Privacy Policy

Privacy Policy of easybell GmbH (hereinafter referred to as easybell)

Note: Only the German version of the privacy policy is legally binding.

1. General information on data protection

This information on data protection applies to the use of easybell's web pages at www.easybell.com, to the establishment and use of a telecommunications contract with us, and to the use of services provided by third parties via the telecommunications connection provided by us (e.g., for 0800, 0180, 0900, 0137 services provided by third parties).

The information also applies to a contact or supplier relationship that you enter into with us or when ordering newsletters or advertising. The information also applies if we expressly refer to it elsewhere. easybell GmbH
Registered office of the company: Berlin
Local court: Berlin Charlottenburg
HRB-Nr.: 137060
USt-Id.Nr.: DE249984363

Management: Dr. Andreas Bahr, Steffen Hensche, Martin Huth
Address: Brückenstraße 5a, 10179 Berlin
Phone: 030 - 80 95 1000
E-mail: support@easybell.com

The contact details of our data protection officer are:
Mr. Christian Wilde, privacy@easybell.com

We (the "Controller") attach great importance to the protection of your personal data. Therefore, we inform you here about our handling of your data and our data protection principles.

We process personal data collected within the scope of this privacy policy in accordance with the applicable legal provisions on data privacy and data security of the Federal Republic of Germany. For us as a telecommunications company, this is the TKG. For services not covered by the TKG, since 25.05.2018 data protection has also been governed in particular by the EU General Data Protection Regulation (DSGVO) as well as the (new) BDSG issued for this purpose. The GDPR does not create any additional obligations for telecommunications services, Art. 95 GDPR.

1.1 Data collection and origin of the data

We collect the data that you provide to us when you use our websites. This also includes dialing into our "online customer portal". In addition, we collect data within the scope of establishing and structuring a customer relationship with you as a customer of our telecommunications services, as well as traffic data if you use our telecommunications services or the services of third parties (e.g. 0800, 0180, 0137, etc.) via the connection provided by us. In this case, we collect data to establish and maintain the connection or to provide the service, as well as for billing purposes.

If you use the services of third parties via the connection provided by us, we will bill you for the charges incurred for this together with our services, depending on the specific nature of the service, and in certain circumstances (e.g. a disruption in payment) we will communicate your name and address to the service provider you have chosen. The details will depend on which service you use. If you enter into a so-called "contact relationship" with us (inquiries or offers for services, newsletter registration), conclude supplier contracts with us or apply for a job with us, we collect and process this data - insofar as this is necessary or appropriate according to Art 6 lit. f) DSGVO.

In addition, we continue to collect data from publicly available sources (e.g. commercial register, your websites, press articles, etc.) and obtain data from credit agencies within the scope of permissibility according to Art. 6 lit. f) DSGVO. Personal data that we collect and store in this way may be:

• IP address and usage data when retrieving website content;
• Name and address and other contact data (telephone numbers, e-mail address, fax number, etc.), registration numbers, names and addresses of authorized representatives, account information and the corresponding data of the responsible contact persons of you as a customer of our services;
• Other inventory or product data as well as traffic and billing data within a customer relationship, such as selected products and tariffs, charged services (connections), payment data;
• Itemized bills for customer orders with abbreviated or complete identification of the called subscriber's telephone number;
• Name and contact data in the context of the establishment and handling of a contact relationship or a supplier relationship;
• Data that you enter or release when using the easybell Cloud Telephone System, e.g., phone numbers for blocked and connected lists, caller ID display, call lists, if you have activated them;
• Name and e-mail address when registering for the newsletter as well as shipping information for the respective newsletters;
• Information we receive from credit agencies on the basis of Art. 6 para. 1 lit. f) DSGVO;

All personal data is only collected within the scope of a legal permission or if you have given us your consent.

1.2 Use and disclosure of personal data in general

We use your personal data to enable you to use our website. In addition, processing and transmission takes place when you use our websites, insofar as you consent to the use of services for anonymized analysis (e.g. Google Analytics), see in detail section 6.

We generally use your personal data to establish and fulfill a contract with you as a service provider and to bill you. If you use our telecommunications network by means of a call or a connection, we use your data to enable this use and to bill you. Data may be transferred to other network operators or providers of telecommunications services if this is necessary for the service selected by you as the user, e.g., for the delivery of connections to other destination networks or the receipt of connections for your line from other source networks. In addition, data is exchanged with connection network operators if you use services that are implemented in a so-called connection network (e.g. 0800, 0180, 0137 services, etc.), insofar as this is necessary for the provision of the respective service and its billing as well as the collection of the fee. In this context, it may be necessary for us to exchange your data with the respective service provider you have chosen, for example in cases of disrupted payments.

