ONE LOGIC Network Privacy Policy

Privacy policy for ONE LOGIC Network members

We hereby inform you about how your personal data is processed within the scope of membership and the claims and rights to which you are entitled under data-protection regulations as stipulated in Art. 13 EU-DS-GVO (hereinafter referred to as “DSGVO” (European Data Protection Regulation)).

1. Who is responsible for data processing?

The external data-protection officer appointed by ONE LOGIC GmbH is:
Verimax GmbH, Warndtstr. 115, D-66127 Saarbrücken
Mr. Winfrid Meusel, E-Mail: dsb.onelogic@verimax.de
Tel: +49 681/309873-33 (extension), Telefax: +49 681/309873-29

2. Which sources and data are used?

Only personal data (Art. 4 No. 2 DSGVO) provided by a member of the network during registration (see point 2. of the Terms of Use), or voluntarily transmitted within the scope of membership (e.g. when using the service desk) will be processed. It should be noted that the ONE LOGIC Network is an offer for professional company users (B2B Offering), and members register in their role as representatives of their company.

3. For what purpose and on what legal basis is the data processed?

Personal data is processed for the purpose of concluding and implementing the contract and the associated ancillary obligations (contract in the sense of membership in the ONE LOGIC Network), the lawfulness of which is derived from Art. 6 (1) b DSGVO. This includes, among other things, communication with members, e.g. about new use cases, accompanying material for these, blueprints, white papers, product and version adjustments, new functionalities, findings from beta tests and development projects, and advertising the product and service portfolio of ONE LOGIC GmbH.
In addition, lawfulness can result from the fulfillment of legal obligations to provide information (Art. 6 (1) c DSGVO in conjunction with § 24 BDSG)

4. By whom and how the data is used?

Within ONE LOGIC GmbH, only those departments and functions that require this data to support members within the network have access.
In addition, ONE LOGIC uses various service providers (called processors) for registration, member management and communication with members. Contracts for commissioned processing have been concluded with these processors in accordance with Art. 28 DSGVO. The communication channels used are generally protected against access by third parties.
Personal data is not passed on to third parties as a matter of principle.
Feedback requested from members is anonymized, and only evaluated and used in summarized form.

5. Where is the data processed?

5.1 Pipedrive

In order to process and respond to your requests and messages as quickly as possible, we have connected our contact form to our customer relationship management tool (“CRM tool”) Pipedrive. The data submitted when filling out the form is transmitted to Pipedrive and stored there on Pipedrive servers. We use the CRM system Pipedrive of the provider Pipedrive OÜ on the basis of our legitimate interests (efficient and fast processing of user inquiries, existing customer management, new customer business), a private limited company established under the laws of the Republic of Estonia, with the address Paldiski mnt 80, Tallinn, 10617, Estonia, registered in the Estonian Commercial Register under the code 11958539, and a subsidiary of Pipedrive US. For this purpose, we have entered into a contract with Pipedrive with so-called standard contractual clauses, in which Pipedrive undertakes to process User Data only in accordance with our instructions and to comply with the EU data protection level. Pipedrive US is also certified under the Privacy Shield agreement and thereby offers an additional guarantee of compliance with European data protection law. You can access Pipedrive’s privacy policy here: https://www.pipedrive.com/en/privacy. You can inform yourself about the data stored about you at any time

5.2 Gravity Forms

The forms on our online offer use the service “Gravity Forms”. This is offered by Rocketgenius, Inc, 1620 Centerville Turnpike #102, Virginia Beach, VA 23464, USA. The use is based on our legitimate interests within the meaning of Art. 6 (1) f) DSGVO, as we intend a user-friendly design of our online offer, which also includes a contact form for easy contact. Entered form data is sent to us, the website operator, by e-mail and thus stored on our self-hosted mail server. In addition, a storage for the proof of the request was made in the WordPress database. Within the documentation area of the company website it is confirmed that the plugin is DSGVO compliant: https://docs.gravityforms.com/wordpress-gravity-forms-and-gdpr-compliance/ A transfer and storage on the servers of Rocketgenius, Inc. or on the website gravityforms.com does not take place! For more information on the collection and use of data by Gravity Forms, please refer to the privacy policy of Rocketgenius, Inc: https://www.gravityforms.com/privacy/.

