Following information is to be provided pursuant to Art. 13 ff. GDPR where personal data are collected from the data subject on our website.

Lauterbach GmbH
Altlaufstraße 40
85635 Hoehenkirchen-Siegertsbrunn
Phone: +49 8102 9876 150

(hereinafter „Lauterbach“, „we“, „us“).

Holzhofer Consulting GmbH
Martin Holzhofer
Lochhamer Straße 31
82152 Planegg
Phone: +49 89 1 25 01 56 00
E-Mail: dsb-lauterbach@holzhofer-consulting.de

PROCESSING OF ACCESS DATA

For technical reasons, we process a limited amount of data (so-called connection data) each time you access our website. This data is technically necessary to set up and execute a connection between your end device and our servers. This data is processed in the main storage of the web server for the duration of the connection.

The following data or data categories are collected:

• IP-Adress
• Source port of the accessing device or a gateway (e.g. firewall or proxy)
• Time stamp (date and time) of the request
• Amount of data transferred
• Message, whether the request was successful (using HTTP error code)
• Message, explaining why the request failed (using the HTTP error code)
• Referer (website from which our main page or subpages were accessed)
• User agent (type of browser used to access our website as well as its version)

The IP address, timestamp, HTTP error code, referer and user agent are automatically logged when our websites are accessed in order to ensure the functionality and protection of our websites. Furthermore, the logs are used to optimize the website. It is not possible for us to create user profiles with personal reference with this data.


The processing is based on the legitimate interest pursuant to Art. 6 Sec. 1 lit. f GDPR. A balancing of interests has been carried out and came to the conclusion that the processing is necessary for the protection of our legitimate interests and that these interests override your interests, fundamental rights and freedoms requiring the protection of personal data.

TECHNICALLY NECESSARY COOKIES, ANALYSIS AND TRACKING COOKIES AND RELATED TECHNOLOGIES

This website partly uses so-called cookies and related technologies (e.g. scripts). Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your terminal device and saved by your browser, for example to "remember" information about you, such as your language settings or login information. These cookies are sometimes set by us and are referred to as first-party cookies. These cookies can generally be set by us (so-called first-party cookies). In addition, so-called third-party cookies may also be used, which are integrated by a third-party provider and usually originate from a domain other than the website you are visiting.

Basically, a distinction is made between the following cookie categories:

Technically required cookies

• Technically necessary cookies
• Functional cookies
• Performance cookies
• Cookies for marketing purposes
• Social media cookies

On our website, no performance, marketing, or social media cookies are implemented that, for example, record the behavior of the user and provide him advertising tailored to this (analysis and tracking cookies). Related technologies, such as tracking scripts, are also not used.

Our helpdesk software Deskpro, however, uses some cookies. These third-party cookies are so-called "session cookies". They are automatically deleted after the end of your visit. Such cookies are technically necessary for the operation of our support website and to provide the service requested by the user and can therefore not be disabled.

For detailed information about the Deskpro software and the cookies used, please refer to the last chapter.

To use certain functions (e.g. download of special software) you can register in our customer portal "TRACE32".
The following data or data categories are collected:

• Title
• Full name
• E-Mail address
• Address
• Company

The transmitted data is used exclusively for the purpose of using the respective offer or service. Mandatory information requested during registration must be provided completely. Otherwise, we will reject the registration.

In the event of important changes, for example for technical reasons, we will inform you by e-mail. The e-mail will be sent to the address provided during registration.

We store the data collected during registration for the time you are registered on our website. Your data will be deleted if you cancel your registration. Legal retention periods remain unaffected.

The legal basis for processing your data is our legitimate interest pursuant to Art. 6 Sec. 1 lit. f GDPR. A balancing of interests has been carried out and came to the conclusion that the interests of the data subjects do not override our interests in the processing. We have a legitimate interest in providing a customer portal for the use of certain functions and services with the possibility for our B2B customers to create a customer account, for which the processing of the data and data categories mentioned here is necessary.

Automated decision-making including profiling pursuant to Art. 22 Sec. 1 and Sec. 4 GDPR do not take place on the part of Lauterbach GmbH.

Data transfers to countries outside the EU and the European Economic Area ("Third Countries") arise in the context of the administration, development and operation of IT systems. The transfer takes place only on the basis:

• of an adequacy decision of the European Commission according to Art. 45 GDPR.
• of an approved certification mechanism pursuant to Art. 42 GDPR together with legally binding and enforceable obligations of the controller or processor in the third country.
• of standard data protection clauses adopted by the Commission pursuant to the examination procedure referred to in Art. 93 Sec. 2 GDPR.
  

