As of March 2023
The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:
Localyze GmbH
Rosenthaler Strasse 72A
10119 Berlin
Germany
+49 40 69 63 87 81
info@localyze.com
https://www.localyze.com
The data protection officer of the data controller is:
DataCo GmbH
Dachauer Str. 65
80335 Munich
Germany
+49 89 7400 45840
http://www.dataguard.de
On this page we inform you about the privacy policy applicable in the Localyze app ("App") offered as web app. The app is an offering of Localyze GmbH, Rosenthaler Strasse 72A, 10119 Berlin, Germany ("Localyze”, "we" or "us").
1. Scope of processing
In general, we only process personal data of our users to the extent that this is necessary for the provision of a functioning app as well as our content and services. The processing of personal data of our users is regularly carried out only after the consent of the user.
To use the Localyze app is a Human Ressource Management App, the following personal data are usually processed:
Moreover, the personal data are processed automatically.
2. Purpose of the processing
Data processing is used to support global mobility processes of individual employees, such as obtaining a visa or extending a residence permit.
We may collect information about how you interact with our application and services. This data helps us enhance your user experience and improve our offerings.
Service Customization:
Your personal data enables us to personalize our services to better match your preferences and needs.
3. Legal basis for processing
To the extent that we obtain the consent of the data subject for processing activities involving personal data, Article 6 (1) (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. For the processing of special categories of personal data, Article 9 (1) (a) will be used as legal basis.
We may need to process your personal data to comply with legal obligations and regulations.
Your consent is entirely voluntary, and you have the right to withdraw it at any time by adjusting your account settings or contacting our Data Protection Officer. However, please note that withdrawing consent may impact your ability to access and use our services.
4. Data erasure and storage duration
The personal data collected by us for the service will be deleted in accordance with Art. 6 (1) (1) (c) GDPR after expiry of the tax and commercial law retention and documentation obligations (from HGB, StGB or AO), unless you have consented to further storage in accordance with Art. 6 (1) (1) (a) GDPR. The data remains stored until the employee's profile is deleted or individual data of the profile is deleted or overwritten.
5. Objection and removal options
Users can delete some data themselves in their profile. In addition, deletion of all data can be ordered by sending an email to privacy@localyze.com.
When your personal data is processed, you are a data subject within the meaning of the GDPR and have the following rights:
You may request the data controller to confirm whether your personal data is processed by them.
If such processing occurs, you can request the following information from the data controller:
You have the right to request information on whether your personal data will be transmitted to a third country or an international organization. In this context, you can then request for the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
You have a right to rectification and/or modification of the data, if your processed personal data is incorrect or incomplete. The data controller must correct the data without delay.
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of personal data concerning you has been restricted, this data may – with the exception of data storage – only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the processing has been restricted according to the aforementioned conditions, you will be informed by the data controller before the restriction is lifted.
a) Obligation to erase
If you request from the data controller to delete your personal data without undue delay, they are required to do so immediately if one of the following applies:
b) Information to third parties
If the data controller has made your personal data public and must delete the data pursuant to Art. 17 (1) GDPR, they shall take appropriate measures, including technical means, to inform data processors who process the personal data, that a request has been made to delete all links to such personal data or copies or replications of the personal data, taking into account available technology and implementation costs to execute the process.
c) Exceptions
The right to deletion does not exist if the processing is necessary
If you have the right of rectification, erasure or restriction of processing over the data controller, they are obliged to notify all recipients to whom your personal data have been disclosed of the correction or erasure of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You reserve the right to be informed about the recipients of your data by the data controller.
You have the right to receive your personal data given to the data controller in a structured and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller who was initially given the data, if:
In exercising this right, you also have the right to transmit your personal data directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons shall not be affected.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.
For reasons that arise from your particular situation, you have, at any time, the right to object to the processing of your personal data pursuant to Art. 6 (1) (1) (e) or 6 (1) (1) (f) GDPR; this also applies to profiling based on these provisions.
The data controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data in regard to such advertising; this also applies to profiling associated with direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58/EG, you have the option, in the context of the use of information society services, to exercise your right to object to automated decisions that use technical specifications.
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent until the withdrawal.
You have the right to not be subject to a decision based solely on automated processing – including profiling – that will have a legal effect or substantially affect you in a similar manner. This does not apply if the decision:
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) (a) or Art. 9 (2) (b) GDPR applies and reasonable measures have been taken to protect your rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the data controller shall take appropriate measures to uphold your rights and freedoms as well as your legitimate interests, including the right to obtain assistance from the data controller or his representative, to express your opinion on the matter, and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in the Member State of your residence, or your place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
1. Description and scope of data processing
Each time our app is accessed, our system automatically collects data and relevant information from the computer system of the calling device. We use for collecting telemetry data Rollbar, and NewRelic. More information you can find here:
https://docs.rollbar.com/docs/privacy-policy
https://newrelic.com/termsandconditions/privacy.
