as of May 1, 2020
Welcome, and thank you for your interest in our website www.sixfold.com (the Website), provided to you by the German private limited company Sixfold GmbH, registry code HRB735749, Stadtregal, Magirus-Deutz-Str. 16, DE-89077 Ulm, Germany, +49 4101 831 6761, firstname.lastname@example.org (Sixfold, us or we). Sixfold is the controller of your personal data.
The Website and the App, as well as all related platforms, networks, downloadable software, and other services provided by us, are collectively referred to as our Service
Personal data is any information relating to an identified or identifiable natural person (the Personal Data
Data protection is of major importance to us and we will process your Personal Data strictly in compliance with applicable data protection laws including the EU General Data Protection Regulation (GDPR
This Policy is incorporated into our Terms of Service and into your Agreement with us. Capitalized terms used but not defined in this Policy have the meaning given to them in the Terms of Service, available at sixfold.com/terms
(1) Data Protection Officer
Our Data Protection Officer can be reached at email@example.com
(2) Types of Personal Data we process
Much of the data we process is provided by you yourself when you use our Services or contact us, for example when you register and provide your name or email address or address. We do, however, also receive technical device and access data which is automatically collected when you interact with our Services.
- Profile information
Profile information is personal and demographic information on your person which you share with us when registering for an account. Your profile data includes, for example:
- Your first and last names
- Your contact details (e.g. your address and email address)
- Contact details
If you contact us, we collect your Personal Data. Depending on how you contact us (e.g. by phone or by email), your contact details may include your name, postal addresses, telephone numbers, email addresses, user names and similar contact details.
- Client data
As part of the Service, you may provide us with Client Data, including Personal Data about your customer or a third person, to store in the System on your behalf in connection with your use of the Service. Please note that we have no direct relationship with the individuals or companies whose Personal Data you have inserted in the System as part of Client Data and you are solely responsible for such Client Data. We may work with you to help you provide notice to your customers and third persons concerning the purpose for which their Personal Data is collected and how it is processed in the Service as part of Client Data.
During every access of our website user data is transmitted by the respective Internet browser and stored in protocol files, the so-called server log files. The datasets stored here contain the following data: date and time of access, url of the accessed resource, IP address, referrer URL (original URL from which you arrived at the website), the amount of data transmitted, product and version information of the browser used.
Every request for data modification in the system is logged as an event (including the reference to the user that issued the request) for asynchronous processing and business records.
The legal basis for the processing of the IP-address is Article 6 (1) f) GDPR. Our legitimate interest is ensuring a comfortable use of our Service as well as system security. The data will be deleted if they are no longer necessary for the purposes for which they have been collected, at the latest within 30 days. A longer storage only takes place if the IP address is anonymised.
- Site Data, Location Data and Device Data
For particular purposes, we also collect data on your device’s current location when you use our Services. We may track and save your location and the location of the cargo you are transporting. We may disclose your location to our customers.
We also collect location data derived from your device’s IP address. An anonymised, shortened IP address is recorded by us for this purpose which cannot be used to identify your internet connection or device.
- Personal data from Other Sources
We may obtain Personal Data from third parties and sources other than the Service, such as our partners and advertisers. If we combine or associate Personal Data from other sources with Personal Data that we collect through the Service, we will treat the combined personal data as Personal Data in accordance with this Policy.
(3) Purposes of Personal Data processing and legal basis
- For the purpose of our Service
We use Personal Data to operate, maintain, enhance and provide all features of the Service, to provide services that you request, to respond to comments and questions and otherwise to provide support.
We use the Personal Data that we collect on the Service to understand and analyze the usage trends and preferences of our users, to improve the Service, and to develop new products, services, features, and functionality.
We may use your email address or other personal data we collect on the Service (i) to contact you for administrative purposes such as customer service, to address privacy violations or defamation issues related to your Client Data posted on the Service or (ii) to send communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with. Generally, you have the ability to opt-out of receiving any promotional communications as described below under “Your Rights and Choices.”
Insofar as the purpose relates to the execution of a contract agreed with you or the provision of a Service requested by you, the legal basis for the processing is Article 6 (1) b) GDPR. Otherwise, the legal basis for the processing is Article 6 (1) f) GDPR, whereby we may use your personal data for the above purposes if we deem it necessary to do so for our legitimate interests.
- Product and technology development
We use your Personal Data for product and technology development including the development and improvement of personalised services. In doing this we use aggregated, pseudonymised or anonymised data and machine learning algorithms, page visits, mouse movements and navigation on the screen, actions triggered and user device data (such as browsers, screen resolutions, languages), perhaps from our research, which facilitate estimates, prognoses and analysis in the interests of our users. Personal Data is processed in relation to product and technology development particularly for the following purposes:
- The development of technologies and concepts to improve IT security, prevent fraud and improve data protection e.g. by pseudonymisation, encryption and anonymisation technologies.
- The development and testing of software solutions for the optimisation of necessary business and logistics processes.
- Understanding product usage metrics and user navigation through our application for the purpose of product improvements.
