Privacy policy
1 Information on the collection of personal data
(1) In the following, we inform you about the processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. In this way, we would like to inform you about our processing procedures and at the same time comply with the legal obligations, in particular from the EU General Data Protection Regulation (GDPR).
(2) The person responsible pursuant to Art. 4 (7) GDPR is
INPOSIA Solutions GmbH, Ottostraße 18, 76227 Karlsruhe, Germany
Telephone: +49 (0) 721 50955 0
E-Mail: info@inposia.com
(see our imprint). You can reach our data protection officer at: dataprotection@inposia.com
or our postal address with the addition of “the data protection officer”.
(3) When you contact us by e-mail or via a contact form, the data you provide (in addition to your message to us, your e-mail address, your name, your position and your company, if applicable, as well as your telephone number and your country) will be stored by us in order to answer your questions. We delete the data accruing in this context, if the enquiry is assigned to a contract, after the time limits for the term of the contract, otherwise after the storage is no longer necessary, or restrict the processing if there are statutory retention obligations.
(4) If we use commissioned service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below. In doing so, we also state the defined criteria for the storage period.
2 Your rights
(1) You have the following rights against a data controller in respect of personal data relating to you:
-right to information,
-right of rectification or erasure,
-right to restriction of processing,
-right to object to processing,
-right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about our processing of your personal data.
3 Processing of personal data when visiting our website
When using the website for information purposes, i.e. simply viewing it without registering and without you providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR:
– IP address
– Date and time of the request
– Time zone difference from Greenwich Mean Time (GMT)
– Content of the request (page visited)
– Access Status/HTTP Status Code
– Data volume transferred in each case
– Previously visited page
– Browser
– Operating system
– Language and version of the browser software.
The first 9 bits of the entry’s IP address are converted into a hash value. Thus, the IP address 123.123.123.123 could become the “anonymous” IP address 123.123.122.243. An anonymized IP address retains its validity for a maximum of 24 hours. After that, the same source IP address would become another “anonymous” IP address. This data is immediately deleted after the end of the session on the web server and completely deleted after 6 weeks at the latest.
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers. If your browser does not support web fonts, a standard font from your computer will be used.
4 Further functions and offers of our website
(1) In addition to the purely informational use of our website, we offer, possibly also only temporarily, various services that you can use if you are interested and use other usual functions to analyse or market our offers, which are presented in more detail below. For this purpose, you usually have to provide further personal data or we process such further data that we use to perform the respective services. The aforementioned data processing principles apply to all data processing purposes described here.
(2) In some cases, we use external service providers to process your data. These are carefully selected by us, are bound by our instructions and are regularly monitored.
We currently use the following external service provider:
Medienbaum UG (haftungsbeschränkt), Gartenstr. 51, 79713 Bad Säckingen, Germany
Purpose of data processing:
Operation of the website, forwarding of enquiries via the contact form
(3) Furthermore, we may pass on your personal data to third parties if participation in promotions, competitions, conclusion of contracts or similar services are offered by us together with partners. Depending on the service, your data may also be collected by the partners on their own responsibility. You will receive more detailed information when you provide your data or below in the description of the respective offers.
(4) Insofar as our service providers or partners have their registered office in a state outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
5 Objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed it to us. The permissibility of the processing of your data up to the time of your revocation remains unaffected.
(2) Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is not necessary, in particular, for the fulfilment of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your objection, we will review the situation and either cease or adjust the data processing or show you our compelling legitimate grounds for continuing the processing.
(3) Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time. The best way to exercise your advertising objection is to contact us using the contact details provided above.
6 Processing of data from your end devices (“Cookie Policy”)
(1) In addition to the above-mentioned data, we use technical aids for various functions when you use our website, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. In the following, we first describe cookies from a technical point of view (2), before we go into more detail about your individual choices by describing technically necessary cookies (3) and cookies that you can voluntarily select or deselect (4).
(2) Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the body that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer but are primarily used to make the website faster and more user-friendly. This website uses the following types of cookies, whose function and legal basis we will explain below:
– Transient cookies: Such cookies, especially session cookies, are automatically deleted when the browser is closed or by logging out. They contain a so-called session ID. In this way, various requests from your browser can be assigned to the joint session and your computer can be recognised when you return to our website.
– Persistent cookies: These are automatically deleted after a predefined duration, which is set differently depending on the cookie. You can view the cookies set and the duration at any time in the settings of your browser and delete the cookies manually.
