Personal data are processed when using the online service foxondo:
1. Data processing when working with foxondo
If you work with foxondo as a user, personal data are processed for the following purposes:
- Provision of the system
- Granting user rights
- Logging of foxondo usage for audit and system security reasons
The following data categories are being processed about users:
- User data (such as user name and e-mail address, password, employer, assigned user rights)
- usage data (such as date and time of activities on the Online Service, activities on the Online Service such as text entries, file uploads, status changes, comments, deletions, MrFOX points)
- content data (if personal data is contained in text entries or file uploads)
If these data were not collected by you as user, it was provided by the employer or colleagues or calculated within foxondo.
The data can be viewed by your employer and, if applicable, employees within your own group. Service providers who provide or maintain the IT infrastructure and who are separately bound to confidentiality can also view the data.
The storage period depends on the above-mentioned purposes and, if applicable, on the statutory retention periods.
The legal basis for data processing is the fulfilment of your contractual obligations to your employer (Art. 6 Para. 1 Letter b GDPR) as well as the legitimate interests of your employer (and, if applicable, the external data protection officer) in the audit-proof documentation of the current status within the organisation (Art. 6 Para. 1 Letter f GDPR).
2. Data processing for the technical provision of foxondo
For the technical provision of the service it is necessary to process personal data:
Server log files
The provider and the system collect and store information that your browser automatically transmits to us. These are mainly browser type and version, operating system used, referrer URL (originating address), host name of the accessing computer, the requested files with date and time and the IP address.
These data are not merged with other data sources.
The basis for data processing is Art. 6 Para. 1 Letter f GDPR, which permits the processing of data on the basis of legitimate interest. In this case, there is a legitimate interest in a secure and functioning operation of the web server. In order to ensure this, the administration must be able to detect and trace attacks and malfunctions of the system via server log files. In order to be able to recognize attack patterns, accesses to the server must be stored. As soon as these data are no longer needed, they are deleted. For technical reasons, the data is disclosed to the IT service providers, who are bound by instructions and contract to us.
Cookies
foxondo sometimes uses cookies. They serve to make the offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. The cookies used here are so-called “session cookies” to enable access to the site. They are automatically deleted at the end of your visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. The cookies are required for the electronic communication process and are stored on the basis of Art. 6 Para. 1 Letter f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimised provision of our services. Insofar as other cookies are stored for other purposes, these are explained separately in this privacy policy.
Notifications by e-mail
Users will be notified automatically by e-mail about important events in foxondo. This includes, for example, when the approval of a module is requested.
The notification serves to make the system more user-friendly and is in the legitimate interest of the manufacturer. If the user does not want to receive these notifications, they can deactivate them via the settings (and also reactivate them if they wish).
Error Detection
To detect technical errors foxondo uses services from AppSignal B.V. (The Netherlands). Although it is not the main purpose of this service to process personal data, in individual cases the transmission of personal data (e.g., a log-in name or IP address) cannot be ruled out, if prior pseudonymization is not possible in the individual case. The legal basis for this data processing is Art. 6 Para. 1 Letter f GDPR (if necessary, in combination with EU Standard Contractual Clauses). The legitimate interest lies in the detection and correction of technical errors and optimisation of the functionality of the website.
Analytics
We use the web analytics service “Plausible Analytics” to better understand how visitors use our websites. We can draw conclusions from this to further improve the service in the future.
Data about you is only processed in such a way that you cannot be identified. Processing is done under a pseudonym: After one day, the data is completely anonymised. This includes in particular: Date and time of your visit, title and URL of the pages visited, incoming links, the country you are in and the user agent of your browser software. The legal basis for this data processing are our legitimate interests, so we are able to analyse the use of the service and to optimize it accordingly.
No data is transferred to Plausible Insights OÜ (Estonia). This does not include the IP address, which must be transmitted for technical reasons so that files can be loaded from Plausible but is not used for other purposes.
Further information on how Plausible processes data can be found here: https://plausible.io/data-policy
Newsletter
foxondo users can subscribe to the foxondo newsletter. To do so, they can register with their e-mail address. The legal basis is consent (Art. 6 Para. 1 Letter a GDPR).
You can unsubscribe at any time, for example by clicking on the unsubscribe link in the footer of the e-mail or by sending an e-mail to info@foxondo.com. We use technical service providers to send the newsletter. We do not evaluate the usage or click behaviour on a personal basis.
3. Responsibility
Responsible for the data processing is your employer or the body that has licensed the use of foxondo.
The technical provision of the service is carried out by the manufacturer foxondo GmbH (https://foxondo.com).
4. Your rights
As a data subject, you are entitled to the following rights, provided that the legal requirements are met:
- Right to be informed, Art. 15 GDPR
- Right to rectification, Art. 16 GDPR
- Right to erasure, Art. 17 GDPR
- Right to restriction of processing, Art. 18 GDPR
- Right to data portability, Art. 20 GDPR
- Right to object, Art. 21 GDPR
If the data processing is based on your consent, you may revoke this consent at any time with effect for the future.
If the data processing is based on legitimate interests, you can assert your right to object. You must give reasons for your objection.
You also have the right to complain about the data processing to the data protection supervisory authority.
If you have any further questions about how and for what purposes we process your data, please contact us.