Privacy policy
3CPDF is an application of Artoption GmbH. The privacy of the user is the highest priority. By means of this privacy policy, the user learns how and which data Artoption GmbH collects, stores, uses, discloses or processes in any other way when the mobile application 3CPDF and its services are used and the website is visited. This privacy policy applies to the 3CPDF mobile application and the associated website.
This privacy policy contains, among other things, explanations on data collection and processing as well as on data transfer. It must be pointed out that data transmission on the Internet can have security gaps, so that complete protection of data against access by third parties is not possible.
Responsible
The responsible body for data processing on this website is:
Artoption Ltd.
Am Wiesenrain 14
71720 Oberstenfeld
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (Artoption GmbH).
Data protection officer
Please use our contact form
Data collection, Data use and Data transfer
Data collection from the user
The following personal data are requested and collected when using the application or visiting the website, as they are necessary to fulfil the existing contract and the associated obligations of Artoption GmbH, Art. 6 para. 1 p.1 lit. b DSGVO. The processing of this data is based on the interest of Artoption GmbH to continuously improve the application and its services as well as the user experience. Without this data, the existence of the application and its services cannot be guaranteed, Art. 6 para. 1 sentence 1 lit. f DSGVO.
Registration and use of the service:
Personal data, address data, contact data, login data.
Customer account: For a successful registration, an e-mail address is required as well as the choice of a password. Communication: When contacting Artoption GmbH via email, data on the communication and any other data voluntarily provided by the user is collected.
Subscription data: When the subscription is concluded, data of the customer is collected. This includes the company name, the address, the country, the UID, the duration of the subscription as well as its start and end date.
PDF files & correction data: Data is collected for the function of the 3CPDF application. This includes the file name, the correction carried out, errors output, selected presettings and all PDF data.
Delivery of the report: Mail address, title, name
Delivery of the report to third parties: The storage period is limited to the purpose of the contract and, if applicable, legal and contractual retention obligations. The deletion of tax-relevant data takes place after 10 years at the latest.
Automatic Data Collection
Device data: Artoption GmbH collects information from and about the end devices used by the user, including information about how the user interacts with the platform, as well as data about the end device itself. This includes in particular information about the hardware used, operating systems, IP addresses, cookie data, device settings, mobile device identifiers, installed apps, browser type, language, battery charge level and time zone.
Service providers, business partners and third parties: Artoption GmbH may also obtain data about the user from business partners and external service providers. This includes companies that assist Artoption GmbH with payment processing, analysis, data processing, administration, hosting, customer service and technical support. This data is collected in order to improve the user’s experience.
Cookies: Artoption GmbH uses cookies and similar technologies (especially identifiers of mobile devices). In doing so, Artoption GmbH may also grant its own business partners permission to track the user’s usage behaviour on behalf of Artoption GmbH.
Ο Our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO to collect the data is based on the purposes of ensuring a smooth connection setup and comfortable use of the application, evaluation of system security and stability as well as for other administrative purposes, in particular for statistical purposes and for the prevention and investigation of criminal offences.
The user’s personal data is deleted as soon as it is no longer required for the purposes for which it was collected or used, unless legal retention periods prevent deletion.
Data Processing
Artoption GmbH processes the collected personal data for various business purposes on the basis of applicable legal grounds subject to the selection made by the user within the settings in the application. Provision, improvement and further development of the application and its services
Ο Operation and maintenance of the 3CPDF account and enabling access to the application in connection with its use: The user’s e-mail address and password are required to uniquely identify and verify the user when registering for the application. The identifiers of the end devices used are used to ensure that the user controls the devices with access to the application.
Ο Once the subscription has been completed, the user’s name, address and payment details are used to process the account subscription, renewals and for payment purposes. All payment verification data is transmitted using industry standard SSL encryption. Response to requests submitted by the user Maintain a safe and secure environment.
Ο Detecting and preventing fraud, spam, abuse, security incidents and other suspicious activities.
Ο Verification and authentication of the user’s identity and prevention of unauthorised or illegal activities.
Ο Improving the security and protection of the applications 3CPDF and its services.
Ο Avoiding or taking measures with regard to activities that violate the general terms and conditions of Artoption GmbH or applicable law.
