contact

Privacy policy

Status 13.01.2021

Thank you for visiting our website and showing an interest in our company and our compliance software.

We take the protection of our visitors and their data very seriously and would like you to feel secure when using our website and/or myBKMS®. Therefore, we kindly ask that you acknowledge the following information:

General information on how we handle data

We take appropriate technical and organisational measures to protect your information. All our employees as well as carefully selected service providers must abide by data protection rules.

Our website is hosted on a dedicated server at Mittwald CM Service GmbH & Co KG in Germany. The myBKMS® platform is located on servers in a high-security data centre of Telekom Deutschland GmbH in Germany. Our entire webcontent is encrypted with SSL to protect your data from unauthorised access. You can usually recognise encrypted websites by the lock symbol on your browser. Please note that unencrypted data transmission (by e-mail) may be read by unauthorised persons outside our sphere of influence.

Data that we process when you use myBKMS®.

Data that you provide to us as when you register for myBKMS® will be used by us to process your request. We collect your name and e-mail address in order to be able to send you a confirmation request. Only after your registration has been confirmed will you be given the opportunity to configure your whistleblowing system. We collect the details of your organisation to check your request as well as to fulfil the order. We use your voluntary indication of a telephone number in order to be able to contact you by telephone, for example to answer support requests.

The data will only be processed by the employees of Business Keeper GmbH entrusted with processing your enquiry and will be deleted as soon as it is no longer required. Art. 6 para. 1b Alt.2 EU General Data Protection Regulation (EU-GDPR) serves as the legal basis for data processing.

If a contract for the use of myBKMS® is concluded following registration, the data will be processed based on Art. 6 Para. 1 b Alt.1 EU-GDPR and deleted after the end of the contract in compliance with the statutory retention periods.

Data we process when you access our website

When you just access our website, i.e. if you do not register or otherwise transmit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address and the like. The IP addresses are stored anonymously. For this purpose, the last three digits are removed, i.e. 127.0.0.1 becomes 127.0.0.*. IPv6 addresses are also anonymised. The anonymised IP addresses are retained for 60 days. Details of the directory protection user used are anonymised after one day.

Cookies we set when you access our website

Cookies are text files that are stored by the browser on your computer and contain information about your use of our website. The following cookies are used on the Business Keeper GmbH website:

Cookie Name

Purpose

Legal basis

Storage period

_pk_id Stores a unique visitor ID Consent (Article 6 (1) a General Data Protection Regulation) 13 months

_pk_ses

Stores information about the current session.

Consent (Article 6 (1) a General Data Protection Regulation)

30 minutes

stg_externalReferrer

Saves the URL that the visitor used to reach the website.

Consent (Article 6 (1) a General Data Protection Regulation)

Until the end of the browser session

stg_last_interaction

Determines whether the visitor's last session is still active or a new session has been started.

Consent (Article 6 (1) a General Data Protection Regulation)

365 days

stg_returning_visitor

Determines whether the visitor has visited the website in the past.

Consent (Article 6 (1) a General Data Protection Regulation)

365 days

stg_traffic_source_priority

Stores the type of traffic source and provides information about how the visitor reached the website.

Consent (Article 6 (1) a General Data Protection Regulation)

3 minutes

bcookie

Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts.

Consent (Article 6 (1) a General Data Protection Regulation)

60 hours

lang

Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts.

Consent (Article 6 (1) a General Data Protection Regulation)

Until the end of the browser session

lidc

Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts.

Consent (Article 6 (1) a General Data Protection Regulation)

24 hours

lissc

Analyses the activities of the website visitors to measure the effectiveness of the LinkedIn adverts.

Consent (Article 6 (1) a General Data Protection Regulation)

24 hours

Conversion

Analyses the activities of the website visitors to measure the effectiveness of the Google Ads advertising.

Consent (Article 6 (1) a General Data Protection Regulation)

3 months

If you wish to deactivate the storage of cookies, please refer to the help function in the menu bar of your browser for further information. Please note, however, that switching off essential cookies can considerably restrict the use of our website.

Data that we process using Piwik

Our website uses “Piwik”. This is a so-called web analysis service. Piwik uses cookies which are stored on your computer and which enable us to analyse your use of the website. For this purpose, the usage information (including your abbreviated IP address) generated by the cookie is transmitted to our server and stored for the purpose of analysing usage, which enables us to optimise our website. Your IP address is anonymised immediately as part of this process, meaning that you, as a user, remain anonymous to us. The information generated by the cookie about your use of our website is not passed on to third parties. You may prevent the use of cookies by changing your browser software settings accordingly. However, this may mean that you may not be able to use all the functions of this website in full.

If you do not consent to the storage and evaluation of this data relating to your visit, you may object to the storage and use subsequently with a mouse click at any time. This means that a so-called opt-out cookie is set in your browser so that Piwik does not collect any session data. Important: If you delete your cookies, this means that the opt-out cookie will also be deleted and may need to be reactivated by you.

Data we process using the LinkedIn Insight Tag

Our website uses the conversion tool "LinkedIn Insight Tag" from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser which enables the collection of the following data, among others: IP address, device and browser properties and page events (e.g. page views). This data is encrypted, anonymised within seven days and the anonymised data is deleted within 90 days. LinkedIn does not share any personal data with us but offers anonymised reports on website audience and display performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. We can use this data to display targeted advertising outside our website without identifying you as a website visitor. You can find more information on data protection at LinkedIn in the LinkedIn data protection information.

LinkedIn members can control the use of their personal data for advertising purposes in their account settings.

