Data protection and privacy
- Responsible body
This website and the services offered by www.qbssoftware.de are by the
QBS Software GmbH
Grünwalder Weg 13 a
Graham Dave Stevinson
HRB 171764 – District Court Munich Ust-IdNr. DE 257773242 (hereinafter referred to as “QBS Software”) operated.
QBS Software takes the protection of your personal data very seriously and adheres strictly to the rules of the data protection laws of the Federal Republic of Germany, the Telemedia Act and the data protection regulations of the European Union (hereinafter: “data protection regulations”).
QBS Software has obliged its employees to comply with data protection regulations.
- Collecting general information
Basically you can visit the website of QBS Software without giving any personal information. By visiting our website, your browser automatically transmits some data. This information, also known as server log files, is general in nature and does not allow any conclusions to be drawn. Included are: name of the website, file, date, amount of data, web browser and web browser version, operating system, the domain name of your Internet provider, the so-called Referrer URL (the page from which you accessed the offer of QBS Software ) and the IP address.
Without this data, it would not be technically possible to deliver and display the contents of the website. In this respect, the collection of data is imperative. In addition, QBS Software uses the anonymous information for statistical purposes. They help QBS Software optimize supply and technology. QBS Software also reserves the right to subsequently control the log files in case of suspected illegal use of the offer.
- Collection and processing of personal data
QBS Software collects and processes personal data only if you voluntarily provide it with your knowledge. By filling out forms or sending e-mails when ordering products or services.
In the context of the available forms, these are first of all the following data:
- E-mail address
- E-mail address
- Street / Number
- Postal code and city
- Product details
- E-mail address
- Number of people
- E-mail address
(hereinafter referred to as “personal data”).
Your data is QBS Software only to those in Ziff. 6 store and process these purposes. Any use exceeding the stated purpose requires your express consent. The same applies to the transmission and transmission of your data to third parties.
- Application procedure
On our website we publish job offers for which you can apply by e-mail. If you decide to apply for an open position, we process the personal data you provide to us exclusively for the purpose of carrying out the application process.
In the case of rejection, we will delete your data as soon as a retention period of 6 months required by labour law has expired. The period begins with the dispatch of the cancellation. If you have expressly consented to the further use of your data for a later approach regarding positions that may be of interest to you, we will continue to store your data in accordance with your consent. We will not pass on your personal data to third parties outside the concrete application procedure without your express consent or without a legal basis.
In order to evaluate an application, we do not require any information on the so-called “special categories of personal data” in the application process. This includes data revealing racial or ethnic origin, political opinions, religious or ideological beliefs or trade union membership, as well as genetic data, biometric data for the unambiguous identification of a natural person, health data or data on the sexual life or sexual orientation of a natural person. We strongly recommend that you do not include any information about the aforementioned data in your personal data. If the data provided by you contain such information, we can only process your application if you give us explicit consent to store these special categories of personal data. We would have to obtain this consent separately from you; this would cause a delay in the application process.
Please note that applications that you send to us by e-mail are transmitted unencrypted. In this context, there is a risk that unauthorized persons may intercept and use this data.
The legal basis for the processing of your personal data as part of the application process is § 26 Para. 1 in conjunction with Para. 2 BDSG.
- Purpose of the collection, processing and use
The personal data is collected, processed and used by QBS Software exclusively for the following purposes:
- to contact;
- to enable the services of QBS Software;
- related correspondence with you;
- for the processing of your request and for the further advice you may require.
QBS Software will only use the personal data for purposes other than those listed above to the extent necessary to protect the legitimate interests of a third party pursuant to point (f) of Article 6 GDPR or to avert threats to state or public security or to prosecute criminal offences pursuant to point (d) of Article 23(1) GDPR.
Subject to applicable regulations, QBS Software will use your name, e-mail address and company-specific address data to keep you up to date on current product announcements, software updates and upgrades, expiring support support and price changes by sending you newsletters in good time and inform you of any relevant effects.
The personal data are stored and processed exclusively on servers in the European Union.
