Privacy policy
Part I gives you general information about how we process your personal data when you visit and use our website, as well as information about the rights you have as a data subject.
Im Part II provides you with information on when you can object to the processing of your data by us.
Part I: General data protection information
Name and contact details of the responsible party:
Kolmuko Softwareentwicklung
Thomas Müller & Sandro Könnecke GbR
Aurelienstraße 60
04177 Leipzig (Germany)
Phone: +49 (0) 160 / 919 370 76
E-Mail: info@kolmuko.de
Provision of the website and creation of log files
Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer. The following data is collected in this process:
- Information about the browser type and the version used.
- The operating system of the user
- The user's Internet service provider
- The IP address of the user
- Date and time of access
- Websites from which the user's system accesses our website
- Websites that are accessed by the user's system via our website
The data is stored in log files at our technical service provider, Hetzner Online GmbH, Industriestrasse 25, 91710 Gunzenhausen. The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f DSGVO. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session. In these purposes also lies our legitimate interest in data processing according to Art. 6 para. 1 lit. f DSGVO.
The storage of the above data in the log files is done to ensure the functionality of our website. In addition, this data serves us to optimize the website and to ensure the security of our information technology systems (e.g. attack detection). These purposes are also our legitimate interest in data processing according to Art. 6 Para. 1 lit. f DSGVO.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. Log files are stored for 30 days.
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
Demo version
Within the scope of the demo version, the user can use the time recording software timeslider. All entries are stored for the duration of the browser session to allow the user to test the software. The legal basis is Art. 6 para. 1 lit. b DSGVO. The recipient of the data is technically necessary our web host, Hetzner Online GmbH, Industriestrasse 25, 91710 Gunzenhausen.
With the end of the browser session, all personal data entered will be deleted.
Registration and account
On our website, we offer the user the opportunity to register under password protection by providing personal data. The data (e-mail address and password) are entered into an input mask and stored by us. The account created in the course of registration can be personalized by the user voluntarily with further data. The legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.
At the time of login, the IP address of the user as well as the date and time are also stored. The storage is done to ensure the security of our information technology systems (e.g. attack detection). These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f DSGVO.
The user can delete his account at any time. However, if the user has concluded a paid contract with us, the complete deletion will only take place after the expiry of the commercial and tax retention obligations pursuant to Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO).
The log files for logging in are stored for security reasons and for support requests for 30 days and then deleted. There is no right of objection in this respect.
Log-in via Microsoft account
We offer our users the option of logging into our website via their existing Microsoft account with Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter "Microsoft"). An additional registration is not required in this case. When using this function by clicking on the Microsoft logo, the user is redirected to the Microsoft website and asked to log in. This links the user's Microsoft account and our service, whereby we receive the first and last name stored in the Microsoft account as well as the e-mail address. The legal basis for the data processing is Art. 6 (1) lit. b DSGVO.
Should the user no longer wish to use the link between the Microsoft account and our service, he must remove the link within his Microsoft account: https://account.microsoft.com/privacy
Microsoft is responsible for further data processing. For more information on how Microsoft handles your data, please visit
https://privacy.microsoft.com/de-de/privacystatement.
Log-in via Google account
We offer our users the option of logging into our website via their existing Google account with Google Ireland Limited, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as "Google"). An additional registration is not required in this case. When using this function by clicking on the Google logo, the user is redirected to the Google website and prompted to log in. This links the Google account of the user and our service, whereby we receive the first and last name stored in the Google account and the e-mail address. The legal basis for the data processing is Art. 6 (1) lit. b DSGVO.
If you decide that you no longer wish to use the link between your Google account and our service, you must remove the link within your Google account. You can view, restrict or cancel your Google permissions at https://myaccount.google.com/security?pli=1#connectedapps
Google is responsible for further data processing. For more information on how Google handles your data, please visit https://policies.google.com/privacy?gl=DE&hl=de.
Calendar integration
The user has the option in their user settings to integrate one or more calendars (Microsoft or Google). Calendar entries from the respective calendar are read and displayed on the Timer Stage for the corresponding days. This is a read-only access; entries are only displayed and are not saved at this point. Only when a user clicks on a calendar entry is a new timeline created and saved, including the title, duration, and a unique ID (as a keyword) of the calendar entry. Further information from the calendar entry is not used. The calendar integration can be removed at any time in the user settings.
Microsoft Calendar via “Microsoft Graph API”
The “Microsoft Graph API” by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereafter “Microsoft”) is used to retrieve Microsoft calendar data.
The use of “Microsoft Graph API” is subject to Microsoft’s terms of use: https://privacy.microsoft.com/en-us/privacystatement.
Google Calendar via “Google Calendar API”
To retrieve Google calendar data, the “Google Calendar API” by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereafter “Google”) is used.
The use of “Google Calendar API” is subject to Google’s terms of use: https://policies.google.com/privacy?gl=US&hl=en.
Payment service provider
In order to offer payment by credit card, we have integrated the payment service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe"). The payment data is transmitted to Stripe for this purpose. The legal basis for this is Art. 6 para. 1 lit. b DSGVO.
The payment service provider Stripe is responsible for the payment processing. Information on data processing is available at https://stripe.com/de/guides/general-data-protection-regulation
and https://stripe.com/de/privacy.
Cookies
When calling up individual pages, so-called temporary cookies are used for technical service provision. These session cookies do not contain any personal data and expire at the end of the session. Techniques, such as Java applets or Active-X controls, which make it possible to track the access behavior of users, are not used.
Name | Purpose |
---|---|
.AspNetCore.Culture | Necessary to change the language settings of the user |
.AspNetCore.Antiforgery | Necessary to protect the application from cross-site scripting threats |
.AspNetCore.Identity.Application, idsrv.session | Necessary for the user login |
recent-views,scfc, __stripe_mid, cookie-perms, _ga,machine_identifier, __stripe_orig_props, private_machine_identifier |
Required for payment processing with third party provider Stripe. (https://stripe.com/de/legal) Set only when the premium contract is signed. |
Rights of the data subject
In accordance with Art. 15 DSGVO, you have the right to receive information about the data stored about you. If incorrect personal data has been processed, you have the right to rectification in accordance with Art. 16 DSGVO.
If the legal requirements are met, you can request the deletion or restriction of processing, as well as object to data processing (Art. 17, 18 and 21 DSGVO). According to Art. 20 DSGVO, you can assert the right to data portability for data that is processed automatically on the basis of your consent or a contract with you.
If you believe that data processing violates data protection law, you have the right to complain to a data protection supervisory authority of your choice (Art. 77 DSGVO in conjunction with Section 19 BDSG). This includes the data protection supervisory authority responsible for us: Saxon Data Protection Commissioner,
https://www.saechsdsb.de .
Part II: Information about your right to object according to Art. 21 DSGVO
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(f) DSGVO (data processing on the basis of a balance of interests). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In individual cases, we process your personal data to conduct direct marketing. You have the right to object at any time to the processing of data concerning you for the purpose of such advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
The objection can be made form-free and should preferably be directed to the contact details mentioned above in the section "Name and contact details of the responsible person".