The following data is collected:
When the app is loaded following data is processed:
This data is stored in the log files of our system. This data is not stored together with other personal data of the user.
2. Purpose of data processing
The data is used to Infrastructure monitoring Application, optimize Resource and to fix bugs. An analysis of the data for marketing purposes does not take place.
For the aforementioned purposes, our legitimate interest lies in the processing of data in compliance with Art. 6 (1) (1) (f) GDPR.
3. Legal basis for data processing
The legal basis for the temporary storage of data and logfiles is Art. 6 (1) (1) (f) GDPR.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the app is accomplished.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is not possible.
5. Objection and removal
The collection of data for the provision of the app as well as the storage of data in log files are essential for the operation of the app. Therefore, the user may not object to the aforementioned processes. For further purposes as listed above you can object or remove your consent in writing an email to the email address above.
1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or the internet browser on the user’s computer system. If a user calls up a website, a cookie can be stored on the user’s operating system. These cookies contain a string of characters that allows the browser to be uniquely identified when the website is reopened.
We use cookies to make our website more user-friendly. For example to provide the Chat in the app.
The following data is stored and transmitted in the cookies:
We also use cookies on our website, which enable us to analyse the browsing behaviour of our users.
As a result, the following data will be transmitted:
The user data collected in this manner is pseudonymised by technical measures. It is therefore not possible to assign the data to the user accessing the site. The data is not stored together with other personal data of the users.
2. Purpose of data processing
The purpose of their use is to simplify the use of websites for users. Some functions of our platform cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change. The user data collected through cookies is not used to create user profiles.
3. Legal basis for data processing
The legal basis for the processing of personal data using non-technical cookies is Art. 6 (1) (1) (a) GDPR.
The legal basis for the processing of personal data using technical cookies is Art. 6 (1) (1) (f) GDPR, legitimate interests.
4. Duration of storage and possibility of objection and removal
Cookies are stored on the user's mobile device and are transmitted from it to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are blocked for our app, it may not be possible to use all the features of the app to their full extent.
We use the IP address and other information provided by the user (e.g. the postal code used for registration or ordering) to approach regional target groups (so-called "geotargeting").
The regional target group approach is used, for example, to automatically display regional offers or advertisements that often are more relevant to users. The legal basis for the use of the IP address and any other information provided by the user (e.g. postal code) is Art. 6 (1) (1) (f) GDPR, based on our legitimate interest in ensuring a more precise target group approach and thus providing offers and advertising with greater relevance for our users.
Part of the IP address and the additional information provided by the user (e.g. postal code) are merely processed and not stored separately.
You can prevent geotargeting by, for example, using a VPN or proxy server that prevents accurate localisation. In addition, depending on the browser you are using, you can also deactivate a location localisation in the corresponding browser settings (as far as this is supported by the respective browser).
We use geotargeting on our website for the following purposes:
1. Description and scope of data processing
We offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data will not be passed on to third parties. The following data is collected as part of the registration process:
As part of the registration process, the user's consent to the processing of this data is obtained.
2. Purpose of data processing
Part of the Localyze service package is the provision of access to the Localyze software. In order to provide access to the software, to enable the authentication process and to ensure support during the global mobility process.
3. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 (1) (1) (a) GDPR if the user has given his consent.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.
This is the case for the data collected during the registration process if the registration is cancelled or modified on our website.
5. Objection and removal
As a user you have the possibility to cancel the registration at any time. You can request a change to the data stored about you at any time. If you wish to object to the processing, please send us an informal e-mail to privacy@localyze.com.
If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
We use plugins for various purposes. In order to ensure appropriate safeguards for the protection of the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by the processors shall be based on appropriate safeguards pursuant to Art. 46 et seq. GDPR, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 (2) (c) GDPR. The plugins used are listed below:
Use of Google Analytics
1. Scope of processing of personal data
We use Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google).
Google Analytics examines, among other things, the origin of visitors, their length of stay on individual pages and the use of search engines, thus allowing better monitoring of the success of advertising campaigns. Google places a cookie on your computer.
This allows personal data to be stored and evaluated, in particular:
We use Google Analytics to evaluate your use of our online presence, to compile reports about your activities and to use other Google services related to the use of our online presence and internet usage. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
We also use Google Analytics Remarketing as part of Google Analytics, whereby the data collected and evaluated about you is used to play targeted advertising to you. By using this service offered by Google, we merge the data with our Google Ads or Display & Video 360 accounts. Google Ads and Display & Video 360 are also provided by Google.
We activated the IP address anonymization, whereby Google will shorten your IP address as soon as technically possible. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
Google may transfer your personal data to Google affiliates and other processors.
Further information on the collection and storage of data by Google can be found here: https://policies.google.com/privacy?hl=en-GB
2. Purpose of data processing
We use of Google Analytics, including Google Analytics Remarketing, to evaluate the use of our online presence as well as enable the targeted playout of advertising, to the people who have already expressed an initial interest through their page visit.
