Privacy Policy
Status 18.11.2021
Thank you for visiting our website and showing an interest in our company and our compliance software.
We take the protection of our visitors and their data very seriously and would like you to feel secure when using our website and/or myBKMS®. Therefore, we kindly ask that you acknowledge the following information:
General information on how we handle data
We take appropriate technical and organisational measures to protect your information. All our employees as well as carefully selected service providers must abide by data protection rules.
Our website is hosted on a dedicated server at Mittwald CM Service GmbH & Co KG in Germany. The myBKMS® platform is located on servers in a high-security data centre of Telekom Deutschland GmbH in Germany. Our entire webcontent is encrypted with SSL to protect your data from unauthorised access. You can usually recognise encrypted websites by the lock symbol on your browser. Please note that unencrypted data transmission (by e-mail) may be read by unauthorised persons outside our sphere of influence.
Data that we process when you use myBKMS®.
Data that you provide to us as when you register for myBKMS® will be used by us to process your request. We collect your name and e-mail address in order to be able to send you a confirmation request. Only after your registration has been confirmed will you be given the opportunity to configure your whistleblowing system. We collect the details of your organisation to check your request as well as to fulfil the order. We use your voluntary indication of a telephone number in order to be able to contact you by telephone, for example to answer support requests.
The data will only be processed by the employees of Business Keeper GmbH entrusted with processing your enquiry and will be deleted as soon as it is no longer required. Art. 6 para. 1b Alt.2 EU General Data Protection Regulation (EU-GDPR) serves as the legal basis for data processing.
If a contract for the use of myBKMS® is concluded following registration, the data will be processed based on Art. 6 Para. 1 b Alt.1 EU-GDPR and deleted after the end of the contract in compliance with the statutory retention periods.
Data we process when you access our website
When you just access our website, i.e. if you do not register or otherwise transmit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address and the like. The IP addresses are stored anonymously. For this purpose, the last three digits are removed, i.e. 127.0.0.1 becomes 127.0.0.*. IPv6 addresses are also anonymised. The anonymised IP addresses are retained for 60 days. Details of the directory protection user used are anonymised after one day.
Cookies we set when you access our website
Cookies are text files that are stored by the browser on your computer and contain information about your use of our website. The following cookies are used on the Business Keeper GmbH website:
Technically necessary cookies | |||
Cookie Name | Purpose | Legal basis | Storage period |
__cf_bm | This cookie is used to distinguish between humans and bots. This is beneficial for the website to generate valid reports about the usage of your website. |
| one day |
stg_last_interaction | Determines whether the visitor's last session is still active or a new session has been started. |
| 365 days |
ppms_privacy | Records consent to further data collection |
| 365 days |
Analyses | |||
_pk_id | Stores a unique visitor ID
| Consent (Article 6 (1) a General Data Protection Regulation) | 13 months |
_pk_ses | Stores information about the current session. | Consent (Article 6 (1) a General Data Protection Regulation) | 30 minutes |
stg_externalReferrer | Saves the URL that the visitor used to reach the website. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
stg_returning_visitor | Determines whether the visitor has visited the website in the past. | Consent (Article 6 (1) a General Data Protection Regulation) | 365 days |
Conversion-Tracking | |||
stg_traffic_source_priority | Stores the type of traffic source and provides information about how the visitor reached the website. | Consent (Article 6 (1) a General Data Protection Regulation) | 3 minutes |
bcookie | Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts. | Consent (Article 6 (1) a General Data Protection Regulation) | 60 hours |
lang | Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
lidc | Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts. | Consent (Article 6 (1) a General Data Protection Regulation) | 24 hours |
lissc | Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts. | Consent (Article 6 (1) a General Data Protection Regulation) | 24 hours |
Conversion | Analyses the activities of the website visitors to measure the effectiveness of the Google Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 3 months |
AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 24 hours |
JFX_SessionId | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
LCIDCookie | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 365 days |
LoginVersion | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 365 days |
MSFPC | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 24 hours |
MarketIDCookie | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 365 days |
MicrosoftApplicationsTelemetryDeviceId | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 104 months |
MicrosoftApplicationsTelemetryFirstLaunchTime | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 104 months |
UserInfo | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
__RequestVerificationToken_Lw__ | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
bafts | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
bing_ads_apexhelpsessionid | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
btrk | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | 365 days |
ckyAdCenter | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
exp | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
ui_adv_cid | Analyses the activities of the website visitors to measure the effectiveness of the Microsoft Ads advertising. | Consent (Article 6 (1) a General Data Protection Regulation) | Until the end of the browser session |
__ptq.gif | Sends data to the HubSpot marketing platform about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. | Consent (Article 6 (1) a General Data Protection Regulation) | Session |
hubspotutk | Tracks the identity of a visitor. This cookie is forwarded to the HubSpot marketing platform when forms are submitted and is used when contacts are duplicated. | Consent (Article 6 (1) a General Data Protection Regulation) | 1 year |
If you wish to deactivate the storage of cookies, please refer to the help function in the menu bar of your browser for further information. Please note, however, that switching off essential cookies can considerably restrict the use of our website.
