Page tree
No Translation available yet

You have English selected as language but this page has not been translated yet. Translate the page or view the content in the default space language below.

Display default
Skip to end of metadata
Go to start of metadata

Content

General information on data protection

Your rights

With regard to your personal data, you have the right to information, correction, deletion, restriction of processing, objection to processing or claim to transmission of your data in a structured, common and machine-readable format. In addition, you have the right to appeal to a supervisory authority if your rights are violated. More detailed information can be found in the section Your rights in detail.

Revocation of your consent to data processing / right to deletion

You can revoke your consent to the processing of your personal data at any time for the future. Data processed on the basis of your consent will subsequently be deleted by us, unless there are compelling reasons for further processing which are worthy of protection after weighing the interests of the parties involved, no legal storage or storage obligations have arisen or the processing of the data does not serve to assert, exercise or defend legal claims.

Our offer is aimed exclusively at companies or business customers. We ask private individuals, especially children under the age of 18, not to transmit any personal data to us.

Imprint

Fluxpunkt GmbH 
Zementwerk 1
72622 Nürtingen

Managing Partner:
Dipl. Inf. Fabian Wolf

Phone: +49 7022 7896848-0
Fax: +49 7022 7896848-9
Email: info@fluxpunkt.de

Responsible for content: Fabian Wolf

VAT#: DE 304 559 089
Nürtingen Tax Office

Register court:
AG Stuttgart, HRB 755609

Chamber responsible:
IHK Region Stuttgart
Jägerstraße 30
70174 Stuttgart



You can contact us by telephone, email, fax, letter post or even personally. However, all forms of short messaging services such as SMS, Whatsapp and other messengers are excluded.

This page is available for you at privacy.fluxpunkt.com

Privacy policy for services provided by us

The protection of your personal rights and your informational self-determination

We do not want to process your personal data at all!
Unfortunately, this is necessary for one activity or another, such as making contact, fulfilling contracts or the reliable operation of a website useful to you. And sometimes legislators also force you to collect and store certain data. However, it is important that this data is collected and processed in your interest and that you are not restricted in your personal rights.

What we don't care about:
We are notinterested in who uses our services - or whether you are old, young, male or female, where you live, what your preferences are or who you choose.
We have no interest in automatic decision making or profiling. So when we dutifully clarify this in the subsequent sections, this is due to legal obligations.

What we are interested in:
We are interested in how we can make our websites better for you and whether you found what you were looking for in our search for information.
We are interested in what you are looking for and whether frequently searched information is easily accessible for you.
We are interested in how many requests our server answers in a certain time and whether it is fast enough for this.
We want to make sure that our server is available for you and that there are no attacks on it.
We would like to provide you with interesting content and also link to external sources or embed them in the form of videos.
If you would like to contact us or order something, we would like to make it as easy as possible for you.

To achieve all this, we offer you contact and order forms, generate web server logs and embed evaluation scripts for statistical (anonymized) analyses on our pages. In the following sections, we will inform you which data is collected, processed and transmitted exactly and inform you about your rights.

To cut a long story short:
The data that we collect and process is intended to serve you - on the basis of morality, transparency and responsibility. Our business is to be a good service provider for you. We are not data collectors or data dealers.
Simple, isn't it?

What we do:
Trust is important to us! Therefore we attach great importance to the fact that your data is safely stored with us and you trust us in handling it.
We invest a lot in security - if you want to know exactly, you will find the details on the page Technical and organisational measures according to BDSG/GDPR.

Scope

The following privacy policy applies to the various communication channels offered by us (Internet, email, fax, telephone, letter mail, etc.) including all services offered under the following domains (including subdomains):

  • fluxpunkt.de / fluxpunkt.com
  • fluxpunkt.ch
  • fluxpunkt.cn
  • fluxpunkt.com.cn
  • fluxpunkt-it.de
  • flux.cloud
  • flux.support
  • cloudphonie.de
  • cloud-phonie.com
  • cloud-phonie.de
  • modul-store.de

In addition to the services we offer ourselves, Fluxpunkt is also present in various social networks. Please refer to the data protection regulations of the respective operator for details on data processing by the respective platform:

Responsible body / data processor

Fluxpunkt GmbH
Zementwerk 1
72622 Nürtingen
Germany

datenschutz@fluxpunkt.de

Further details and contact possibilities can be found in the imprint.