Data that we process using Google Ads

We use “Google Ads” on our website. Google Ads is an online advertising service by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display adverts on the Google search engine or on third-party websites if the user enters certain search terms into Google (keyword targeting). Further, targeted adverts can be displayed using the user data on Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by, for example, analysing which search terms led to the display of our adverts and how many adverts led to corresponding clicks.

We use Google Ads to ensure that the marketing of our services and products is as effective as possible. The legal bases for data processing are Article 6 (1a) and (1f) GDPR.

Data that we process using Google Conversion

We use “Google Conversion” on our website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion, we and Google are able to identify whether the user has carried out certain actions. In this manner, we can evaluate, for example, which buttons on our website have been clicked with which frequency and which products have been viewed or purchased particularly frequently. This information serves to provide conversion statistics. We find out the total number of users who clicked on our adverts and which actions they carried out. We do not receive any information that enables us to identify the user personally. Google uses cookies or comparable recognition technology for identification.

We use Google Conversion to analyse user behaviour in order to optimise our website and our advertising. The legal bases for data processing are Article 6 (1) lit a. and (1) lit. f GDPR.

After the corresponding consent has been provided (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Article 6 (1) lit. a GDPR; consent may be revoked at any time.

You can find more information on Google Conversion in the Google privacy policy: https://policies.google.com/privacy?hl=en.

Data that we process using Google Remarketing

We use the functions of Google Remarketing on our website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyses your user behaviour on our website (e.g. click on certain products) in order to assign you to specific advertising target groups and then display suitable advertising messages to you when you access other website offers (remarketing/retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked with the cross-device functions by Google. In this manner, interest-based, personalised advertising messages which have been adapted based on your previous usage and surfing behaviour on one device can also be displayed on another of your devices.

If you have a Google account, you may object to personalised advertising via the following link: https://www.google.com/settings/ads/onweb/.

We use Google Remarketing to ensure that the marketing of our services and products is as effective as possible. The legal bases for data processing are Article 6 (1a) and (1f) GDPR. Insofar as the corresponding consent has been requested, processing takes place exclusively on the basis of Article 6 (1) lit. a GDPR; consent may be revoked at any time.

You can find more information and the data protection terms in the Google privacy statement at: https://policies.google.com/technologies/ads?hl=en.

Data that we process when you use the download and demo form

We process data with which you have provided us via the download or demo form to safeguard our interest in protecting our intellectual property in the information provided by us.

We also process this data in order to be able to make contact with you personally based on your consent to the provision of further information by email or by telephone. We record your company name and country in order to be able to assign your matter more effectively.

In connection with this, your data is only processed by the employees of Business Keeper GmbH entrusted with processing your matter and erased once it is no longer required. The legal bases for data processing are Article 6 (1a) and (1f) GDPR.  

You may revoke your consent to this data processing with future effect at any time. Please send this revocation notice by post to our company address specified in our company details section or by email to info@business-keeper.com. Please note that, if you do so, we can no longer make contact or communicate with you. 

Data that we process when you use the contact form

Data with which you voluntarily provide us within the context of the general contact support (e.g. by email) is exclusively used for processing your request. Insofar as you use our online contact form, we record your name and your email address in order to be able to make contact with you personally by email. In so doing, should you voluntarily provide us with your company name, we will record this in order to assign your matter more effectively. If you provide a telephone number, which also takes place on a voluntary basis, this will be used by us to contact you by telephone in addition to the confirmation via email. In connection with this, your data is only processed by the employees of Business Keeper GmbH entrusted with processing your matter and erased once it is no longer required. The legal bases for data processing are Article 6 (1b) and (1f) GDPR.

Data that we process when you subscribe to our newsletter

We use the data with which you provide us when ordering our newsletter online (email address and, voluntarily, name, company, position) to send you our newsletter. As our newsletter addresses experts, including from the areas of compliance, CSR, corporate security and revision, only specialists are included in the group of recipients.
For this reason, we welcome registrations, provided you give us your name, the name of your company and your work email address. Prior to sending the newsletter for the first time, you will first receive a confirmation request. You will only receive our newsletter once this confirmation has been received. The newsletter is sent using the software “Microsoft Dynamics”. If you would like to unsubscribe from our newsletter, you can use the unsubscribe link contained in the newsletter or contact us personally. In connection with this, your data is only processed and erased by the employees of Business Keeper GmbH entrusted with the administration of the newsletter insofar as you unsubscribe from the newsletter. The legal basis for data processing is Article 6 (1a) GDPR.

Data that we process when you apply for a job with us

Data with which you provide us within the framework of an advertised vacancy or a speculative application (name, email address and all details provided by you in the application documents) is exclusively processed by the employees of Business Keeper GmbH assigned to this task for the purpose of completing the application process. The personal documents provided by you are erased as soon as they are no longer required for this purpose and we have not made express reference to storage beyond this term for a limited time period for the purpose of consideration for future vacancies. The legal bases for data processing are Section 26 (1) German Federal Data Protection Act (BDSG) and Article 6 (1f) GDPR.

How you can assert your rights as the data subject

Insofar as you have provided us with personal data (e.g. via our website for newsletter subscription or use of the contact form), you have the right to access, rectification, erasure, restriction of processing, objection and to raise a complaint to the supervisory authority. Please direct your communications to dataprivacy@business-keeper.com.

Do you have any questions about data protection? Please feel free to get in touch with us!

The point of contact for the topic of data protection, as the internal data protection officer at Business Keeper GmbH, is Mr Lennart Hock, email address: dataprivacy@business-keeper.com.

You can find information on the topics of data protection and information security in the BKMS® Compliance System here.