stored by us for other purposes remains unaffected.

After you have been removed from thelist of providers, your e-mail address may be stored in a blacklist by us or .dem third party provider, if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

For more information, please refer to SendGrid’s privacy policy at: https://www.twilio.com/legal/privacy.

Data Processing

We have concluded a contract for order processing (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Handling of data from business partners (customers, interested parties, suppliers)

We collect personal data for the purpose of executing the contract, fulfilling contractual and pre-contractual obligations and for direct advertising. The data collection and data processing is necessary for the execution of the contract and is based on Article 6 (1) (b) GDPR. The use of personal data for advertising purposes represents a legitimate interest of our company (Art. 6 para. 1 f) GDPR). A transfer of the data to third parties takes place if this is necessary for the fulfillment of the order (e.g. complaints). The data will be deleted as soon as they are no longer necessary for the purpose of their processing. You have the right to object to the use of your data for direct marketing purposes at any time. In addition, you are entitled to request information about the data stored by us about you and to request the correction of the data in the event of inaccuracy or, in the event of inadmissible data storage, the deletion of the data. To assert your rights, please use the above contact details.