- Data subjects’ rights
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information on the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right of rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, unless it has been collected from us, as well as the existence of an automated decision-making process including profiling and, if applicable, meaningful information on its details;
- in accordance with Art. 16 DSGVO, to immediately request the correction of incorrect or incomplete personal data stored by us;
- to demand the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 DSGVO if the correctness of the data is disputed by you, the processing is unlawful but you refuse its deletion and we no longer need the data but you need it to assert, exercise or defend legal claims or you have lodged an objection against the processing in accordance with Art. 21 DSGVO;
- in accordance with Art. 20 DSGVO, to receive your personal data which you have provided to us in a structured, common and machine-readable format or to request transmission to another responsible person (data transferability);
- in accordance with Art. 7 para. 3 DSGVO, to revoke your consent once given to us at any time. The consequence of this is that we may no longer continue the data processing based on this consent in the future, and
- to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.
- Right of objection: If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO if there are reasons for doing so which result from your particular situation or which are directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without having to state a particular situation.
On our website, information is collected and stored through the use of so-called browser cookies. Cookies are small text files which are stored on your data carrier and which store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the domain from which the cookie data was sent as well as information about the age of the cookie and an alphanumeric identifier.
Cookies allow our systems to recognize the user’s device and make any preferences available immediately. When a user accesses the platform, a cookie is sent to the hard drive of the user’s computer. Cookies help us to improve our website and offer you a better and more personalized service. They enable us to recognize your computer or (mobile) device when you return to our website and thus:
- To store information about your preferred activities on the website and thus tailor our website to your individual interests.
- Speed up the processing of your requests.
We work with third party services to help us make the site more interesting for you. Therefore, when you visit the website, cookies from these partner companies (third parties) are also stored on your hard drive. These are cookies that are automatically deleted after the specified time.
If you do not wish to use browser cookies, you can set your browser so that the storage of cookies is not accepted. Please note that in this case you may only be able to use our website to a limited extent or not at all. If you only want to accept our own cookies, but not the cookies of our service providers and partners, you can select the setting in your browser “Block third-party cookies”. We assume no responsibility for the use of third party cookies.
Cookies on this Website: Session Cookies
We use the web analysis tool “Matomo” to design our websites in line with demand. Matomo creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way, we are able to recognise and count returning visitors. We also use the Heatmap & Session Recording modules. Matomo’s heatmap service shows us the areas of our website where the mouse is most frequently moved or clicked. The session recording service records individual user sessions. We can replay recorded sessions and thus analyse the use of our website. Data entered in forms is not recorded and is not visible at any time.
Data processing is based on your consent in accordance with § 25 para. 1 TTDSG, Art. 6 para. 1 lit. a DSGVO, provided you have given your consent via our banner. You can revoke your consent at any time. Please make the appropriate settings via our banner.
- Google AdWords
We use the Google AdWords online advertising tool and conversion tracking as part of Google AdWords. Google Conversion Tracking is an analytics service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
If you’ve reached our website through an ad served by Google, Google AdWords will place a cookie on your computer. The conversion tracking cookie is set when a user clicks on a Google-served ad. These cookies lose their validity after 30 days, contain no personal data and are thus not used for personal identification.
If the user visits certain pages on our website and the cookie has not expired, we and Google may recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can not be tracked through AdWords advertisers’ websites. Information obtained through the use of conversion cookies is used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users.
- Google Maps
Our website uses Google Maps to display our location and to provide directions. This is a service provided by Google LLC, Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).
Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=ActiveGoogle guarantees that it will follow the EU’s data protection regulations when processing data in the United States.
To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed. If you access the Google Maps components integrated into our website, Google will store a cookie on your device via your browser. Your user settings and data are processed to display our location and create a route description. We cannot prevent Google from using servers in the USA.
The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.
By connecting to Google in this way, Google can determine from which website your request has been sent and to which IP address the directions are transmitted.
If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above.
