Privacy Policy

‍

Privacy Policy for Microsoft Account by BANQR Digital Solutions GmbH

‍

I. General information

This privacy policy applies to BANQR's Microsoft account.

You can access this privacy policy at any time under the “Privacy Policy” section.

‍

II. Name and address of the controller

As the operator of the website, BANQR is responsible for your personal data that is processed as a result of your use of this website.

BANQR Digital Solutions GmbH

Thyssenstrasse 6-8

32312 Lübbecke

Email: info@getbanqr.com

‍

III. Data processing

The data processing described below relates both to the use of our website for purely informational purposes and to the content we provide for downloading.

1. Contact us
2. Description and scope of data processing

You have the opportunity to contact us in various ways. If you use the contact form provided on our website, you will be asked to provide the following personal information:

• First and Last Name
• E-mail address
• Content of the message

In addition, you are free to contact us via the email addresses provided on our website, including by sending an email to info@getbanqr.com.

• Legal basis for data processing

The processing of the data you provide is based on your consent in accordance with Art. 6 (1) (a) GDPR.

If the message initiates pre-contractual measures or was sent in connection with an existing contract, the data in question will be processed in accordance with Art. 6 (1) (b) GDPR.

• Purpose of data processing

The personal data you provide in the form will be processed in order to respond to your request as quickly as possible.

• Duration of storage

We anonymize your personal data when it is no longer necessary to achieve the purpose for which it was processed.

For personal data sent to us as part of your contact via the contact form, this will be the case 30 days after the respective conversation with you has ended. The conversation is considered to be ended when the circumstances indicate that the matter in question has been resolved.

If the message in the contact form initiates pre-contractual measures or concerns an ongoing contractual relationship, the data provided will be deleted after the expiration of the limitation period, beginning at the end of the year in which the contractual relationship was terminated. After the expiration of the limitation period, your data will be blocked and deleted after the expiration of the statutory retention periods (see V. Retention Obligations).

• Revocation of consent

You can revoke your consent to the processing of the personal data you provided in the contact form at any time in accordance with Art. 7 GDPR. To do so, please contact us at: datenschutz@getbanqr.com. The legality of the processing carried out up to that point based on your consent is not affected by the revocation.

• Contract processing

a) Description and scope of data processing
We offer you the opportunity to download our software for a license fee. For this purpose, we process the following personal data from you:

• Salutation
• First name Last Name
• E-mail address
• Address

b) Legal basis for data processing
The legal basis for the processing of your data, which is collected and further processed in the course of contract execution, is Art. 6 (1) (b) GDPR.

c) Purpose of data processing
The purpose of data processing is contract execution.

d) Duration of storage
We delete your personal data when it is no longer required to achieve the purpose of its processing. This is usually the case after the limitation period has expired, starting at the end of the year in which the contractual relationship is terminated. After the limitation period has expired, your data will be blocked and deleted after the statutory retention periods have expired (see V. Retention obligations).

‍

IV. Your rights

This section informs you about your rights and how you can exercise them.

‍

1. Right to information

Pursuant to Art. 15 GDPR, you have the right to obtain information about the processing of your personal data free of charge at any time. This information will contain an overview of the data concerning you and, if requested, a copy of this data. We will provide you with your personal data in a common electronic format.

‍

2. Right to rectification

Should data be or become incorrect, we are obliged to correct the information at your request in accordance with Art. 16 GDPR.

‍

3. Right to erasure (“right to be forgotten”)

You can request the deletion of data at any time in accordance with Art. 17 GDPR.

‍

4. Right to restriction of processing

Whenever we cannot delete your data (e.g., due to legal retention obligations), we restrict the processing of the data in question in accordance with Art. 18 GDPR. Processing will also be restricted if you believe that the data we have stored is incorrect or if there is a disagreement about the legality of the processing.

‍

5. Right to data portability

You can request us at any time, in accordance with Art. 20 GDPR, to transfer your personal data to you or a third party of your choice, provided that the legal requirements are met.

‍

6. Automated decision-making in individual cases, including profiling

According to Art. 22 GDPR, you have the right not to be subjected to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or significantly affects you in a similar way.

‍

7. Right of objection

According to Art. 21 GDPR, you have the right to object to the processing of your personal data if this processing is based on a legitimate interest pursuant to Art. 6 (1) (f) GDPR.

‍

8. Right to complain

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of personal data concerning you violates the General Data Protection Regulation. As a rule, you can contact the supervisory authority in your place of residence or our company. The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

‍

Kavalleriestr. 2-4

40213 Düsseldorf

Phone: 0211/38424-0

Fax: 0211/38424-999

Email: poststelle@ldi.nrw.de

‍

9. Revocation of consent

According to Art. 7 (3) GDPR, you have the right to revoke your consent at any time, provided you have given it to us. If you revoke your consent, we will no longer process any of your personal data from the time of revocation. However, the revocation does not affect the legality of previous processing. If you wish to revoke the consent you have given us, please send your request to: datenschutz@getbanqr.com.

‍

V. Storage obligations

We delete all personal data, with the exception of certain categories, to fulfill our legal retention obligations. This data will be deleted immediately after the retention period has expired, without you having to request deletion again.

If the retention of your personal data is necessary, it is required for the following purposes and laws:

1. Compliance with commercial and tax retention periods, which refer to the following laws: German Commercial Code (HGB), German Fiscal Code (AO), and German Value Added Tax Act (UStG). The statutory retention periods and documentation requirements range between six and ten years.

2. Ensuring proper disaster recovery and conducting IT audits: GDPR and German Civil Code (BGB). The statutory deadlines and documentation requirements are three years.

3. Claims and evidence management: GDPR (General Data Protection Regulation) and BGB (German Civil Code). The statutory deadlines and documentation requirements are three years from the end of the year in which the event to be documented occurred.