Place of data processing

The services provided by us are operated at locations in Germany (our servers) and in other European countries (external data centres).
Collected data is stored locally (at the location of the data processing system) and at backup locations within Germany and Europe.

Transport of your personal data when using our websites

In order to best protect your data during transport, we use the HTTPS protocol with SSL/TLS encryption on all our websites. You can recognize such encrypted connections by the prefix "https://" in the page link in the address bar of your browser. Unencrypted pages are identified by "http://". All data that you transmit to our websites - for example when making enquiries or logging in - cannot be read by third parties thanks to SSL encryption. When you access our pages via the unencrypted HTTP protocol, you are automatically redirected to an encrypted connection.

With regard to the encryption algorithms, guidelines and certificates used, we rely on the highest possible security: https://www.ssllabs.com/ssltest/analyze.html?d=wiki.fluxpunkt.de&latest



Your rights in detail

As a natural person whose personal rights are affected by the processing of your personal data (data subject), you have various rights with regard to your data:

  • Right to information (pursuant to Art. 15 GDPR):
    You can request information on this,
    • the purpose for which your personal data will be processed.
    • which categories of personal data are processed.
    • to whom your personal data have been or will be transferred and whether they are recipients in third countries or international organisations.
    • how long we plan to store your personal data or which criteria determine the retention period .
    • whether, in the specific case, you have the right to rectify, delete or limit the processing. These rights may be restricted under certain circumstances.
    • whether - in the specific case - you are entitled to appeal to a supervisory authority.
    • from where we have your personal data, if it has not been collected from you.
    • whether we automatically make decisions or create profiles about you based on your personal data, and if so, how the decision-making process works and what it means for you.
    • what measures or guarantees exist to protect your data when transfers are made to recipients in third countries or to international organisations.
    • which of your personal data is subject to processing (copy of this data).
  • Right of rectification (pursuant to Art. 16 GDPR):
    You may request that personal data concerning you and incorrect personal data be completed or rectified - also by means of a supplementary declaration.
  • Right to deletion (pursuant to Art. 17 GDPR):
    You may request that data relating to your person be deleted immediately unless processing of your data is required or required by law. Processing may be necessary for the exercise of the right to freedom of expression and information, to fulfil legal obligations, to safeguard public interests (including health, archival, research or statistical purposes), to exercise official authority or to enforce, exercise or defend legal rights.
  • Right to limitation of processing (pursuant to Art. 18 GDPR):
    If you have any doubts as to the accuracy of your personal data processed by us or if you dispute its accuracy, you may demand that the processing of your data be restricted for as long as we need to verify its accuracy. You can also demand a restriction of the processing if we refuse your request for deletion of your personal data in the event of unlawful processing.
    A right to limitation also exists if we no longer need your data but you need it to assert, exercise or defend legal claims or if you object to the processing but we have a legitimate interest in the processing and as long as it is not yet clear whose interests prevail.
  • Right to data transferability (according to Art. 20 GDPR):
    If you provide us with your personal data on the basis of your consent for the purpose of processing it using an automated procedure, you have the right to receive it from us again in a structured, common and machine-readable format.
  • Right of objection (pursuant to Art. 21 GDPR):
    If we process your personal data on the basis of a justified interest on our part or on the part of third parties or if the processing serves the performance of a public task or the exercise of official authority, you have the right - for reasons arising from your particular situation - at any time to object to the processing of personal data concerning you.
    We will then terminate the processing of your data unless there are compelling reasons for the processing worthy of protection which outweigh your rights or if the processing serves the assertion, exercise or defense of legal claims.
    You can object to processing for the purpose of direct marketing or profiling at any time for no reason whatsoever.
    Your data will then no longer be processed for this purpose.
  • No automated decision making in individual cases including profiling (according to Art. 22 GDPR):
    You have the right not to be subject to a decision based exclusively on automated processing - including profiling - which has legal effect on you or similarly significantly affects you. This does not apply if the automated processing is necessary for the fulfilment of a mutual contract or is permissible on the basis of legal provisions of the Union or the member states or you expressly consent to the automated decision in the individual case.