Google also offers further information at
We offer you the opportunity to register for our free newsletter via our website (www.qbssoftware.se). We use ActiveCampaign, a service of ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, US, USA, hereinafter only referred to as ” ActiveCampaign”, to send our newsletters.
The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on ActiveCampaign servers in the USA. ActiveCampaign uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, ActiveCampaign may use this data to optimize or improve its own services, e.g. to technically optimize the dispatch and display of the newsletters or for economic purposes to determine from which countries the recipients come. However, ActiveCampaign does not use the data of our newsletter recipients to write to them itself or pass the data on to third parties.
To register for the newsletter, it is sufficient to provide your e-mail address.
Statistical collection and analyses
The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the ActiveCampaign server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times.
The statistical surveys also include the determination of whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of ActiveCampaign to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Online appeal and data management
In this context, we pointed out that cookies are used on the websites of ActiveCampaign and thus personal data is processed by ActiveCampaign, its partners and service providers used (e.g. Google Analytics). We have no influence on this data collection. remove.
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. At the same time, your consent to the sending of the newsletter via ActiveCampaign and the statistical analyses will expire. A separate cancellation of the sending via ActiveCampaign or the statistical analysis is not possible. You will find a link to cancel the newsletter at the end of each newsletter.
- Webinars with GoTo Webinar
1. Scope of data processing
In the following, we inform you about the scope of data collection, storage as well as use (hereinafter: “data processing”, used in the sense of Art. 4 No. 2 DSGVO) in the context of registration and implementation of webinars by QBS Software GmbH with the software GoToWebinar and GoToMeeting of GoTo Technologies Ireland Unlimited Company, The Reflector, 10 Hanover Quay, Dublin 2, D02R573, Ireland.
We use the GoToWebinar and GoToMeeting software to offer you, for example, webinars, training courses, workshops or information events online. The data processing takes place exclusively in order to conduct these webinars. To participate in the webinar, you can either use the desktop app, the browser, a mobile app or your phone.
2. Purposes of data processing
Data processing is carried out for the sole purpose of being able to offer and conduct webinars.
3. Categories of data processing
3.1 Before the webinar is held.
3.1.1 Information about the user during registration
If you wish to attend a session as a participant, you must register for the webinar using the registration URL (in your GoToWebinar invitation) via a form. As part of registering for the webinar, you will be asked to enter a first name, last name, your email address, and depending on the meeting, your organization, among other things, in order to be sent the access link to the webinar.
If you would like to participate in an online seminar via GoToMeeting, you must register with QBS Software GmbH by e-mail. As part of the registration process, you will provide us with your first name, last name and email address, as well as the organization where you work, if applicable.
If you provide your e-mail address, then you will receive the link to the webinar by e-mail.
If you do not wish to provide any information about your identity on the registration form or during registration, you can choose a pseudonym and in this respect maintain your identity. Without entering a real existing email address, you will find the link to the GoToWebinar (does not apply to online seminars via GoToMeeting) as follows: After submitting the registration with the pseudonymous information, a confirmation window will appear. There it says “You have registered” in the header as well as the name and time of the event. In the confirmation window, you are offered several options; one of them is the sentence “At the above time, you will participate in the webinar.” The back part of the sentence is highlighted in blue, representing the link. Click on it, copy the URL and open it in your browser. This is your participation link. In this way, participation is also possible while maintaining your identity, and we take into account the principle of data economy.
3.1.2 Advance information from speakers and moderators about webinar participants
For some webinars, it is important and necessary for the presenters to obtain information in advance about the participants and, if applicable, about their organization in order to be able to prepare the event in the best possible way and to respond to the participants in a targeted manner during the event.
In these cases, participant information (surname, first name, organization) is transmitted in advance to the respective speaker and the moderator. There will be no further use of the participant information for the preparation and implementation of the specific event.
Again, you can preserve your identity by choosing a pseudonym when registering.
3.2 During the execution of the webinar
3.2.1 Information on meeting metadata
During your participation in the webinar, so-called meeting metadata is processed. This involves the following data categories: Topic, description (optional), participant IP address, device/hardware information, location, language settings, operating system.