The legal basis for the processing of your Personal Data for product and technology development purposes is Article 6 (1) f) GDPR, whereby our legitimate interests are in the above purposes.
- On the basis of your consent
If you have given us your consent for the processing of personal data, your consent is the primary basis of our data processing in accordance with Article 6 (1) a) GDPR. Which of your data we process on the basis of your consent depends on the purpose of your consent. Typical purposes include:
- Subscription to a newsletter.
- Participation in surveys and market research studies.
- The transmission of your data to third parties or to a country outside the European Union.
You can withdraw consent at any time with effect for the future by e-mail.
(4) When we disclose personal data
Except as described in this Policy, we will not disclose your Personal Data to third parties without your consent. We may disclose personal data to third parties if you consent to us doing so, as well in the following circumstances:
- Any Personal Data that you voluntarily choose to include in a publicly accessible area of the Service, such as a public profile page, will be available to anyone who has access to that content, including other users.
- We work with third party service providers to provide website or application development, hosting, maintenance, customer support and other services for us. These third parties may have access to or process your Personal Data as part of providing those services for us. Generally, we limit the Personal Data provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to the necessary data processing contracts. A list of service providers we use can be found here: sixfold.com/privacy/service-providers. If the service providers process your Personal Data outside the European Union, this may mean that your data is transmitted to a country with a lower data protection standard than the European Union. In such cases Sixfold will ensure that the relevant service providers contractually or otherwise guarantee an equivalent data protection level.
- We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable Personal Data available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Service.
- We may disclose your Personal Data if required to do so by law or in the good-faith belief that such action is necessary to comply with legal acts, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. The legal basis for such disclosure is Article 6 (1) c) GDPR.
- We also reserve the right to disclose your Personal Data that we believe, in good faith, is necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or (v) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others. The legal basis for such disclosure is Article 6 (1) f) GDPR. Our legitimate interest lies in the purposes mentioned above.
- Personal data about our users, including Personal Data, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which personal data is transferred to one or more third parties as one of our business assets. The legal basis for such disclosure is Article 6 (1) f) GDPR. Our legitimate interest lies in the purposes mentioned above.
(5) Data Security
We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it. We use certain physical, managerial, and technical safeguards that are designed to improve the integrity and security of your Personal Data. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot therefore ensure or warrant the security of any Personal Data you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us at firstname.lastname@example.org
If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Service if a security breach occurs.
(6) Data Retention
We only retain the Personal Data collected from you for as long as your account is active or otherwise for a limited period of time as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law.
If you close your Client account, we will delete all the Personal Data we have stored regarding you. If it is not possible or necessary to completely delete your Personal Data for legal reasons, the relevant data will be blocked for further processing. Blocking will occur, for example, in the following cases:
Your order and payment details and perhaps other details are generally subject to various legal retention obligations, such as those in the Handelsgesetzbuch (HGB – Commercial Code) and the Abgabenordnung (AO – Tax Code). The law obliges us to retain this data for tax audits and financial audits for up to ten years. Only then can we finally delete the relevant data.
Even if your Personal Data is not subject to any legal retention obligation, we may refrain in the cases allowed by the law from immediate deletion and instead carry out initial blocking. This applies especially in cases where we may need the relevant Personal Data for further contractual processing or prosecution or legal defence (e.g. in the event of complaints). The decisive criterion for the duration of the blocking is then the legal limitation periods. After the relevant limitation periods expire, the relevant Personal Data will finally be deleted.
Deletion may be waived in the cases allowed by law if the Personal Data is anonymous or pseudonymous and deletion would rule out or seriously hinder processing for scientific research or statistical purposes.
(7) Changes and Updates to this Policy
(8) Information about Cookies
Cookies are small text files which are saved by your web browser and which save particular settings and data for exchange with our web server. A distinction is generally made between two different types of cookies, so-called session cookies, which are deleted as soon as you close your browser, and temporary/permanent cookies which are stored for a longer period. Storing this data helps us to design our websites and services for you accordingly and makes them easier for you to use, for example by saving particular entries so that you do not have to repeat them constantly.
Our services use three categories of cookies:
- Necessary cookies: These cookies are required for optimal navigation and operation of the website. Only limited use of the website is possible without necessary cookies. The legal basis for the use of necessary cookies is Art. 6 (1) b) GDPR or Art. 6 (1) f) GDPR whereby our legitimate interest lies in the provision of optimized Services to you.
- Statistical cookies: These cookies collect device and access data to analyse the use of our website, such as which areas of the website are used how (so-called surfing behaviour), how fast content is loaded and whether errors occur. These cookies only contain anonymous or pseudonymous information and are only used to improve our website and Services and to find out what our users are interested in, and to measure how effective our advertising is. Statistical cookies can be blocked without adversely affecting the navigation and operation of the website. The legal basis for the use of statistical cookies is Art. 6 (1) f) GDPR whereby our legitimate interest lies in the above purposes.