To exercise your rights, we are available to you under the contact details provided . We kindly ask you to send any requests in writing or text form (letter post or email) to us. Furthermore, we ask for your understanding that we do not provide information on personal data by telephone or accept instructions regarding the exercise of data subjects' rights, as we are unable to carry out the necessary reliable identity verification.

Legal basis for the processing of your data

Your personal data will be processed in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG-neu) and other standards relating to the collection, storage, safekeeping and deletion of data.

We process your personal data

  • to fulfil a contract existing between you and us or pre-contractual measures (Art. 6 para. 1 lit. b GDPR).
    or
  • on the basis of a legitimate interest of our company or third parties, weighing the interests of both parties (Art. 6 para. 1 lit. f GDPR)
    or
  • because we are obliged to do so by law (Art. 6 para. 1 lit. c GDPR)
    or
  • because it is necessary for an employment relationship (including initiation or termination) (Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 BDSG-neu)
    or
  • based on your consent (Art. 6 para. 1 lit. a GDPR)

Tabular overview of the personal data collected by us and third parties

In the following tables you will find a summary of the data collected and processed by us or third parties when using our services. A more detailed description can be found in the following sections.

Direct survey of you as the person concerned

Reason / PurposeServices that are used for the surveyPersonal dataLegal basisStorage periodOpt-out/opposition possibilities
Analytics / Improvement of our web presencesGoogle Analytics

Cookie and usage data

We assume that we have a predominant legitimate interest in the processing of analytical data, which does not require consent. In particular, as the analytical data is anonymized and therefore does not represent personal data.
The "Conference of Independent Data Protection Authorities of the Federal and State Governments (Data Protection Conference)" currently sees things differently, which is why we only activate analytics after opt-in.

Browser add-on (basic opt-out; not limited to our services) or
opt-in to our services via express statement
Google Adwords Conversion Tracking
Embedding of external content to improve our web presenceYoutube VideosCookie, IP address


Refrain from playing the embedded videos
Attack protection and fault analysisWeb server logsIP address

7 days, in backups up to 21 days


Establishment of contactContact formName and email address; content of the message

Deletion after expiry of statutory retention periods


EmailName and email address; content of the email (in particular signature contact information)

On a case-by-case basis according to legal requirements or as long as necessary.

For files and emails, we use a system for the implementation of differentiated retention periods and automatic deletion based on the categorization of a file/email.


Letter postContact details provided; content of letter post

On a case-by-case basis according to legal requirements or as long as necessary.

Please let us know in your cover letter if you object to electronic document processing.
Documentation of support calls outside business hoursPhoneComplete call recording for documentation and billing purposes when using the paid support hotline outside business hours. For the subsequent recording and documentation of the process in our ticket system and the final accounting,Deletion as soon as the transaction has been closed for accounting purposes.Refrain from using the fee-based support hotline outside business hours
Implementation of application proceduresLetter post / EmailContact details provided; content and attachments of letter post or emailIn the case of a successful application for the duration of the employment relationship and the subsequent expiry of deadlines with which termination becomes definitively effective.
In case of unsuccessful application for three months from notification and the final coming into effect of the cancellation. At your explicit request -- if you would like to be considered for future jobs -- your application will be stored according to your instructions. In this case, please let us know the desired storage period.

Customer orderOrder formName and email address (contact person of ordering party), name of customer, billing address for orders by end customers

Deletion after expiry of statutory retention periods


Remote supportTeamViewerIP address, TeamViewer ID



You can find further information on data protection in the Google services we use at:
 https://privacy.google.com/ We have concluded a contract for order data processing with Google. The personal data collected by Google may be stored and processed outside the European Union.