These data must necessarily be processed for technical reasons with regard to the respective webinar.
3.2.2 Data categories when dialing in by telephone
When dialing in by telephone, information on the incoming and outgoing phone number, country name, start and end time is processed. If necessary, further connection data such as the IP address may be stored in the case of the use of Voice-over-IP (VOIP).
For technical reasons, this data must also necessarily be processed with regard to the respective webinar.
3.2.3 Processing of text data
If you use a chat, question or survey function in the webinar, this content data is processed for the purposes of communication within the webinar. In addition, the chat history is stored in a text file that reflects the name, first name (or a pseudonym) and the text of the chat message. This data is only processed for the purpose of following up on the content of the webinar and is only passed on in anonymized form within our research center.
3.2.4 Processing of audio and video data
Our events, which are conducted via the GoToWebinar software, are generally recorded. If you participate with spoken contributions and/or if you also use the video function to enable a visual transmission of your image, this personal data will be processed for the purpose of communication within the webinar. It is up to you to use these functions. Only if you activate the microphone or the camera of your terminal device yourself, the aforementioned data processing can take place.
3.2.5 Data processing to calculate the attention factor
During events conducted via the GoToWebinar software, the software registers whether the webinar window is open as the primary window for the participant*. This information is communicated to the organizer in a non-personal form during the webinar (“attention factor 75%”). This serves the purpose that the organizer or speaker* can see if the group is losing attention. This feature replaces the view into the auditorium in analog seminars and helps the speaker to lead the event. This average figure also helps us to work continuously on the content of the event. A person-related evaluation of the attention factor is not carried out. This function does not exist for events that take place via GoToMeeting.
3.2.6 Data processing to calculate the interest quotient
After the event, GoToWebinar offers us, as the provider, the option of displaying a so-called interest quotient per registered participant. This is calculated from seven factors, such as participation in short surveys, whether chat contributions were made and the aforementioned “attention factor”.
This interest quotient serves the purpose of proving participation in a webinar, for example in the case of mandatory training courses, where certificates of participation are later issued. This feature does not exist for events that take place via GoToMeeting.
Of course, we do not use this feature for our webinars. However, it is unfortunately not possible to deactivate this function. Therefore we have to inform you about the following: It is theoretically possible that if you do not participate in any other way within the webinar and your interest quotient thus consists only of the attention factor, it is possible to tell from the interest quotient whether and for how long you used the GoToWebinar as your primary and active window during the webinar.
Again, however, you can preserve your identity by choosing a pseudonym when registering. In this case, we would only be able to track that a certain person has a certain interest quotient, but not which person this is.
3.2.7 Data processing when recording webinars
Online events with the GoToWebinar software are generally recorded. If you have joined via video or microphone function and we use this recording for downloading for third parties or similar, we will obtain your consent for this. You can see at any time whether a recording is taking place: This is indicated by the red Record button in the GoToWebinar software.
At this point, a note: GoTo Technologies Ireland Unlimited Company, as the provider of GoToWebinar, has in turn activated Google Analytics on the company website. We have neither influence nor access to this data processing carried out by GoTo Technologies Ireland Unlimited Company. Nevertheless, we would like to draw your attention to this data processing: You can read details about the use of Google Analytics by GoTo Technologies Ireland Unlimited Company here (https://www.goto.com/de/company/legal/privacy/us#analytics). You can also set your browser not to accept cookies before clicking on the registration or participation link.
4. Legal basis of data processing
Insofar as personal data of HMGU employees is processed when using GoToWebinar or GoToMeeting, Section 26 (1) of the German Federal Data Protection Act (BDSG) is the legal basis for data processing. If the use of GoToWebinar or GoToMeeting does not require the processing of personal data of HMGU employees in connection with the employment relationship, but is nevertheless an elementary part of the use of GoToWebinar or GoToMeeting, Art. 6 para. 1 lit. f DSGVO is the legal basis for the data processing. The legitimate interest of the HMGU in these cases is the effective and secure implementation of webinars.