Ο Providing customer service and technical support
Ο Accounting and bookkeeping: personal data, address data, bank data, contract data
Artoption GmbH processes this data within the scope of its legitimate interest to improve the entire platform as well as to maintain an optimal user experience, Art. 6 para. 1 p.1 lit. f DSGVO. In addition, this data is used to fulfil the contract concluded with the user , Art. 6 para. 1 p. 1 lit. b DSGVO. The processing of data in the context of accounting and bookkeeping is based on legal requirements, Art. 6 para. 1 lit. c DSGVO.
Data Transfer
This section deals with the transfer of the collected data by Artoption GmbH.
Ο Artoption GmbH transmits data of the user if the user has expressly consented to the transmission, Art. 6 para. 1 p.1 lit. a DSGVO.
Ο Service providers: Artoption GmbH makes use of service providers, who may also have locations outside the European Economic Area, who provide certain services for Artoption GmbH or also for the users themselves on behalf of Artoption GmbH, such as IT service providers in the area of services and hosting (in particular Internex GmbH Web Services), printing service providers, banks, shredders. However, these service providers are only granted access to the user’s data to the extent that this is necessary for the fulfilment of these tasks on behalf of Artoption GmbH. These service providers are contractually obliged to take appropriate organisational and technical measures to protect personal data from unauthorised disclosure and to process personal data only in accordance with Artoption GmbH’s instructions and only to the extent necessary to
provide their services to Artoption GmbH. 3Artoption GmbH is obliged to transmit the user’s data as well as personal data for the purpose of ensuring adequate performance of the contract concluded with the user within the framework of the General Terms and Conditions.
Ο The transfer of data to processors takes place on the basis of Art. 28 (1) DSGVO, alternatively on the basis of our legitimate interest in the economic and technical advantages associated with the use of specialised processors, and the fact that the rights and interests of the user in the protection of his personal data do not prevail, Art. 6 (1) lit. f DSGVO.
Ο Compliance with legal regulations: Artoption GmbH may disclose the user’s data to courts, law enforcement agencies and government authorities in order to comply with its own legal obligations, to comply with legal process and to respond to its own legal actions brought against Artoption GmbH, to respond to verified requests in connection with investigative proceedings or alleged or suspected illegal activities, and to enforce Artoption GmbH’s Terms and Conditions and other agreements with the user.
Ο Change of control: Artoption GmbH may also transfer personal data in the context of a sale or change of control or in preparation for these events. In the case of any transfer of personal data to third parties to the extent described above, Artoption GmbH will ensure that this is done in accordance with this privacy policy and the relevant data protection laws.
Ο Any transfer of personal data is justified by the fact that Artoption GmbH has a legitimate interest in adapting its own company form to the economic and legal circumstances as required and that the rights and interests of the user in the protection of their personal data do not outweigh this, Art. 6 para. 1 lit. f DSGVO.
Deletion of the user’s personal data takes place as soon as it is no longer required for the purposes for which it was collected or used, unless legal retention periods prevent deletion.
Data collection on the website; Cookies
Cookies
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. The cookies usually used are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on the end device until they are deleted. These cookies make it possible to recognise your browser on your next visit. You can set your browser so that you are informed about the
setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping cart function) are stored on the
basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are dealt with separately in this data protection declaration.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Ο Name of the website accessed
Ο File
Ο Date and time of the retrieval
Ο Amount of data transferred
Ο Message about the success of the retrieval
Ο Browser type & Version
Ο Operating system
Ο Referrer URL (the previously visited page, provided that our page was opened via such a link)
Ο IP addressThis data is not merged with other data sources. The basis for the data processing is Article 6 (1) lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
This data is not merged with other data sources. The basis for data processing is Article 6 (1) (f) DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
In addition, a legitimate interest arises from Art. 6 para. 1 sentence 1 lit. f DSGVO in order to ensure a smooth connection setup and comfortable use of the website. In addition, this serves to evaluate system security and stability as well as for further administrative purposes.
Contact Form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing procedures carried out until the revocation remains unaffected by the revocation. The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after
we have completed processing your enquiry). Mandatory legal provisions – in particular retention periods – remain unaffected.
