Phone: +49 (0)721 – 6273760
§ 1 General Provisions
- Data generated by the mere use of the Website without registration
- Data processed for the purposes of contract performance or while using the Platform
- Personal data is collected, processed and used by ITscope exclusively in accordance with the applicable statutory provisions, including, but not limited to General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
§ 2 Use of the Website without registration (cookies, web analysis, retargeting)
- The web pages can be used without registration and, thus, also without providing personal data. If the User discloses personal data on the web pages, this will occur on a voluntary basis.
- When a User visits our Website, this access is stored in log files or log entries on the ITscope server systems in compliance with legal requirements. The following types of data will be collected:
- Date and time of access to the service;
- Host name of the accessing computer (IP address);
- Referrer URL (the previously visited website);
- User’s browser type and version;
- User’s screen resolution;
- User’s operating system;
- Pages and features accessed by the User;
- Search term with which the Website was found, e.g., using Google.
- ITscope will use the data referred to above based on the legitimate interests of ITscope within the meaning of Art. 6 par. 1 lit. f) of the GDPR, namely statistical analysis and to improve the usability of the Website. This data will not be linked with personal data by ITscope itself nor on behalf of ITscope by a third party. The gathered data will be deleted upon the expiration of a ninety (90) days period.
- This Website uses so-called cookies. Cookies are small text files that are stored on the User’s computer when a website is accessed. Cookies help to make websites more comfortable, efficient, and secure. Being text-only files, cookies cannot contain viruses or other malware. Most browsers can display a warning before a cookie is stored, allow the User to completely refuse the acceptance of cookies, and/or to delete existing cookies subsequently.
- ITscope uses the following services for web analysis and remarketing as well as their cookies (“Services”) on its Website:
- „Google Analytics“, an analytics service of Google Inc. (“Google”).
- „Mixpanel“, an analytics service of Mixpanel Inc. (“Mixpanel”).
- „Google Remarketing“, a personalised advertising service of Google Inc. and/or the Google “DoubleClick” brand.
Cookies, i.e., text files that are stored on the User’s computer and allow an analysis of how a User uses a particular website are used for these Services. The information generated by the cookie about the use of the Website or Platform will be transmitted to the servers of the analysis services in the U.S. and stored there.
The User’s IP addresses are anonymised using “anonymizeIp()” or through comparable technical means, or only used to retrieve geodata and not stored by the Services for any other purpose so that it is not possible to associate them with an internet access point or a User. According to Google, Google will not link the IP address of the User with other Google data.
The Services will use the collected information to analyse the use of the Website, to compile reports on Website activities, and to provide ITscope with other services in connection with the Website used. This information may also be transmitted to third parties if this is required by law or if third parties process this data on behalf of the Services.
ITscope also uses Google Remarketing on the Website. This service may cause our ads to be displayed to you while browsing the internet once you have visited our Website. This will occur via cookies that are stored in your browser through which your user behaviour while visiting various websites will be recorded and analysed by Google. Cookies allow Google to recognise that you visited our website prior to other websites. According to information published by Google, data gathered during the remarketing process will not be matched with your personal data that may be stored by Google. In particular, remarketing data will be pseudonymised according to Google.
Data processing will occur based on the legitimate interest of ITscope in accordance with Art. 6, par. 1 lit. f) of the GDPR, i.e., based on the interest in the analysis, optimisation, and the cost-efficient operation of the Website. Both Google and Mixpanel are certified under the Privacy Shield and, thus, guarantee their compliance with the European Data Protection Law. The Privacy Policies of the services are available from https://mixpanel.com/legal/privacy-overview/ and https://policies.google.com/?hl=de.
By using the Website or Platform, the User agrees to the processing of data collected about it by the Services in the manner and for the purpose described above.
The User may prevent the storing of cookies by making the appropriate settings in its browser software; however, please note, that in this case you may not be able to use the full functionality of the Website or Platform.
In addition, the User has the following opt-out options:
- The User may object to the collection of data by Google Analytics with effect for the future, in particular, by installing an opt-out (deactivation) add-on (http://tools.google.com/dlpage/gaoptout) for its browser.
- The User may object to the collection of data by Mixpanel with effect for the future by following the instructions described on https://mixpanel.com/optout/.
- The User may object to the use of data for interest-related advertisements on the following web pages:
§ 3 Data processing during Platform use
- ITscope collects personal data of the User (in particular the name and business contact data) when the User registers on this Platform or is registered by a third party, e.g., if the employer of a User creates an account for it on the Platform. If required by data protection law, rules, and regulations, the customer assures to have obtained the prior consent of its employees and to have informed them accordingly. With regard to its employees, the customer shall ensure that ITscope may process and use the contact data collected for the contractual purposes described herein and, if necessary, may contact the employees (e.g., in connection with a support ticket).
- During the registration process, ITscope will request the following mandatory information that is marked with an asterisk (*): family name, first name, email address, company, for newly registered companies also the full postal address of the company and a phone number. Registration without this mandatory data is not permissible. During the registration process the User may also provide additional data on a voluntary basis, such as on its position within the company and other contact data. This information is not a prerequisite for registration.