If you enter into a contact, supplier or application relationship with us, we use your data in order to establish and fulfill this relationship or to process it and, if applicable, to bill you.
In addition, we use data that has lawfully become known to us for the purpose of advertising by mail and also by e-mail or telephone, provided that you have specifically and effectively consented to this. If, in the context of an existing customer relationship via telecommunications services, we have lawfully obtained knowledge of the telephone number or postal address, including the electronic one, we may use this for sending text or picture messages to a telephone or postal address for advertising our own offers, for market research and for informing you about an individual call request, unless you have objected to such use. When collecting or storing the telephone number or address for the first time and each time a message is sent to this telephone number or address, we will clearly and legibly point out that you can object to the sending of further messages at any time in writing or electronically.

Overall, it may also be necessary for us to pass on your data to external service providers as part of commissioned processing. In addition, we may exchange data with credit agencies within the permission of Art. 6 para. 1 lit. f ) DSGVO, if this is necessary or appropriate for the establishment of a contract or the enforcement of claims. We will neither sell your personal data to third parties nor market it in any other way.

Data transfers to third countries arise in the context of the administration, development and operation of IT systems and only insofar as a) the transfer is permissible in principle and b) the special requirements for a transfer to a third country exist, in particular the data importer guarantees an adequate level of data protection in accordance with the EU standard contractual clauses for the transfer of personal data to processors in third countries. This is based on the provisions of the DSGVO and the German Federal Data Protection Act. A transfer may also occur when using our websites, see in detail item 6.

2. Purposes of data processing

We process the aforementioned personal data in accordance with the provisions of the DSGVO and the Federal Data Protection Act (BDSG) and - where applicable - the TKG:

2.1 For the fulfillment of contractual or pre-contractual obligations (Art. 6 para. 1 lit. b) DSGVO

The processing of personal data is carried out for the use of our website by you, for the fulfillment of a contract with you as a customer, in the use of our network and in a contact or application relationship. The purposes of the data processing and the necessity are primarily determined by the purpose specifically determined by the aforementioned legal relationships.

In the context of a contract with you as a customer, this includes in particular the establishment, structuring, fulfillment, consultation and billing of such a contract together with the services used by you as well as the exchange of personal data with business partners who may be involved (e.g., issuing or receiving network operators when switching providers, data exchange with interconnection partners). When using our network, we also exchange data with other network operators accordingly, insofar as this is necessary to establish and maintain the connection or to provide the desired service, as well as for billing and invoicing, including collection of receivables. This also includes storing data on payment behavior. We need this data to be able to carry out the dunning process or a possible blocking.

Processing also takes place for the purpose of handling your inquiries and initiating customer relations or a comparable contact relationship, as well as for job applications.

For the aforementioned purposes, it may also be necessary for us to pass on your data to group companies or external service providers, in each case within the framework of order processing.

2.2 Processing in the context of a balancing of interests (Art. 6 para. 1 lit. f. DSGVO)

To the extent necessary for our purposes, we will process your data beyond the actual performance of the preliminary contract or agreement to protect legitimate interests of us or third parties, unless your interests in not having the data processed outweigh these interests:

• Anonymization of IP addresses when using our website for statistical purposes, data security and optimization of our website.
• Use of our website with plugins of social networks with data exchange to the social networks, unless the user objects to this data transmission by blocking JavaScript or loading a plugin in each case that prevents the transmission. In this case, the use of the function of the website may be restricted, see in detail number 6. The processing is based on § 15 para. 3, § 13 para. 1 p. TMG in a Directive-compliant interpretation according to Art. 5 para. 3 of the e-Privacy-RiLi 2002/58 and in conjunction with. Art. 95 DSGVO, as a precaution also on Art. 6 para. 1 lit. f) DSGVO.
• Possible measures for the data security of our website, such as in particular the storage of IP addresses, if the concrete threat situation makes this appear appropriate.
• Establishment and fulfillment of contact relationships within the scope of expediency
• Postal advertising, unless you object to it.

2.3 Processing in the context of your consent (Art. 6 para. 1 lit. a) DSGVO)

If you give us consent to process personal data for a specific purpose in accordance with existing requirements, we process this data within the consent.

2.4 Processing due to legal requirements (Art. 6 para. 1 lit. c) DSGVO)

We process your personal data insofar as we are subject to a legal obligation, such as statutory retention obligations or disclosure or monitoring obligations to state institutions within the scope of the law.