Data that we process using Piwik
Our website uses “Piwik”. This is a so-called web analysis service. Piwik uses cookies which are stored on your computer and which enable us to analyse your use of the website. For this purpose, the usage information (including your abbreviated IP address) generated by the cookie is transmitted to our server and stored for the purpose of analysing usage, which enables us to optimise our website. Your IP address is anonymised immediately as part of this process, meaning that you, as a user, remain anonymous to us. The information generated by the cookie about your use of our website is not passed on to third parties. You may prevent the use of cookies by changing your browser software settings accordingly. However, this may mean that you may not be able to use all the functions of this website in full.
If you do not consent to the storage and evaluation of this data relating to your visit, you may object to the storage and use subsequently with a mouse click at any time. This means that a so-called opt-out cookie is set in your browser so that Piwik does not collect any session data. Important: If you delete your cookies, this means that the opt-out cookie will also be deleted and may need to be reactivated by you.
Data we process using the LinkedIn Insight Tag
Our website uses the conversion tool "LinkedIn Insight Tag" from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser which enables the collection of the following data, among others: IP address, device and browser properties and page events (e.g. page views). This data is encrypted, anonymised within seven days and the anonymised data is deleted within 90 days. LinkedIn does not share any personal data with us but offers anonymised reports on website audience and display performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. We can use this data to display targeted advertising outside our website without identifying you as a website visitor. You can find more information on data protection at LinkedIn in the LinkedIn data protection information.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings.
The use of LinkedIn Insight Tag only takes place with your consent. Art. 6 para. 1a DSGVO serves as the legal basis. You can revoke your consent at any time in the data protection settings by deactivating conversion tracking.
Data that we process using Google Ads
We use “Google Ads” on our website. Google Ads is an online advertising service by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display adverts on the Google search engine or on third-party websites if the user enters certain search terms into Google (keyword targeting). Further, targeted adverts can be displayed using the user data on Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by, for example, analysing which search terms led to the display of our adverts and how many adverts led to corresponding clicks.
We use Google Ads to market our services and products as effectively as possible. Google Ads are only used with your consent. Art. 6 para. 1a GDPR serves as the legal basis for data processing. You can revoke your consent at any time in the data protection settings by deactivating conversion tracking.
Data that we process using Google Conversion
We use “Google Conversion” on our website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google Conversion, we and Google are able to identify whether the user has carried out certain actions. In this manner, we can evaluate, for example, which buttons on our website have been clicked with which frequency and which products have been viewed or purchased particularly frequently. This information serves to provide conversion statistics. We find out the total number of users who clicked on our adverts and which actions they carried out. We do not receive any information that enables us to identify the user personally. Google uses cookies or comparable recognition technology for identification.
We use Google Conversion to analyse user behaviour in order to optimise our website and our advertising. Google Conversion is only used with your consent. Art. 6 para. 1a GDPR serves as the legal basis for data processing. You can revoke your consent at any time in the data protection settings by deactivating conversion tracking.
You can find more information on Google Conversion in the Google privacy policy: https://policies.google.com/privacy?hl=en.
Data that we process using Google Remarketing
We use the functions of Google Remarketing on our website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyses your user behaviour on our website (e.g. click on certain products) in order to assign you to specific advertising target groups and then display suitable advertising messages to you when you access other website offers (remarketing/retargeting).
Furthermore, the advertising target groups created with Google Remarketing can be linked with the cross-device functions by Google. In this manner, interest-based, personalised advertising messages which have been adapted based on your previous usage and surfing behaviour on one device can also be displayed on another of your devices.
If you have a Google account, you may object to personalised advertising via the following link: https://www.google.com/settings/ads/onweb/.
We use Google Remarketing to market our services and products as effectively as possible. Google Conversion is only used with your consent. Art. 6 para. 1a GDPR serves as the legal basis for data processing. You can revoke your consent at any time in the data protection settings by deactivating conversion tracking.
You can find more information and the data protection terms in the Google privacy statement at: https://policies.google.com/technologies/ads?hl=en.
Data that we process via Microsoft Advertising
We use Universal Event Tracking (UET) through Microsoft Advertising (formerly Bing Ads) from the Microsoft Corporation (USA) on our website. With UET, Microsoft saves a cookie in your browser to allow analysis of how our online offering is used.
This only happens if you reach our website via an ad from Microsoft Advertising. This indicates to us and Microsoft that someone clicked on an ad, was directed to our online offering and visited a previously specified web page (a process called conversion measurement).
The use of Microsoft Advertising requires your consent. The legal basis for this is Art. 6(1)(a) GDPR. You can withdraw your consent at any time by deactivating conversion tracking in the data protection settings.