- Marketing cookies (“tracking cookies”): These cookies contain identifiers and collect device and access data, in order to adapt personalised advertising. Our advertising partners who operate online advertising networks also collect device and access data on our websites. This allows us to display personalised advertising on other websites and in other providers’ apps which fits your interests (so-called retargeting). Marketing cookies are only used subject to your prior consent. The legal basis for the use of marketing cookies is your consent, Art. 6 (1) a) GDPR.
(9) Google Analytics
Subject to your consent, in order to constantly improve and optimize our offer we make use of so-called tracking technologies. To this end we make use of the services of Google Analytics. Google Analytics is a service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics makes use of “cookies”, i.e. text files that are stored on your computer and enable an analysis to be made of our offer by Google. The information recorded by the cookies on the use made of our websites (including your IP address) is normally transmitted to a Google server in the USA and stored there. We draw your attention to the fact that on our websites Google Analytics were extended by the code “gat._anonymizeIp();” to ensure an anonymized record of IP addresses (so-called IP masking). At our request, your IP address is therefore recorded by Google solely in shortened form, which ensures anonymization and allows no inferences to be made to your identity. In the event that the IP-anonymize function is activated on this website, your IP address will previously be shortened by Google within the member countries of the European Union or in other contracting states that were party to the agreement on the European Economic Area. Google will make use of the said information to evaluate your use of our websites, to prepare reports on the website activities for us and to provide us with further website-related and Internet-related services. The IP address transferred from your browser by Google Analytics is not brought together by Google with other data collected. Any transfer of this data to a third party by Google is made solely on the basis of statutory regulations or within the framework of order data processing. On no account will Google bring your data together with other data recorded by Google. The legal basis for our use of Google Analytics is your consent, Art. 6 (1) a) GDPR.
You can prevent the storage of the cookies by adjusting your browser-software settings appropriately. In this case, however, we draw your attention to the fact that you may not then be fully able to use all of the functions of these websites. You can also prevent the acquisition by Google of the data generated by the cookie and relating to your use of the website (incl. your IP address) as well as its processing by Google in that you download and install the browser plug-in available under the following link: tools.google.com/dlpage/gaoptout
(10) Facebook Pixel
With your consent, our website uses the Conversion Tracking Pixel service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304 (‘Facebook’). This tool allows us to follow the actions of users after they are redirected to a provider’s website by clicking on a Facebook advertisement. We are thus able to record the efficiency of Facebook advertisement for statistical and market research purposes. The collected data remains anonymous. This means that we cannot see the personal data of any individual user. However, the data is saved and processed by Facebook; consequently, connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Use Policy. As a result, Facebook can enable the delivery of ads both on and off Facebook pages.
(11) Do Not Track Settings
Your device operating system or browser may include settings, options, or add-on components to control the placement and presence of cookies and access to location personal data. We do not track our users over time and across third party websites to provide targeted advertising and do not specifically respond to Do Not Track (DNT) signals. However, some third party websites do keep track of your browsing activities, including across other websites on the Internet, which enables these websites to tailor what they present to you. If you are visiting such websites, your browser may allow you to set a DNT signal on your browser so that third parties know you do not want to be tracked.
(12) Third-Party Services
The Service may contain features or links to websites and services provided by third parties. Any personal data you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with personal data.
(13) Your Choices and Rights
You may, of course, decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service. You may update, correct, or delete your profile personal data and preferences at any time by accessing your Account preferences page on the Service.
If you wish to access or amend any other Personal Data we hold about you, or to request that we delete any personal data about you that we have obtained from an Integrated Service, you may contact us at email@example.com. Please note that while any changes you make will be reflected in active user databases as soon as possible, we may retain all personal data you submit for backups, archiving, prevention of fraud and abuse, analytics (on an aggregated basis, only), satisfaction of legal obligations, or where otherwise required or permitted by law.
In general, you have the following legal data protection rights under the relevant legal conditions: Right to information (Article 15 GDPR), right to deletion (Article 17 GDPR), right to correction (Article 16 GDPR), right to restriction of processing (Article 18 GDPR), right to data portability (Article 20 GDPR), right to lodge a complaint with a supervisory authority (Article 77 GDPR), right to withdraw consent (Article 7 (3) GDPR) as well as the right to object to particular data processing measures (Article 21 GDPR). Please address your application to firstname.lastname@example.org
If you receive a commercial or promotional email from us, you may unsubscribe from it at any time by clicking the respective link at the bottom of the email. We may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us also in Account functionality on the Service. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the Service.
Sixfold has no direct relationship with a Client’s customer or third party whose Personal Data Sixfold may process on behalf of a Client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct her/his query to the Client or User they deal with directly. If the Client thereafter requests Sixfold to remove the data, we will respond to the request within reasonable time. In any event, we will delete or amend any Personal Data that we are storing if we receive a written request to do so, unless we have a legal right or obligation to retain such Personal Data. Any such request should be addressed to email@example.com
and include sufficient personal data for Sixfold to identify the Client or its customer or third party and the personal data to be deleted or amended.
Our Contact Information
Please contact us with any questions or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at firstname.lastname@example.org
Aadress: Stadtregal, Magirus-Deutz-Str. 16, DE-89077 Ulm, Germany