Privacy Policy

We provide the English version of our privacy policy as an information service. In case of doubt, the German language version shall always prevail.

Controller

vaylens GmbH

Company address:
Ezzestrasse 8
44379 Dortmund
Germany

Email: help@emobility.software

VAT ID: DE352928826

Management board: Dr. Gregor Schmeken, Jörg Lohr, Peter Hamela 

Responsible for content under article 18, paragraph 2 Media State Treaty (MStV; Medienstaatvertrag): Philipp Graf

Data Protection Officer

Dipl.-Inf. (FH) Karsten Schulz (GDDcert.EU)

schulz@datenschutz.systems

M: +49 151 22631968

Website and Hosting

Purposes of processing 

We log technical data in the web server logs for each access of our website in order to ensure operational security and to be able to investigate and rectify faults. The access logs of the web servers record which page views have taken place and when. They contain the following data: IP address, date, time, accessed pages, logs, status code, amount of data, referrer, user agent, accessed host name.

Legal base

Art. 6 (1f) GDPR, our legitimate interest in being able to operate the website securely and to ensure a defined external presentation. 

Legitimate interest

To ensure the operational security of our website and to be able to defend ourselves against cyber attacks.

Recipients or categories of recipients 

Our web services are administered within the framework of order processing in accordance with Art. 28 GDPR. 

Data Transfer to Third country

No.

Storage periods 

The IP addresses are stored for 6 month. Error logs, which record faulty page views, are deleted after seven days. In addition to the error messages, these contain the accessing IP address and, depending on the error, the accessed website.

For further investigations into unusual activities or attacks, the data will remain stored until the investigation has been completed and any legal claims have been clarified.

Contact and communication with you 

Purposes of processing 

If you contact us by email, contact form, telephone or post, we will process your data to fulfill your request and any subsequent activities that may result. These activities may include: Processing enquiries, applications, service requests as well as maintaining contact, providing advice and advertising our products and services, analyzing our processes and taking measures to improve process quality. 

In doing so, we process the information you provide to us, such as names, contact details, e-mail addresses and telephone numbers and, of course, the content of your enquiry. 

Legal base 

The legal basis may be Art. 6 (1f) GDPR, our legitimate interest in communicating with you and processing your enquiry, or Art. 6 (1b) GDPR, to carry out necessary pre-contractual or contractual measures. Where you have given us consent, Art. 6 (1a) GDPR is the applicable legal basis. 

Legitimate interest

Our legitimate interest in responding to enquiries, including those of an informal nature, as well as providing comprehensive advice on our products and services and drawing attention to identical or similar products and services.

Recipients or categories of recipients 

Furthermore, we use services of service providers within the scope of order processing according to Art. 28 GDPR, for example to secure e-mail traffic and to comply with quality features as well as to process your service requests. Some of the processing may take place in the USA. In order to ensure the level of data protection at EU standard, the EU standard data protection clauses are generally agreed with the respective service providers and special technical and organisational protection measures are provided. 

Data Transfer to Third country

We may transfer your personal data to third countries outside the European Economic Area (EEA) in accordance with applicable data protection laws. When transferring personal data to countries that do not provide an adequate level of data protection as determined by the European Commission, we implement Standard Contractual Clauses (SCC) to ensure appropriate safeguards are in place. For transfers to the United States, we may use service providers who are participants in the EU-U.S. Data Privacy Framework. This framework ensures that these service providers meet the necessary standards for data protection and have committed to complying with the privacy principles set forth by the framework.

Storage periods 

As a general rule, a deletion process is started when the processing operation is completed. In certain cases, further processing, such as required retention periods, follow the actual processing. For example, e-mails with tax-relevant content are stored in accordance with the statutory retention periods (e.g. 6 years for commercial letters in accordance with the German Commercial Code (HGB), 10 years for tax documents in accordance with the German Fiscal Code (AO)) and then deleted.

Your application to us

Purposes of processing 

When you send us an application, we process your data to the extent necessary until the application process is completed.

Legal base 

Art. 6 (1b) GDPR, to process your application, which constitutes a request for the conclusion of an employment contract, as part of our application process.

Recipients or categories of recipients 

We use services of service providers in the context of order processing according to Art. 28 GDPR to carry out personnel administration.

Data Transfer to Third country

No.

Storage periods 

In the event of recruitment, required data from your application will be stored in the personnel file. Data that is not required will be deleted. In the event of a rejection, your data will be deleted 2 months after completion of the application process.

Social media 

Purposes of processing 

We also communicate with you via various social media channels. When using these platforms, the respective data protection declarations always apply as well. 

In particular, these are (as of 2023-06-02): 

Legal base 

Art. 6 (1f) GDPR and for the cases for which you have given us your consent, Art. 6 (1a) GDPR.

Legitimate interest

Carrying out company communications and ensuring a defined external presentation.

Recipients or categories of recipients 

The social media platforms listed above, some of which also process personal data in third countries such as the USA. All of these services pass on personal data, for example to commissioned third-party providers for the provision of outsourced services, to authorities if you are legally obliged to do so or if there is suspicion of a violation of the law, and to new business owners in the event of a company acquisition or insolvency. 

Storage periods 

In accordance with the privacy statements of the social media platforms.

Newsletter 

Purposes of processing 

We use a newsletter service for communication and external presentation. 

Legal base 

Art. 6 (1a) GDPR, your consent to the newsletter with double opt-in. 

Recipients or categories of recipients 

We use the services of Mailchimp from The Rocket Science Group, LLC as part of an order processing according to Art. 28 GDPR to send the newsletter. Some of the processing takes place in the USA. In order to ensure the level of data protection at EU standard, the EU standard data protection clauses have been agreed with the service provider DPA.

Data Transfer to Third country

We implement Standard Contractual Clauses (SCC) with Mailchimp to ensure appropriate safeguards are in place.

Storage periods 

After unsubscribing from the newsletter, your relevant personal data will be deleted.

Postal direct advertising for the acquisition of new customers 

Purposes of processing 

The personal data is processed for the purpose of acquiring new customers. 

Legal base 

Art. 6 (1f) GDPR, our legitimate interest to carry out direct advertising. The source of the personal data is Deutsche Post Direkt GmbH, Junkersring 57 in 53844 Troisdorf, Germany.

Legitimate interest

Direct marketing

Recipients or categories of recipients 

None

Data Transfer to Third country

No

Storage periods 

The personal data will be deleted immediately after the purpose has been fulfilled or after the postal mailing has been sent.

Credit assessment 

Purposes of processing 

Checking the creditworthiness of customers 

Legal base 

Art. 6 (1f) GDPR

Legitimate interest

The legitimate interest to protect against payment defaults. 

Recipients or categories of recipients 

Service providers for creditworthiness information, for example Creditsafe Berlin, Deutsche Factoring Bank Bremen. 

Storage periods 

The information is stored for the duration of the business relationship.

Cookies

Purposes of processing 

We use the Cookiebot service to use cookies in a legally compliant way. The service gives you the opportunity to object to the setting of certain cookies and to consent to the setting of other cookies. Your preferences are stored in your browser in the form of required cookies. 

We use cookies to personalize content and ads, provide social media features and analyze traffic to our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the Services. 

Legal base 

The legal bases for setting cookies are Art. 6 (1f) GDPR for necessary cookies and Art. 6 (1a) GDPR for marketing and analytics functions.

Legitimate interest

Please see the information in the consent dialog.

Recipients or categories of recipients 

Please see the information in the consent dialog.

Data Transfer to Third country

Please see the information in the consent dialog.

Storage periods 

Please see the information in the consent dialog.