- ITscope will process and use the personal data of customers and Users for contract performance and customer support (e.g., provision of support services and user support) based on Art. 6, par. 1 lit. b) of the GDPR. ITscope will inform Users by email about new and similar products and services as well as special offers from ITscope that might be of interest to the User in the form of a periodic newsletter. The User has the right to object to the use of its email address for such marketing purposes by notifying ITscope hereof at any time (e.g., by unsubscribing from a newsletter by activating a link at the end of each newsletter) without incurring any costs.
- ITscope will neither use the User’s personal data for other advertising purposes nor pass it on to third parties, unless,
- the User expressly grants its consent to the use of its data for advertising purposes and/or disclosure to third parties; the User may withdraw its consent at any time; or
- ITscope is obligated to pass on data by law, e.g., to investigative authorities.
- Personal data that the User voluntarily provides on the Platform via the presentation and communication features provided may be deleted by the User at any time during the existing contractual relationship. In addition, personal user data (including the User’s login data for supplier systems stored on the Platform, cf. Art. 4) will be deleted from all systems or their processing will be restricted no later than three (3) months after termination of the contractual relationship with ITscope. This can also be done by removing the personal identifiers from texts written by the User or contents uploaded to the Platform (e.g., product reviews and comments).
§ 4 Creation and analysis of user profiles on the Platform
- In addition, the access of registered Users to the Platform based on the legitimate interests of ITscope in accordance with Art. 6, par. 1 lit. f) of the GDPR will be logged using their user ID and account number and stored for the purpose of enhancing the user experience and for statistical analysis. ITscope has the right to publish analysis results in anonymous or aggregated form, i.e., without reference to individual customers or Users, for information purposes, for instance on the Website. Beyond this, profile data will not be passed on to third parties, unless ITscope is obligated by law to do so.
- The User may disable the compilation of personal user profiles on the Platform in the user settings.
§ 5 Erasure or deletion of data
- Personal data collected via the Website will only be stored by ITscope until the purpose for which it had been transmitted by the User has been completely fulfilled. This shall also apply to personal data if the User had granted its express consent to the collection and processing of this type of personal data.
- The data will not (yet) be deleted if it still needs to be retained until the purpose is completely attained or if there are other legitimates grounds for its retention and/or if statutory provisions (e.g., retention duties under trade and tax law) prohibit the erasure or deletion of data. Article 3 (5) above applies to the deletion of data collected and processed in connection with the Platform use.
§ 6 Use of supplier services within the Platform
- Suppliers listed on the ITscope Platform may provide their own services on or via the Platform (“Supplier Services”), e.g., for retrieving particular purchase prices or for electronic order processing.
- User login data (in particular, passwords) required for using Supplier Services are electronically transmitted to the suppliers’ servers as encrypted messages at all times, unless a supplier fails to offer a secure or encrypted connection for this purpose.
- ITscope uses state-of-the-art, secure encryption procedures with separately stored keys to protect the User’s login data and will decrypt these only for the purpose set forth on the Platform, in particular, to retrieve prices and to transmit order documents to the User.
- ITscope exclusively uses its own server systems for storing such login data, which are hosted at a data center certified in accordance with the BSI Grundschutzhandbuch (Basic Protection Manual) and ISO 27001.
- ITscope is not responsible for the collection and processing of User’s personal data by the supplier, rather, the corresponding supplier is the Controller within the meaning of the GDPR.
§ 7 Data subject rights
- Users affected by data processing (“Data Subjects”) may exercise various rights. In particular, these are:
- Right to access: The User has the right to access information that ITscope stored about him/her.
- Right to rectification and erasure: The User may request ITscope to rectify inaccurate data and to erase its data.
- Restriction of processing: The User may request ITscope to restrict the processing of its data.
- Data portability: If the User provides data to ITscope under an agreement or based on a consent, it may demand the provision of the data submitted by it in a structured, common, and machine-readable format, or that ITscope transmit this information to another controller.
- Objection to data processing based on “legitimate interest”: If reasons exist that are based on grounds relating to the User’s particular situation, the User may object at any time to the processing of personal data by ITscope, to the extent that the “legitimate interest” is the legal basis for this objection. If the User should exercise its right to object, ITscope will discontinue the processing of its data, unless ITscope are able to show that there are compelling reasons that allow the continued data processing and outweigh the User’s rights.
- Withdrawal of consent: If the User has granted its consent to the processing of its data the User may withdraw this consent at any time with effect for the future. The legitimacy of processing of its data up to the date of withdrawal remains unaffected.
- Right to lodge complaints with the supervisory authority: Furthermore, the User has the right to lodge a complaint with the competent supervisory authority, if it believes the processing of its personal data to violate the applicable statutory provisions, rules, and regulations. In this case, the User may contact the data protection authority having competence at its place of residence or in its country, or the data protection authority having competence at the place of business of ITscope.
The User is only entitled to the rights described above subject to the condition precedent that the applicable legal requirements have been complied with, including those that are not explicitly mentioned in the above explanations.
In case of any questions regarding the processing of their User data, data subject rights or any consent granted, the User may contact ITscope free of charge.
If you wish to exercise any or all of your rights, please email us at email@example.com or write a letter to the address indicated in section 1 above, or give us a call. Please ensure that we will be able to identify you without doubt.
Last revised: January 16th, 2019
Digitise your sales and purchasing!
Test ITscope with no obligation for 30 days: all tools and no hidden costs! You are free to continue to use the limited FREE-version of ITscope after your trial period. Alternatively, you can choose from a variety of upgrades – we will be happy to assist you in finding the perfect ITscope version for your organisation!