More information about data protection at Microsoft can be found in Microsoft’s privacy statement at https://privacy.microsoft.com/en-gb/privacystatement.
Data that we process when you use the download and demo form
We process data with which you have provided us via the download or demo form to safeguard our interest in protecting our intellectual property in the information provided by us.
We also process this data in order to be able to make contact with you personally based on your consent to the provision of further information by email or by telephone. We record your company name and country in order to be able to assign your matter more effectively.
In connection with this, your data is only processed by the employees of Business Keeper GmbH entrusted with processing your matter and erased once it is no longer required. The legal bases for data processing are Article 6 (1a) and (1f) GDPR.
You may revoke your consent to this data processing with future effect at any time. Please send this revocation notice by post to our company address specified in our company details section or by email to info@business-keeper.com. Please note that, if you do so, we can no longer make contact or communicate with you.
Data that we process when you use the contact form
Data with which you voluntarily provide us within the context of the general contact support (e.g. by email) is exclusively used for processing your request. Insofar as you use our online contact form, we record your name and your email address in order to be able to make contact with you personally by email. In so doing, should you provide us with your company name, we will record this in order to assign your matter more effectively. If you provide a telephone number, which also takes place on a voluntary basis, this will be used by us to contact you by telephone in addition to the confirmation via email. In connection with this, your data is only processed by the employees of Business Keeper GmbH entrusted with processing your matter and erased once it is no longer required. The legal bases for data processing are Article 6 (1b) and (1f) GDPR.
Data that we process when you subscribe to our newsletter
We use the data with which you provide us when ordering our newsletter online (email address, name, company, position, phone number country) to send you our newsletter. As our newsletter addresses experts, including from the areas of compliance, CSR, corporate security and revision, only specialists are included in the group of recipients.
For this reason, we welcome registrations, provided you give us your name, the name of your company and your work email address. Prior to sending the newsletter for the first time, you will first receive a confirmation request. You will only receive our newsletter once this confirmation has been received. The newsletter is sent using the software “HubSpot”. If you would like to unsubscribe from our newsletter, you can use the unsubscribe link contained in the newsletter or contact us personally. In connection with this, your data is only processed and erased by the employees of Business Keeper GmbH entrusted with the administration of the newsletter insofar as you unsubscribe from the newsletter. The legal basis for data processing is Article 6 (1a) GDPR.
Web beacons and tracking
a) In our email correspondence relating to webinars, events and resources, we only use web beacons (also known as tracking pixels) with your explicit consent.
For example, we may place web beacons in marketing emails so that we know when you have opened our email or clicked on a link contained in the email that takes you to one of our websites.
The data collected is aggregated and analysed for the purpose of optimising our email communications and determining the effectiveness and reach analysis of marketing campaigns by individually measuring, storing and evaluating open and click-through rates in recipient profiles.
You can revoke your consent to the use of this technology at any time with effect for the future. You also have the option of preventing our use of this technology by prohibiting HTML e-mails in the settings of your e-mail client.
b) We only use web beacons (also known as tracking pixels) on our websites with your express consent.
The tracking used on our websites relates contacts you have with advertisements on other websites (visual contacts and clicks on advertising banners) or with our emails to interactions on our website.
The collected data is aggregated and analysed for the purpose of optimising and economically operating our online offer, our website, and e-mail communication, as well as for determining the effectiveness of marketing campaigns.
You can revoke your consent to the use of this technology at any time with effect for the future. Further details are described in our Cookie Policy.
c) We work with the following service providers for technical implementation:
(1) For emails and websites: HubSpot, Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. The Hubspot tracking code uses cookies to record access to the website, to create user profiles and to improve the presentation of the content on our websites. Through the conclusion of standard data protection clauses approved by the European Commission between us and HubSpot Inc, the EU data protection requirements are also complied with when Hubspot processes data in the USA.
Data that we process when you apply for a job with us
Data with which you provide us within the framework of an advertised vacancy or a speculative application (name, email address and all details provided by you in the application documents) is exclusively processed by the employees of Business Keeper GmbH assigned to this task for the purpose of completing the application process. The personal documents provided by you are erased as soon as they are no longer required for this purpose and we have not made express reference to storage beyond this term for a limited time period for the purpose of consideration for future vacancies. The legal bases for data processing are Section 26 (1) German Federal Data Protection Act (BDSG) and Article 6 (1f) GDPR.
How you can assert your rights as the data subject
Insofar as you have provided us with personal data (e.g. via our website for newsletter subscription or use of the contact form), you have the right to access, rectification, erasure, restriction of processing, objection and to raise a complaint to the supervisory authority. Please direct your communications to dataprivacy@business-keeper.com.
Do you have any questions about data protection? Please feel free to get in touch with us!
The point of contact for the topic of data protection, as the internal data protection officer at Business Keeper GmbH, is Mr Lennart Hock, email address: dataprivacy@business-keeper.com.
You can find information on the topics of data protection and information security in the BKMS® Compliance System here.