Survey from other sources

Reason / PurposeTrigger for survey / processingServices that are used for the surveyPersonal dataRetention period and legal basisOpt-out/opposition possibilities
Caller recognition, billing of service calls
Contact by telephone
Public telephone directoriesPhone number and name (by reverse resolution, if available in a public address book/phonebook)


6 months at most

Please let us know during the call if you wish to delete/anonymize your call list entry.
Protection from dubious callersFirst customer order or if there are doubts about the economic situation at the time of invoice paymentFederal Gazette PublisherName and contact details of authorized representatives.


Cancellation immediately after decision on contract initiation.


Tabular overview of the personal data collected by us and third parties

Processing of personal data for purely informational use of our websites

When using our website without registration, use of contact forms and without actively sending us information, we only collect the following data, which your web browser transmits to us, in the form of web server logs:

  • Your IP address
  • Date/Time and Time Zone
  • Requested URL
  • Request status code (HTTP status)
  • Transferred amount of data
  • Referrer (website from which you came to us)
  • Web browser used, version and language
  • Operating system used

In the following example, our imprint was called from the IP address 11.12.13.14 with Apple Mac OS X and Safari browser (version 9.1), where the visitor was directed to us by www.google.de. Our web server has successfully delivered 218 bytes of data:

Example: Log entry of an access to one of our websites
11.12.13.14 - - [14/May/2018:15:24:14 +0200] "GET /impressum.html HTTP/1.1" 302 218 "https://www.google.de" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"

Our web server can use this information to generate special formatting instructions in order to display the website in the best possible way for the browser used.

A storage in connection with other personal data does not take place. The web server logs are not used to evaluate behavior or profile generation.

The collection and processing of the data provided is technically necessary in order to display/deliver our websites correctly for your end device, to ensure proper operation, to detect errors or attacks and to optimise our websites. The non-anonymized storage of the requesting IP address is particularly necessary with regard to detection and protection against attacks. This is our legitimate interest in the processing of this data.

The data stored on the web servers in the log files and listed above will be deleted from the server after 7 days. Log files are also included within server backups and are kept for a maximum of 21 days.

Processing of personal data by cookies

We use cookies on our websites for the recognition of users for the purpose of rights control (implementation of logins) or individualization of our offer (e.g. personal shopping cart). Some functions on our websites (e.g. multi-page forms) require that your user session is maintained even after a page change. We also store information in a cookie as to whether or not you consent to the use of tracking cookies for analysis purposes. Cookies are used here for the technical implementation of these functions and are required for the operation of our websites. These cookies have names such as JSESSIONID, PHPSESSID, ga-disable or cookieconsent_status.

If cookies are used for analysis purposes (e.g. by Google Analytics; so-called tracking cookies), they serve to improve the quality and user friendliness of our websites.

Cookies are text files that are administered by your browser and made available to the website when you change pages or later visit it. You can prevent the creation of cookies by making the appropriate settings in your browser. We would like to point out that in this case you will not be able to use all the functions of our websites to their full extent.

Cookies that are valid beyond one session are provided with an expiry date and are automatically deleted from your browser after this date has expired. You can carry out a manual deletion at any time in the settings of your browser.

Since cookies are stored on your end device and transmitted to us by your browser, you can configure and determine the processing yourself.

Processing of personal data by Google Analytics with anonymization function

We use "Google Analytics", a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google"), on most of our websites. Google uses cookies, which are small text files placed on your device, to help the website analyze how users use our site. The information about the use of our websites which results from cookies is usually transferred to a Google server in the USA and stored there.

We use Google Analytics only with IP anonymization enabled. This will cause Google to shorten your IP address within the European Union or in other contracting states across the European Economic Area prior to further processing. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. A personal reference can thus be excluded.