Duration of Data Storage
As far as necessary, we process and store your personal data for the duration of our business relationship. This also includes the initiation and processing of a contract/order. In addition, we are subject to various storage obligations, which result from the German Commercial Code, among other things. Finally, the storage period also results from the statutory limitation periods, which are usually three (3) years but can also be up to 30 years.
The print data made available to us is usually deleted automatically after 12 hours following completion of the process. Insofar as your e-mail address has been entered for delivery to a different recipient, the deletion takes place after the e-mail has been delivered. The e-mail is not stored.
Use of Google Analytics
We use Google Analytics to analyse website usage. The data obtained from this is used to optimise our website and advertising measures.
Google Analytics is a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes website usage data on our behalf and is contractually obligated to take measures to ensure the confidentiality of the processed data. During your visit to the website, the following data is recorded, among others:
Ο Pages viewed
Ο Orders incl. the turnover and the products ordered
Ο Your behaviour on the pages (e.g. clicks, scrolling behaviour and time spent on the site)
Ο Your approximate location (country and city)
Ο Your IP address (in shortened form, so that no clear assignment is possible)
Ο Technical information such as browser, internet provider, device and screen resolution
Ο Source of origin of your visit ((i.e. via which website or advertising medium you came to us)
This data is transferred to a Google server in the USA. Google observes the data protection provisions of the “EU-US Privacy Shield” agreement.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that can be used to recognise you on future visits to the website. The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely. If you do not agree to the collection of this data, you can prevent it by installing the browser add-on to deactivate Google Analytics once.
Google Web Fonts
We use Google Fonts on our website to display external fonts. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
Through certification according to the EU-US data protection shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the data protection requirements of the EU are also complied with when processing data in the USA.
To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.
The legal basis is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in the optimisation and economic operation of our website.
The connection to Google established when our website is called up enables Google to determine which website sent your request and to which IP address the display of the font is to be transmitted.
Google offers below
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
further information, in particular about the possibilities of preventing the use of data.
Data Security
Artoption GmbH endeavours to take all necessary technical and organisational security measures to store your personal data in such a way that they are neither accessible to third parties nor to the public. Should you wish to contact us by e-mail, we would like to point out that the confidentiality of the information transmitted cannot be fully guaranteed when using this method of communication. We therefore recommend that you send us confidential information exclusively by post.
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that the user sends to Artoption GmbH as the site operator, this site uses SSL or TLS encryption. The user can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in the browser line.
If SSL or TLS encryption is activated, the data that the user transmits to Artoption GmbH cannot be read by third parties.
Enforcement of Rights
Ο Revocation of your consent to data processing: Many data processing operations are only possible with the express consent of the user. The user can revoke consent already given at any time. For this purpose an informal communication to us by e-mail is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Ο Right of complaint to the competent supervisory authority: In the event of violations of data protection law, the data subject has a right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which the company has its registered office. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Ο Right to data portability: The user has the right to have data, which Artoption GmbH processes automatically on the basis of your consent or in fulfilment of a contract, handed over to him/herself or to a third party in a common, machine-readable format. If the user requests the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Data subject rights
Upon request, we will inform you whether and which personal data relating to you are stored in accordance with Art. 15 DSGVO, in particular about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making including profiling.
You have the right to have any incorrectly collected personal data corrected or incompletely collected data completed, Art. 16 DSGVO.
You also have the right to request that we restrict the processing of your data, provided that the legal requirements for this are met, Art. 18 GDPR.
You also have the right to demand that we restrict the processing of your data, provided that the legal requirements for this are met, Article 18 of the GDPR.
You have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request that it be transferred to another controller, Art. 20 DSGVO.
In addition, you have the so-called “right to be forgotten”, i.e. you can demand that we delete your personal data, provided that the legal requirements for this are met, Art. 17 DSGVO.
Irrespective of this, your personal data will be automatically deleted by us if the purpose of the data collection ceases to exist or the data processing is unlawful.
Data protection information on the collection of personal data in accordance with Articles 13 and 14 of the Basic Data Protection Regulation (DSGVO) Within the scope of our cooperation, we process your data primarily in the course of
providing our services. With these notes, we inform you about the details of these processing operations.