(3) Mandatory functions that are technically necessary to display the website: The technical structure of the website requires us to use techniques, in particular cookies. Without these techniques, our website cannot be displayed (completely correctly) or the support functions could not be enabled. These are basically transient cookies that are deleted after the end of your website visit, at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 para. 1 p. 1 lit. f GDPR.
(4) Optional cookies when you give your consent: We set various cookies only after your consent, which you can select on your first visit to our website via the so-called cookie consent tool. The functions are only activated in the event of your consent and can be used in particular to enable us to analyse and improve visits to our website, to make it easier for you to use our website via different browsers or terminal devices, to recognise you when you visit us again or to serve advertising (possibly also in order to tailor advertising to interests, to measure the effectiveness of advertisements or to show interest-oriented advertising). The legal basis for this processing is Art. 6 para. 1 p. 1 lit. a GDPR. The revocation of your consent is possible at any time without affecting the permissibility of the processing until the revocation.
The functions we use, which you can select and revoke individually via the Consent Manager, are described below.
Cookies:
| Cookie name and function | Duration |
| borlabs-cookie
Function: Saves the settings of the visitors selected in the Cookie Box of Borlabs Cookie. |
1 year |
| _ga,_gat,_gid
Functions: Google Tag Manager – Cookie from Google to control advanced script and event handling. Google Analytics – Cookie from Google for website analytics. Generates statistical data about how the visitor uses the website. |
2 years |
| NID
Function: Used to unlock YouTube content. |
6 months |
7 Web tracking by means of Google Analytics
(1) This website uses Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The purpose of our use of the tool is to enable the analysis of your user interactions on websites and in apps and to improve our offer through the statistics and reports obtained and to make it more interesting for you as a user.
(2) We primarily record the interactions between you as a user of the website and our website with the help of cookies, data on the device/browser, IP addresses and website or app activities. Google Analytics also collects your IP addresses in order to ensure the security of the service and to provide us, as the website operator, with information about which country, region or location the respective user comes from (so-called “IP location determination”). For your protection, however, we naturally use the anonymisation function (“IP masking”), i.e. Google truncates the IP addresses by the last octet within the EU/EEA.
(3) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For these cases, Google has, according to its own information, imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws in the international transfer of data. We have also agreed so-called standard contractual clauses with Google, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
(4) The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 p. 1 lit. a GDPR). Revocation of your consent is possible at any time without affecting the permissibility of the processing until revocation. In apps, you can reset the advertising ID under the Android or iOS settings. The easiest way to revoke your consent is to use our Consent Manager or to install the Google browser add-on, which can be accessed via the following link: tools.google.com/dlpage/gaoptout?hl=en/.
(5) Further information on the scope of services provided by Google Analytics is available at marketingplatform.google.com/about/analytics/terms/en/. Google provides information on data processing when using Google Analytics at the following link: support.google.com/analytics/answer/6004245?hl=en/. General information on data processing, which according to Google should also apply to Google Analytics, can be found in Google’s privacy policy at www.google.de/intl/de/policies/privacy/.
8 Integration of YouTube videos
(1) We have integrated YouTube videos into our online offer, which are stored on YouTube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transferred. We have no influence on this data transmission. The legal basis for the display of the videos is Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place after your consent.
(2) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the above-mentioned basic data such as IP address and time stamp are transmitted. This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
(3) The information collected is stored on Google servers, including in the USA. For these cases, the provider has, according to its own information, imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws in the international transfer of data. We have also agreed so-called standard data protection clauses with Google, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
(4) For more information on the purpose and scope of data collection and processing by YouTube, please see the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: www.google.de/intl/de/policies/privacy.
9 Our presence in social networks
(1) We have various presences in so-called social media platforms. We operate these presences with the following providers:
– Xing (https://www.xing.com/companies/inposiasolutionsgmbh)
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany
Privacy policy
https://privacy.xing.com/de/datenschutzerklaerung?sc_o=navigation_footer
– LinkedIn (https://www.linkedin.com/company/inposia-gmbh/)
LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, US
Privacy Policy
https://www.linkedin.com/legal/privacy-
policy?trk=d_org_guest_company_overview_footer-privacy-policy
– Facebook (https://www.facebook.com/INPOSIA-Solutions-GmbH-126299697393237/)
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy policy
https://www.facebook.com/help/568137493302217
– YouTube (https://www.youtube.com/channel/UCu918L2_lvigVEeBQ4lV3ew)
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy
https://www.youtube.com/t/privacy
– Twitter (https://twitter.com/inposia)
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Privacy policy
https://twitter.com/privacy
(2) We use the technical platform and services of the providers for these information services. We would like to point out that you use our appearances on social media platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our websites, the providers of the social media platforms collect, among other things, your IP address and other information that is stored on your terminal device in the form of cookies. This information is used to provide us, as the operator of the accounts, with statistical information about the interaction with us.