5.3 Mailchimp.

To send our newsletters, we use the service “MailChimp”, a newsletter sending platform of the US provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA (“MailChimp”). We use the services of MailChimp as part of an order processing.
MailChimp may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletters or for utilization for statistical purposes. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
MailChimp also processes personal data in the USA. As appropriate guarantees for the data transfer, so-called standard contractual clauses have been concluded in accordance with Art. 46 DSGVO. Further information can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de.
MailChimp is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f) DSGVO. If you end the subscription or revoke your consent, we will instruct MailChimp to delete your data.You can view MailChimp’s privacy policy here: https://mailchimp.com/legal/privacy/. Additional privacy notices for Mailchimp can be found here: https://mailchimp.com/de/help/about-the-general-data-protection-regulation/.

5.4 Data Interface Zapier.

This site uses Zapier, a service provided by Zapier Inc, 548 Market St #62411, San Francisco, California 94104, USA, to integrate various databases and tools. This may involve the transmission of customer data, with the exception of payment data. Further information on data protection at Zapier can be found at https://zapier.com/privacy. We have entered into a so-called “Data Processing Agreement” with Zapier, in which Zapier undertakes to protect our customers’ data and not to pass it on to third parties. By filling out a form, the Zapier data interface is activated and data is transferred from Gravity Forms to Pipedrive via Zapier (see 5.1 and 5.2).

6. How long is the data stored?

Insofar as necessary for the purposes stated above (No. 3), the personal data will be stored and processed for the duration of the initiation and processing of membership in the Network. In the event of a termination of membership (see point 5 of the Terms of Use), the data will be deleted immediately.

If further contracts are concluded with ONE LOGIC GmbH during membership in the Network, the agreements concluded with them regarding data processing apply, as well as various obligations to store and provide proof, which result, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). Accordingly, the storage periods can be up to ten years.

7. How is the data processed?

7.1 By e-mail, telephone and fax.

On our ONE LOGIC platform, there is an e-mail address and a telephone and fax number, which you can use to contact us. If you write us an e-mail or send us a fax, we will store your sender data (e-mail address/fax number) as well as other data you provide. Even if you call us, it is possible that we store the data we need to answer your inquiry. The legal basis for the processing is Art. 6 (1) b) and f) DSGVO, as the contact may be a contract initiation. However, ONE LOGIC also has a legitimate interest in processing your data in order to be able to respond to you.
In the event that we would like to use your data, in particular your telephone number, fax number or e-mail address for marketing purposes, we ask for your consent in advance. In this case, Art. 6 (1) a) DSGVO is the legal basis. You can revoke your consent at any time with effect for the future. In the case of direct marketing, we also base the processing of the data on our legitimate interest according to Art. 6 (1) f) DSGVO.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected and there are no legal or contractual archiving obligations to the contrary. This is the case at the latest after 10 years. The conversation is terminated when it can be inferred from the circumstances that the facts concerned have been conclusively clarified.

7.2 Via contact form

A contact form is available on our platform, which you can use to contact ONE LOGIC electronically. If you use this option, the data entered in the input mask will be transmitted to us and stored. In particular, this involves the following data:

  • Your title, your name, your company;
  • Your e-mail address;
  • your telephone number;
  • Your inquiry and, if applicable, personal data entered there by you.

In this step, we ask you whether you would like to receive a newsletter from ONE LOGIC. You can find more about data processing in connection with ordering the ONE LOGIC newsletter in the “Newsletter” section of this privacy policy.
The legal basis for the processing of the data is Art. 6 (1) a), b) or f) DSGVO. The processing of personal data from the input mask of our contact form serves us – in addition to the above-mentioned purposes – solely to process your request, which is in our interest. It may be a matter of initiating a contract. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected and there are no legal archiving obligations to prevent its deletion. The conversation is terminated when the circumstances indicate that the matter in question has been conclusively clarified.
At the time your message is sent, the following data is also stored:

  • Your IP address;
  • Date and time of your contact.

These other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. The legal basis for the processing of the data is Art. 6 para. 1 f) DSGVO. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest. The data is used exclusively for the processing of the conversation.

8. What data protection rights exist?

Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to data portability under Article 20 of the GDPR and a right of objection under Article 21 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DSGVO in conjunction with § 19 BDSG).

9. Is there an obligation to provide data?

In the context of a membership, members must provide only those personal data that are necessary for the establishment, implementation and termination of membership. Without this data, as a rule, membership will not be possible. In addition, further data transfers may take place on a voluntary basis for the respective purpose (e.g. when using the service desk or for surveys).