Google will use the information collected during the analysis to evaluate your use of our website on our behalf, compile reports on website usage and provide us with other services relating to website usage and internet usage. Pseudonymous usage profiles can be created from the processed data. The IP address transmitted when Google Analytics is used is not combined with other data from Google.

We use Google Analytics for the purpose of analysing the use of our website and continuously improving individual functions and offers as well as the user experience. Through the statistical evaluation of user behaviour, we can improve our offer and make it more interesting for you as a user.

You may refuse the use of cookies by selecting the appropriate settings on your web browser, however please note that if you do this you may not be able to use the full functionality of this website. We would like to point out that in this case you will not be able to use all the functions of our websites to their full extent. If you wish to prevent the collection of data generated by the cookie and related to your user behaviour (including your IP address) and the processing of this data by Google, you can download and install the web browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

In order to oblige Google to process orders for the data transmitted only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded an order processing contract with Google. In the exceptional cases where personal information is transferred to the United States, Google has agreed to and is certified under the Privacy Shield Agreement between the European Union and the United States. By doing so, Google is committed to complying with the standards and regulations of European data protection law. Further information can be found in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Third Party Information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Further information on the use of data by Google, on setting and objection possibilities and on data protection can be found on the following Google websites:

Processing personal data through the embedding of Youtube videos

We use "Google Analytics", a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google"), on most of our websites. We use Youtube to be able to display and offer you contents and functions of the social platform Youtube on our Internet presence and thereby to improve our offer as well as the user experience and to make it more interesting, in particular to provide you with instruction videos in the area of free support. Only when the videos are played will Youtube content be downloaded and the personal data described in more detail in the table above be transferred from your Internet browser to Youtube. By clicking on the play button, you consent to this transmission.

Google has signed and certified a privacy shield agreement between the European Union and the United States. By doing so, Google is committed to complying with the standards and regulations of European data protection law. Further information can be found in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Third Party Information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland

Further information on data protection and the use of data by Google can be found on the following Google website: http://www.google.de/intl/en/policies/privacy

Processing of personal data for the purpose of establishing contact

If you contact us via email or contact form, the personal data you provide will be stored exclusively for the purpose of establishing contact:

  • Name (first name, surname, possibly salutation and title)
  • Email address
  • Contact information in your email signature
  • Content of the email
  • Date/Time
  • Processing mail servers and email headers
  • possible email attachments

Forwarding of this data takes place only on your explicit desire. A comparison of the data collected here with data that may be collected by other components of our site does not take place. Contact form data is encrypted and securely transmitted to us.
For files and emails, we use a system for the implementation of differentiated retention periods and automatic deletion based on the categorization of a file/email. Emails for which retention or deletion obligations exist are classified accordingly and automatically deleted at the end of the retention period. If no storage obligation exists, emails will be deleted after final processing or the end of an expected response period.

You may request the deletion of your email/contact form data sent to us at any time, provided that there are no compelling reasons for further processing that are worthy of protection and that the interests of the parties have been weighed against each other, provided that no legal storage or storage obligations have arisen, and provided that the processing of the data does not serve the purpose of asserting, exercising or defending legal claims.

Processing of personal data when contacting us by telephone

For incoming calls we use reverse number resolving from internal and external data sources. Telephone numbers of a private individual are personal data. Although we only serve corporate customers, it cannot be ruled out that we may be called from a private landline or mobile phone connection. Unfortunately a distinction is not possible at the time of a call.

Internal data sources are our customer directories (CRM database, exchange contacts, accounting system contact directory and workplace Outlook contacts).
External data sources are online telephone directories such as GoYellow, klicktel, tel.search.ch or Whitepages.com.

If a phone number can be resolved from internal data sources, the caller number is not transmitted to external data sources. Only if resolving from internal data sources was unsuccessful, a reverse lookup will be tried via publicly accessible address directories. For this purpose, the caller number is transmitted to one of the following services to determine the name/company and location of the caller:

Resolving of names usually take place only once and with the resolved information stored temporarily within the telephone system in an area protected against external access for future enquiries. Only a hash value of the telephone number is linked to the received and publicly accessible data from the online telephone directories. Reasons for the storage are an accelerated number resolution for subsequent calls, less requests to external services and in order not to give the external services the possibility to deduce the number and timing of calls.