3. Legal basis for the processing of personal data
The legal basis for the processing of personal data is the user's given consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as is necessary to fulfil the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google's own statements to delete parts of the IP address and cookie information after 9 and 18 months, respectively.
5. Right to withdraw consent and removal options
You have the right to withdraw your consent at any time. The withdrawal of the consent does not affect the lawfulness of the processing carried out based on the consent up to the withdrawal.
You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
To prevent the processing of this data by Google you can download and install the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.com
Further information on objection and withdrawal options against Google can be found at: https://policies.google.com/privacy?gl=EN&hl=en
Use of Google Tag Manager
1. Scope of processing of personal data
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google). With Google Tag Manager, tags from Google and third-party services can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behaviour, capture the impact of online advertising and social channels, use remarketing and targeting, and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains statements about which tags are to be triggered. Google Tag Manager triggers other tags that may themselves collect data. You will find information on this in the passages on the use of the corresponding services in this data protection declaration. Google Tag Manager does not access this data.
For more information about the Google Tag Manager, please visit https://www.google.com/intl/de/tagmanager/faq.html and see Google's privacy policy: https://policies.google.com/privacy?hl=en
2. Purpose of data processing
The purpose of the processing of personal data lies in the collected and clear administration as well as an efficient integration of the services of third parties.
3. Legal basis for the processing of personal data
The legal basis for the processing of personal data is the user's given consent in accordance with Art. 6 (1) (a) GDPR.
4. Duration of storage
Your personal information will be stored for as long as is necessary to fulfil the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google's own statements to delete parts of the IP address and cookie information after 9 and 18 months, respectively.
5. Right to withdraw consent and removal options
You have the right to withdraw your consent at any time. The withdrawal of the consent does not affect the lawfulness of the processing carried out based on the consent up to the withdrawal.
You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
To prevent the processing of this data by Google you can download and install the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and removal options against Google can be found at: https://policies.google.com/privacy?gl=EN&hl=en
Use of Hotjar
1. scope of the processing of personal data
We use functionalities of the web analysis service Hotjar of Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter: Hotjar). Among other things, Hotjar uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your terminal device and that enable an analysis of your use of our online presence. Cookies from Hotjar are stored on your terminal device.
The following personal data is processed by Hotjar:
The data is hosted in the EU. In the event that data is transferred to a country outside the EU, Hotjar has put in place appropriate safeguards and has standard contractual clauses with the companies. For more details, please see the Data Storage article below.
For more information on how Hotjar processes data, please click here:
https://www.hotjar.com/legal/policies/privacy
2. purpose of the data processing
The use of the Hotjar plugin serves to better understand the needs of our users and to optimise the offer on this online presence.
3. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 (1) (1) (a) GDPR.
4 Duration of storage
Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law.
5. possibility of revocation and removal
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection as well as the processing of your personal data by Hotjar by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
You can deactivate the use of your personal data by Hotjar using the following link: https://www.hotjar.com/legal/compliance/opt-out.
You can find further information on objection and removal options vis-à-vis Hotjar at: https://www.hotjar.com/legal/policies/privacy
Use of Intercom
1. scope of the processing of personal data
We use functionalities of the live chat plugin Intercom of Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Rebuplic of Ireland (hereinafter referred to as: Intercom).
This is a communication platform, whereby the visitor can ask questions directly via chat.
Cookies from Intercom are stored on your terminal device.
The following personal data is processed by Intercom:
Appropriate safeguards have been put in place for transfers to countries outside the EU. For this purpose, we have concluded so-called standard data protection clauses for the transfer to other companies of the Intercom Group based in the USA.
Further information on the processing of data by Intercom can be found here:
https://www.intercom.com/legal/privacy
https://www.intercom.com/legal/cookie-policy
2. purpose of data processing
The purpose of using Intercom is for us to provide the fastest possible support and to improve the user experience, furthermore for communications by e-mail and for the purpose of direct marketing.
3. Legal basis for the processing of personal data
The legal basis for the processing of users' personal data is, in principle, the user's consent in accordance with Art. 6 (1) (1) (a) of the GDPR.
For the implementation of pre-contractual measures or if a contract exists, the legal basis for data processing with the data subject is Art. 6 (1) (1) (b) GDPR.
The legal basis for data processing in the case of a legitimate interest is Art. 6 (1) (1) (f) GDPR. In this case, one of the purposes of data processing mentioned under 2. applies.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.
5. Revocation and removal options
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You also have the right to object to the processing of your personal data at any time.
You can prevent the collection as well as the processing of your personal data by Intercom by preventing third-party cookies from being stored on your computer, by using the "Do Not Track" function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.
Further information on revocation and removal options Intercom can be found at:
https://www.intercom.com/legal/privacy
This privacy policy has been created with the assistance of DataGuard.