Privacy Policy - Secure Workspace

Privacy Policy

Last updated: January 1, 2025

1. General Information

This Privacy Policy provides an overview of what happens to your personal data when you visit our website. Personal data refers to any data with which you could be personally identified.

2. Responsible Entity

Responsible entity for data processing on this website:

Heidl IT
Unterfeldweg 12a
85276 Pfaffenhofen an der Ilm
Germany

Contact:
Phone: +49 8441 1234567
Email: info@secure-ws.de

The responsible entity is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

3. Data Collection on Our Website

3.1 Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes, for example:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website.

3.2 Cookies

Our website uses cookies in some areas. Cookies do not harm your computer and do not contain viruses. Cookies help make our website more user-friendly, efficient, and secure. Most of the cookies we use are “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them.

Cookies are stored on the basis of Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services.

3.3 Contacting Us

If you contact us by email, your inquiry, including all the personal data you provide (e.g., name and contact details), will be stored by us for the purpose of processing your request and for follow-up questions. We will not share this data without your consent.

4. Analytics Tools

We may use third-party tools on our website (e.g., Google Analytics) to analyze your browsing behavior. Detailed information on these tools may be provided in a separate section or in an extended Cookie Policy. Processing takes place either on the basis of Art. 6(1)(f) of the GDPR or your explicit consent (Art. 6(1)(a) GDPR).

5. Collection and Processing of Personal Data

We collect and process the following personal data from employees and customers (as well as company addresses) when you use our services:

  • Company addresses (e.g., company name, address)
  • Personal data of employees and customers (e.g., name, email address)

This data is particularly used to:

  • Send emails (e.g., information, scheduling, or notifications)
  • Provide authentication for releasing and accessing monthly reports or other protected content

5.1 Legal Basis

The processing of this data is based on Art. 6(1)(b) of the GDPR (fulfillment of a contract or steps prior to entering into a contract), insofar as the data is required to provide our services, and/or on Art. 6(1)(f) of the GDPR (legitimate interest), if we have an overriding interest in providing our services to you securely and efficiently or in informing you about important updates.

If consent (Art. 6(1)(a) of the GDPR) is required (e.g., for newsletter sign-ups), we will obtain it separately and record it. Consent may be revoked at any time with effect for the future.

5.2 Storage Location and Retention Period

All personal data you enter will be stored in a Microsoft Cloud data center located in Germany (Frankfurt). In accordance with applicable data protection regulations (possibly including EU Standard Contractual Clauses or equivalent guarantees), Microsoft is contractually obligated to ensure the protection of your data. We have concluded a Data Processing Agreement (DPA) with Microsoft, which governs the protection of your personal data in accordance with the GDPR.

Data is generally stored only for as long as is necessary to fulfill the respective purpose or to comply with statutory retention requirements (e.g., under tax and commercial laws). Once the purpose of processing no longer applies and no legal retention periods remain, the data will be deleted or blocked.

5.3 Transfer of Data to Third Parties

Your personal data will not be transferred to third parties unless this is expressly required for the execution of our service or we are legally or by court order obligated to do so.

5.4 Your Responsibility

Please ensure that the data you provide is correct and that you are entitled to forward third-party personal data (e.g., employees, customers) to us. Before transmitting such data, verify whether the affected persons have consented to the disclosure of their data or if corresponding contractual or legal bases exist.

6. Your Rights

You have the right to request information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the rectification, blocking, or erasure of these data. If you have given consent for data processing, you can revoke this consent at any time with effect for the future. In addition, you have the right to file a complaint with the competent supervisory authority.

7. Data Security

We implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continually improved in line with technological developments.

8. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy from time to time in order to comply with current legal requirements or to incorporate changes to our services in the Privacy Policy. The new Privacy Policy will apply to any subsequent visits.

© 2025 Secure Workspace Impressum Privacy Terms and Conditions
Heidl IT