Currently, there is no data transfer to countries outside the EU and the European Economic Area ("third countries") taking place when using our website. The web pages and protocols are located exclusively on servers in Germany.

For the processing of personal data for the purposes mentioned here, we use the following categories of recipients as processors pursuant to Art. 28 GDPR:

• Provider of servers for hosting our websites

Your data will also be passed on if we are legally obliged to do so:

Personal data will only be stored as long as necessary to fulfill the purposes mentioned here or as required by the retention periods specified by law. After the respective purpose is fulfilled or after the retention periods have expired, the data will be deleted in accordance with the statutory requirements.

All connection data in the storage of the web server is deleted automatically shortly after the end of the connection. The anonymized access logs are stored for 30 days. In the event that parts of the access logs are required for the preservation of evidence, these are excluded from deletion until final clarification of the respective incident.

Lauterbach GmbH, Altlaufstraße 40, 85635 Höhenkirchen-Siegertsbrunn, is responsible for processing your data, unless otherwise stated.

You have the right to request from us access to personal data (Art. 15 GDPR) and the rectification of inaccurate personal data (Art. 16 GDPR). Furthermore, you have the right to obtain the erasure of personal data (Art. 17 GDPR) concerning your person, the right to restriction of processing (Art. 18 GDPR) and the right to receive (Art. 20 GDPR) the personal data provided to us by you, in a structured, commonly used and machine-readable format.

In addition, you have the right to object at any time to the use of your data based on public or legitimate interests (Art. 21 GDPR).

Where the processing is based on your given consent you can withdraw the consent (Art. 7 Sec. 3 GDPR) at any time. Upon receipt of your withdrawal of consent, we will no longer use or process the data concerned for purposes mentioned in your consent.

If you wish to exercise your rights as a data subject, please send your request to:

Lauterbach GmbH
Altlaufstraße 40
85635 Höhenkirchen-Siegertsbrunn
E-Mail: datenschutz@lauterbach.com

Furthermore you have the right to lodge a complaint with a supervisory authority. The Bavarian State Office for Data Protection Supervision, Postfach 1349, 91504 Ansbach, is generally responsible for us. Alternatively, you can approach the supervisory authority that is locally responsible for you.

On this website we use the Helpdesk software of Deskpro Ltd, 79 Hartfield Road, SW19 3ES, London, United Kingdom, to provide a better support experience on our website.

Helpdesk software is a simple and effective alternative for managing customer support requests by consolidating various communication channels into one system, whether it's email, phone, social media or live chat. Deskpro tracks, stores and displays these interactions in a simple user interface.

We operate Deskpro locally (on premise) and thus on our own server at Lauterbach GmbH in Germany. Accordingly, no personal data of our customers is transmitted to Deskpro. All data remains with us.

The Deskpro software sets only three cookies:

Name	Description	Type	Expiration date
dpsid-portal	This is a session identifier for the major interface in Deskpro. A session ID is used to help store various state connected with your current browser session. For example, if you log-in, then the session ID is used to store the fact that you're logged-in. Without sessions, there'd be no way for Deskpro to save any state as you browsed around the helpdesk.	Session cookie	When ending the browser session
dp_last_lang	This is the language you have selected on the Deskpro portal. This is used to make the experience better on multi-lingual helpdesks.	Session cookie	When ending the browser session
dp_csrf_token	This is a special security token that gets sent with any posted forms on the portal. This token ensures a malicious attacker can't impersonate your session or trick you into submitting forms that you didn't know about.	Session cookie	When ending the browser session

The storage of and access to information in the end user's terminal device is generally carried out in accordance with Section 25 (1) TTDPA. The legal basis for any further processing of personal data is a voluntary and informed consent pursuant to Art. 6 (1) lit. a GDPR. The corresponding consents are usually given via a Consent Banner.

Since the session cookies are technically necessary so that the service you expressly requested can be provided, however, no consent via Consent Banner is required in the present case (cf. Section 25 (2) no. 2 TTDPA).

Further information on data protection at Deskpro can be found at www.deskpro.com/legal/privacy

Privacy Notice related to the processing of personal data of our customers and prospective customers