Ο Who is responsible for data processing and whom can I contact:
Ο What data we process and what we process your data for (purposes of processing) and on what legal basis we do so:
We process personal data (Art. 4 No. 2 DS-GVO) in compliance with the
EU General Data Protection Regulation (GDPR) and all other applicable laws:
Ο Based on your consent (Art. 6 para 1a) DS-GVO, Art. 9 para 2a) in conjunction with Art. 7 DS-GVO Insofar as we have your consent to process personal data for certain purposes, the lawfulness of this processing is based on your consent. Once you have given your consent, it can be revoked at any time. Please note that the revocation is effective for the future. Processing carried out before this revocation is not affected by this.
Ο For the fulfillment of contractual obligations (Art. 6 para. 1b) DS-GVO)
The data processed and the scope and purpose of the processing are in all cases based on the necessity of the data processing. Thus, in addition to the above-mentioned purposes, various categories of data are processed within the scope of our cooperation or correspondence with you.The processed data and the scope and purpose of the processing are based in all cases on the necessity of data processing. In addition to the purposes mentioned above, various categories of data are processed as part of our cooperation or correspondence with you.
Ο To fulfill contractual obligations (Art. 6 Paragraph 1b) DS-GVO)
Purposes of data processing Categories of data Registration and use of our service Personal data, address data, contact data, registration data. Delivery of reports Mail address, title, name Delivery of reports to third party email address entered by the user. Billing, accounting and bookkeeping Usage data, bank data, personal data, address data.
The data processed and the scope and purpose of the processing are based in all and purpose of the processing are based in all cases on the necessity of the data processing. In addition to the above-mentioned purposes mentioned above, various categories of data are processed within the framework of our data within the scope of our cooperation or correspondence with you.
Ο Within the framework of the balancing of interests (Art. 6 para. 1f) DS-GVO).
Where necessary, we also process your data to protect legitimate interests of us or of third parties. This may be the case, for example, in the case of:
Purposes of Data ProcessingCategories of DataEnsuring IT security and IT operations
Log data, protocol data
Statistical purposes
Course data, personal data
Prevention and investigation of criminal offences Occasion-related
All categories of data as required.
Accounting and bookkeeping
Personal data, address data, bank data, contract data
In the area of legal obligations, your personal data is processed in particular due to retention periods under commercial and tax law as well as any necessary information to authorities. In addition, we process your data depending on the use of further services on an occasion-related basis. If necessary, you will receive independent information on this within the scope of the respective processing (e.g. use of our website, our W-LAN, …).
Ο Tan whom is the data passed on (categories of recipients):
External contractors, service providers, order processors:
In order to perform our tasks and fulfil our contracts, we sometimes use external contractors and service providers. These may include, for example, banks, shredders, printing service providers and, in particular, IT service providers in the area of services and hosting. In addition, your data may be passed on to public bodies within the framework of reporting obligations or requirements of the cost units.
Other recipients:
Finally, data may be passed on to recipients to whom we are obliged to pass it on due to legal obligations (e.g. authorities and courts).
Ο Duration of data storage:
As far as necessary, we process and store your personal data for the duration of our business relationship. This also includes the initiation and processing of a contract/order. In addition, we are subject to various retention obligations, which result from the German Commercial Code, among other things. Finally, the storage period is also based on the statutory limitation periods, which are usually 3 years but can also be up to 30 years. The print data made available to us is usually deleted automatically after 2 hours after completion of the process. If your email address was entered for delivery to a different recipient, the data will be deleted after the email has been delivered.
Ο Data transfer to third countries:
Data transfer to third countries (countries outside the EU and the European Economic Area EEA) only takes place insofar as this is necessary for the execution of a contract/ order/business relationship including the initiation and only in compliance with the data protection requirements prescribed for this purpose.
Ο Data subject rights:
You can request information about the data stored about you via the contact details provided above. (Art. 15 DS-GVO). In addition, you can demand the correction or deletion of your data under certain conditions (Art. 16 and 17 DS-GVO). You have the right to request the restriction of the processing of your personal data (Art. 18 DS-GVO). In addition, you have the right to have the data you have provided returned to you in a structured, commonly used, machine-readable format (Article 20 of the GDPR).
Ο Is there an obligation to provide data?