(3) The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the USA. According to their own information, all of the aforementioned providers maintain an adequate level of data protection equivalent to that of the former EU-US Privacy Shield and we have concluded the standard data protection clauses with the companies (with the exception of Xing, as this provider is based within the EU). We are not aware of how the social media platforms use the data from your visit to our account and interaction with our posts for their own purposes, how long this data is stored and whether data is passed on to third parties. Data processing may differ depending on whether you are registered and logged in to the social network or visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your terminal device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your end device can be used to track how you have moved around the network. Buttons embedded in websites enable the platforms to record your visits to these website pages and assign them to your respective profile. This data can be used to offer content or advertising tailored to you. If you want to avoid this, you should log out or deactivate the “stay logged in” function, delete the cookies on your device and restart your browser.
(4) As the provider of the information service, we also only process the data from your use of our service that you provide to us and that requires interaction. For example, if you ask a question that we can only answer by email, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for processing your data on the social media platform is Art. 6 para. 1 p. 1 lit. f GDPR.
(5) To exercise your data subject rights, you can contact both us or the provider of the social media platform. Insofar as one party is not responsible for responding or must receive the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the operator of the social media platform directly for questions about the profiling, processing of your data when using the website. For questions about the processing of your interaction with us on our site, write to the contact details we have provided above.
(6) What information the social media platform receives and how it is used is described by the providers in their data protection declarations (see link in the table above). There you will also find information on contact options as well as on the setting options for advertisements. Further information on social networks and how you can protect your data can also be found at www.youngdata.de.
10 Newsletter
(1) You can subscribe to our newsletter, with which we inform you about our current interesting offers, by declaring your consent. The advertised goods and services are named in the declaration of consent.
(2) We use the so-called double-opt-in procedure to register for our newsletter. This means that after your registration, we will send you an email to the email address you provided in which we ask you to confirm that you are the owner of the email address provided and that you wish to receive the notifications. If you do not confirm your registration within 60 days, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
(3) Mandatory information for sending the newsletter is your e-mail address as well as your name, position and company. After your confirmation, we will store your email address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 p. 1 lit. a GDPR.
(4) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter email or by sending a message to the contact details provided in the imprint.
(5) In addition, you can also give your consent for us to evaluate your user behaviour when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the evaluations, we link the data mentioned above in § 3 and the web beacons with your e-mail address and an individual ID. The information about your user behaviour is collected exclusively in pseudonymised form, i.e. the IDs are not linked to your other personal data, direct personal reference is excluded.
You can object to this tracking at any time by revoking your consent to the sending of the newsletter and unsubscribing from the newsletter by clicking on the separate link provided in each email or by informing us via another contact channel as shown above. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously. Furthermore, such tracking is not possible if you have deactivated the display of images by default in your e-mail programme. In this case, the newsletter will not be displayed to you in full and you may not be able to use all the functions. If you display the images manually, the above tracking will take place.
11 Customer portal
The use of the customer portal https://icsp.inposia.com/ is governed exclusively by the data protection declaration for our customers, which we make available to them within the scope of the conclusion of the contract or the ongoing business relationship.
12 Applicant
If you apply at https://www.inposia.com/karriere-inposia/ for one or more of the jobs advertised there, please note under Privacy Policy for Applicants at www.Avalara.com/legal/recruitmentnotice.
For applications to our parent company Avalara at https://www.avalara.com/eu/en/about/careers.html, the privacy policy of the respective national company applies.
13 Profiling
There is no automated decision-making including profiling pursuant to Article 22(1) and (4) of the GDPR.
14 Data security / encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this website uses SSL or TLS encryption (256 bit). You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
15 Status and amendment of this privacy policy
This data protection declaration is currently valid and has the status July 2022. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection statement at any time on the website at https://www.inposia.com/datenschutz/.