The purpose of number resolution is to identify the calling company and possibly a contact person before accepting a call and to determine whether the customer is an existing customer with service contracts and/or open processes. If several calls are received simultaneously, service contract customers are given priority and identified by their phone number.

You have the option of objecting to the inclusion of your personal data or your telephone number in telephone directories. If you have agreed to the recording of your data and the transmission for the purpose of caller identification, the data published by you will be transmitted to us, stored in the call list entry and shown in the display of called telephones and on the screen of called workstations. The basis for this is § 105 TKG.

During a conversation you can inform us that you object to the storage of your data. In this case, the data associated with your call (call list entries) is anonymized.

Processing of personal data from applications

We use the application documents sent to us exclusively for the execution of the application procedure on the basis of Art. 88 Para. 1 GDPR in conjunction with § 26 Para. 1 BDSG-neu. We do not pass on your data to third parties. Within our company, access is only granted to persons who are involved in decision-making.

Please let us know in your application whether it should also be considered for future job offers and - if so - how long we should keep your application for this purpose (your right to request the deletion of your personal data at any time remains unaffected). Without such notification, we assume that you are only interested in current vacancies and, in the event of unsuccessful applications, will delete your application within three months of notification of the negative recruitment decision.

In the event of a successful application, we process your data for the purpose of establishing and exercising your employment relationship and for the duration of your employment relationship, as well as for the subsequent expiration of deadlines upon which termination finally takes effect.

Processing of personal data that you voluntarily transmit to us

In particular in contact forms, but also when contacting us via other channels, you have the opportunity to voluntarily provide us with personal data. When transferring personal data from third parties, please make sure that you only transfer them with the consent of the person concerned.

Please note that personal data (from you or also third parties), which are transmitted in connection with other data, may be subject to a storage obligation which prevents a future deletion claim.

You may request the deletion of personal data at any time, provided that there are no compelling reasons for further processing that are worthy of protection after weighing the interests of the parties, no legal storage or storage obligations have arisen or the processing of the data does not serve to assert, exercise or defend legal claims.

If you have transmitted personal data from third parties to us, we assume that you were entitled to do so. If a claim for cancellation is made against you with regard to this data, please remember to also inform us.

Scope of processing and consequences of not providing your data

We limit ourselves, with the personal data collected by us, to the minimum necessary for the stated purpose. We collect and process data insofar as it is absolutely necessary for the achievement of this purpose or serves to improve the service provided to the person concerned. This is based on the presumed will of the person concerned, taking into account the interests of both parties.

The data collected in the form of mandatory data in the ordering process are mandatory for the conclusion of a contract and the granting of rights of use, as well as for establishing contact or the transmission of declarations. Without their indication the possibility of the conclusion of a contract with us is void.

For remote support we use the software TeamViewer of the German manufacturer TeamViewer GmbH from Göppingen. Traffic data is generated by this provider. Without a consent for data processing, which the person concerned in this case gives to TeamViewer, no remote support by us is possible. Fluxpunkt GmbH does not transmit any personal data to TeamViewer GmbH on its own initiative.

Tabular overview of the personal data transfered by us

As far as legally permissible or prescribed (see section "Legal basis for the processing of your data"), we transmit personal data to third parties or external service providers:

ReceiversReason / PurposeLegal basis
ITC distributors and dispatch logisticians:
  • Shipping logistics provider:
    Deutsche Post AG
    DHL Express Germany GmbH
    GLS GmbH & Co. KG
    Trans-o-Flex Schnell-Lieferdienst GmbH
    United Parcel Service, Inc.; UPS Europe SA