In the context of a business initiation or business relationship with us, you generally only need to provide the data that we require for the corresponding establishment, implementation or termination of this relationship. Without the provision of the required data, we may have to refuse to establish a business relationship or may not be able to carry it out or may even have to terminate such a relationship.
Ο Is there an obligation to provide data?
There is no automated decision-making or profiling (Art. 4 No. 4 DS-GVO).
Ο Right of complaint:
You have the possibility to lodge a complaint with the data protection officer mentioned above or with a data protection supervisory authority.
Right to object to direct marketing:
You have the right to object to processing of your personal data for direct marketing purposes.
If we process your data to protect legitimate interests, you can object to this processing if reasons arise from your particular situation that speak against the data processing.
Purposes of Data ProcessingCategories of DataAccounting and bookkeeping
Usage data, bank data, personal data, Address data,
The processed data and the scope and purpose of the processing are based on
all cases of the necessity of data processing. So it comes across the above
mentioned purposes in addition to data processing of various categories of
Data in the context of our cooperation or correspondence with you.
Ο As part of the balancing of interests (Art. 6 Para. 1f) GDPR)
If necessary, we also process your data in order to protect our legitimate interests or those of third parties. This can be the case, for example:
Purposes of Data ProcessingCategories of Dataensuring IT security and the IT Operations
Log Data, Protocol Data
Statistical Purposes
Course Data, Personal Data
Prevention and Investigation of Criminal Offenses
All categories of data depending on the occasion.
Ο Processing based on legal requirements (Art. 6 Para. 1c) GDPR)
Purposes of Data ProcessingCategories of DataAccounting and bookkeeping
Personal data, address data, bank data, contract data
In the area of legal obligations, your personal data will be processed in particular due to commercial and tax retention periods as well as any necessary information to authorities.
In addition, we process your data depending on the use of other services. For this purpose, you will receive independent information if necessary within the scope of the respective processing (e.g. use of our website, our W-LAN, …)
Ο To whom will the data be passed on (categories of recipients):
External Contractors, Service Providers, Processors:
We sometimes use external contractors and service providers to fulfill our tasks and to fulfill the contract. These can include, for example, banks, document shredders, print service providers and, in particular, IT service providers in the field of services and hosting. In addition, your data can be passed on to public bodies within the framework of reporting obligations or requirements of the cost bearers.
Other recipients:
Ultimately, data can go to recipients to whom we are obliged to pass on due to legal obligations (e.g. authorities and courts).
Ο Duration of data storage:
If necessary, we process and save your personal data for the duration of our business relationship. This also includes the initiation and processing of a contract / order. n addition, we are subject to various storage obligations, which result from the Commercial Code, among other things. Finally, the storage period also results from the statutory limitation periods, which are usually 3 years but can also be up to 30 years. The print data made available to us are automatically deleted after the process is completed, usually after 12 hours. If your e-mail address was entered for delivery to a different recipient, it will be deleted after the e-mail has been delivered. The e-mail addresses will not be saved.
Ο Data transfer to third countries:
A data transfer to third countries (countries outside the EU and the European Economic Area EEA) only takes place insofar as this is necessary for the execution of a contract / order / business relationship including the initiation and only in compliance with the data protection requirements stipulated for this .
Ο Affected rights:
You can request information about the data stored about you using the contact details given above. (Art. 15 GDPR). In addition, under certain conditions you can request the correction or deletion of your data (Art. 16 and 17 GDPR). You have the right to request that the processing of your personal data be restricted (Art. 18 GDPR). In addition, you have the right to surrender the data you have provided in a structured, commonly used machine-readable format (Art. 20 GDPR).
Ο Is there an obligation to provide data?
As part of a business initiation or business relationship with us, you generally only need to provide the data that we need to establish, implement or terminate this relationship. Without providing the necessary data, we may have to refuse to establish a business relationship or not be able to carry it out or even have to terminate one.
Ο Is there an obligation to provide data?
There is no automated decision-making or profiling (Art. 4 No. 4 GDPR).
Ο Right of appeal:
You have the option of contacting the above-mentioned data protection officer or a data protection supervisory authority with a complaint.
Right of Objection to Direct Mail:
You have the right to object to the processing of your personal data for direct marketing purposes.
If we process your data to protect legitimate interests, you can object to this processing if your particular situation gives rise to reasons that speak against data processing.