Furthermore, the legal basis for data processing when conducting webinars is Art. 6 (1) lit. b DSGVO, insofar as the webinars are conducted in the context of contractual relationships. Should no contractual relationship exist, the legal basis is Art. 6 (1) lit. f DSGVO. Here, too, there is the legitimate interest of the HMGU in the effective and secure implementation of webinars.
5. Recipients of the data and third country transfer (EU foreign countries).
The recipient of your data in the aforementioned context is the software provider GoTo Technologies Ireland Unlimited Company, which provides the GoToWebinar and GoToMeeting software. This company processes the data on our behalf. Accordingly, an order processing agreement has been concluded with GoTo Technologies Ireland Unlimited Company in accordance with Art. 28 DSGVO. The provider has its registered office (Ireland) in a so-called unsafe third country. As a result, the provider had to guarantee us compliance with an adequate level of protection within the meaning of Art. 44 et seq. DSGVO. This adequate level of protection is guaranteed by the use of the so-called EU standard contractual clauses as part of the order processing contract.
Furthermore, other participants* of the webinar will see and hear you and your contributions and to that extent they are recipients of your data. Furthermore, please keep in mind that content from the webinars, as well as in face-to-face meeting sessions, is often used precisely to communicate information with customers, prospects, or third parties, and thus there is a possibility that other participants* may communicate your contributions to third parties.
Personal data will not be passed on to third parties outside the scope described here without express consent.
The transfer to state institutions and authorities entitled to receive information will also only take place within the framework of the legal obligations to provide information or if we are obliged to provide information by a court decision.
6. Duration of processing, deletion of data
All data relating to the webinar will be deleted no later than 6 months after the event, unless there are legal retention obligations to the contrary.
7. Data subject rights according to the DSGVO
You have the following rights in connection with the processing of personal data concerning you:
According to Art. 15 DSGVO, you have the right to request information about the personal data concerning you that is processed by QBS Software GmbH.
Pursuant to Art. 16 DSGVO, you have the right to request the immediate correction or completion of incorrect or incomplete data stored by us.
Pursuant to Art. 17 DSGVO, you have the right to request the erasure of personal data concerning you that is stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation to which QBS Software GmbH is subject, for the performance of a task carried out in the public interest, or for the establishment, exercise or defense of legal claims.
Pursuant to Art. 18 DSGVO, you may request the restriction of the processing of your personal data if you dispute the inaccuracy of such data or if the processing of such data is unlawful.
Pursuant to Art. 20 DSGVO, you have the right to receive the personal data concerning you in a structured, common and machine-readable format, and to transmit this data to another controller without hindrance or to have it transmitted by us;
In accordance with Art. 21 DSGVO, you have the right to object to the processing of your personal data, insofar as there are grounds for doing so that arise from your particular situation. Your data will then no longer be processed, unless the QBS Software GmbH can demonstrate compelling grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion or defense of legal claims.
- Data economy and duration of data usage
The legislature has issued a variety of storage obligations and deadlines. Personal data will only be stored by QBS Software for as long as necessary or required by law in accordance with the principles of data avoidance and data economy. If the purpose of the information collected does not apply or if the retention period ends, QBS Software blocks or deletes the data.
- Data security
In order to prevent unauthorized access or disclosure and to ensure the accuracy of the data and to ensure the legitimate use of the data, QBS Software uses appropriate technical and organizational procedures. Nevertheless, no electronic communication is completely secure. This means that any data and information you voluntarily provide to QBS Software may be obtained by third parties through unlawful collection of data. QBS Software can not accept responsibility or liability for the disclosure of information due to errors and / or unauthorized access during data transmission by third parties.
- References and links
Third party service providers may have different and separate terms in dealing with the collection, processing and use of personal data. It is therefore advised to check the websites of third parties before entering personal data about their practice for the handling of personal data.
- Data Protection Officer
If you have data protection questions, please contact our data protection officer.
Herr Philipp Herold
As of 21.07.2021