  • Contract suppliers:
    Overview of our contract suppliers

Goods dispatch with direct delivery: Depending on the availability of goods, we make use of the distributions listed on the right. Your contact data (e.g. name of the consignee) will be transmitted within the scope of the delivery address.
Deliveries from our own warehouse are made exclusively via UPS (United Parcel Service, Inc.).
Manufacturer of ITC products, distributions, Internet and telecommunications providers2nd level support, project protection and enquiries, contract brokerage (update/service / Internet/telephony contracts), use of managed services to carry out and maintain business operations
Sales partnersMediation, conclusion, execution and termination of contracts
Public authorities (police, public prosecutor's office, supervisory authorities, etc.)Legal protection in justified cases

The transmitted data are those which are absolutely necessary for the fulfillment of the purpose under observance of the principle of data minimization (e.g. contact data for queries in a support case, customer data for the mediation of a contract with a manufacturer or provider).


Fluxpunkt as data processor

Fluxpunkt provides customers with various types of services in which the transfer of personal data to us takes place or cannot be avoided. We may also simply have the ability to access or exercise personal information. Examples of this are:

  • Hosting of customer websites and email services
  • Management and administration of SaaS contracts (e.g. Office 365)
  • Administration/monitoring/monitoring of customer systems (server, TC, network infrastructure, databases, websites, etc.)
  • Service on the customer's ITC systems (installation of software, error analysis, training, etc.)
  • Remote support (e.g. via TeamViewer) on a customer workstation
  • Log analyses to check the proper functioning of ITC systems
  • Processing of service requests with attached log files

In all these cases it is necessary to conclude a data processing contract with us or to obtain the express consent of each person concerned (including those of your customers and suppliers).

Auftragsverarbeitungsvertrag (AV-Vertrag) mit uns abschließen

We conclude a data processing contract with all hosting and service contract customers.

Since data processing contracts also involve extensive obligations (e.g. information obligations vis-à-vis the client), restrictions (e.g. through rights of objection in the choice of subcontractors), expenses (e.g. through the exercise of control rights by the client) and liability risks, we do not conclude them lightly, but as the result of a mutual examination weighing costs, benefits and risks. In particular, it is based on a long-term service relationship.

Limited support without data processing contract!

Without data processing contract, our services and support is unfortunately only provided to you to a limited extent. We do not analyze log files, provide remote support through TeamViewer (or other programs that potentially allow you to view or access personal information), install software or updates on your workstations, or monitor your systems.

Our support will be limited to advice, tips and explanations on self-help.

Your duties as a responsible party

  • When selecting your service providers, you must make sure that they offer sufficient guarantees to comply with the GDPR regulations (also with regard to subcontractors).
  • You yourself need permission to process certain data so that we can process them within the framework of a data processing contract.
    If we have any doubts about the lawfulness of the processing during the processing of an order, we will refuse the processing (and terminate any support activities) until you have sufficiently convinced us of the lawfulness. This procedure is necessary for the protection of those affected and also to protect you and us from liability situations according to Art. 82 GDPR.

Our technical and organisational measures

We make our technical and organisational measures available to data processing contract partners as an integral part of the contract in a continuously updated version.

Our directory of subcontractors

Our Directory of subcontractors (pursuant to Art. 28 GDPR) we make available to our data processing contractual partners as an integral part of the contract in a continuously updated version.

Our list of processing activities

Our list of processing activities (according to Art. 30 GDPR) is made available to authorized supervisory authorities upon request.

Information for our webhosting customers

Please inform your website visitors in your privacy policy about the following data processing:

The traffic data stored in the logs on our web servers and defined in more detail in our data protection declaration will be deleted from the server after 7 days. Log files are also included within server backups and are kept for a maximum of 21 days. Our web server logs are not used to evaluate behavior or profile generation.

The collection and processing of this data is technically necessary in order to correctly display/deliver customer websites for a specific end device, to ensure proper operation, to detect errors or attacks and to optimise our web hosting platform. The non-anonymized storage of the requesting IP address is particularly necessary with regard to detection and protection against attacks. This is our legitimate interest in the processing of this data.