3. Data transmission to third parties

Within our company, the persons entrusted with processing your data will have access to it within the scope of necessity or reasonable expediency. Service providers and vicarious agents employed by us may also be granted access to the personal data for these purposes if they comply with our written instructions under data protection law as well as the general data secrecy within the scope of commissioned processing and - insofar as applicable - maintain the secrecy of telecommunications.

We cooperate with credit agencies (third parties) to obtain economic and credit information, see section 6. We cooperate with third parties in the collection of receivables, see section 7.

You can define yourself at any time via the customer portal whether easybell should pass on data to printed telephone directories, electronic directories and directory assistance. You can also decide whether the first name and address should be published in addition to your name and whether a reverse search is permitted.

In particular, we will not transfer any personal data to third parties for the purposes of advertising or address trading.

When using our website, data is transmitted to Google and the providers of social networks, see section 6.

3.1 Transmission to infrastructure partners and technology

In order to enable the establishment and operation of telecommunications connections, we pass on the necessary personal data to our infrastructure partners within the framework of the statutory requirements. If necessary, they commission technicians to set up or fault-clear your subscriber line.

4. Data transfer to a third country or to international organizations

A data transfer to countries outside the EU or the EEA ("third country") only takes place as far as this is necessary for the execution of the contractual relationship (contract with the service provider or for the use of the services realized in our network). In the case of other contractual relationships, such as a contact relationship or an application, such data transfer only takes place for the fulfillment of this contractual relationship or insofar as this is exceptionally appropriate due to a legitimate interest. The same applies to the use of our website from locations outside the EU or the EEA. When using our website, data is transmitted to Google and the providers of social networks, see section 6.8.

5. Duration of data storage

In the context of website use, we store the IP address and usage data for the duration of the usage process. In addition, the IP address is stored insofar as this is appropriate for data security and clarification or prevention of security or data protection breaches, whereby the appropriateness depends on the specific threat situation. In this case, the IP addresses will only be stored for as long as is reasonable for the aforementioned purposes, generally not beyond three months. In the event of criminal charges or criminal prosecution or the enforcement of claims against persons who carry out security or data protection violations, the data may be stored and used until final clarification or enforcement of the claims. When using our website, data is also transmitted to analytics services and social network providers, see section 6.

In order to establish, form and fulfill a contract with you as a customer of telecommunications services, we store the data until the end of the contract and beyond, namely until the end of the calendar year following the year in which the contract is terminated. When this period expires, the data is not deleted but blocked, as we are required by commercial and tax law to store the data for up to 10 years. This storage also applies to the invoice totals. Specifically for the accruing individual connections and the billing data resulting from this, we store these for a period of 3 calendar months, insofar as this is necessary for billing purposes with you or other network operators or service providers. If you, as the debtor, raise objections in due time, the data will be stored until the objections have been clarified or the debt has been collected. Upon deletion, easybell GmbH is released from the obligation to present the traffic data as proof of the correctness of the invoice. Further storage only takes place in exceptional cases if this is permitted under the TKG (e.g. troubleshooting, clarification and prevention of misuse).

In the context of a contact relationship, the contact data as well as the communication data are stored and used as far as this is necessary for the respective communication purpose or appropriate within the scope of reasonableness.

In the context of an application relationship, the contact data as well as the application data are stored and used insofar as this is necessary for the respective application purpose or appropriate within the scope of reasonableness. If the application is not granted, the data will be deleted within two months after notification of the rejection, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

If you register for the newsletter or a competition with us, your data will be stored and used until you unsubscribe from the newsletter or we cancel the newsletter. Your consent and the information about the previous sending remain stored until the statute of limitations of possible injunctive relief on your part, but we no longer use the data for the further sending of newsletters. The details on data processing result from the respective competition.

6. Special processing for website use

6.1 Automatically collected information for web analysis

For technical reasons, your Internet browser automatically transmits data to the web server when you access the site. This data is collected for marketing and optimization purposes in addition to service provision.

6.2 Data analysis and cookies

easybell uses so-called "cookies". These are small text files that are created on your computer and in which information for recognition is documented. These are set during login to authenticate the user during his active session. You can delete the cookies from your computer yourself at any time. The easybell.com website can only be used to a limited extent without cookies. You can also prevent the storage of cookies altogether by making the appropriate setting in your browser. However, we would like to point out that in this case you may not be able to use all website functions.

6.3 Service or necessary cookies

Most of the cookies we use are so-called service cookies, which we set during the retrieval of our website in order to be able to safely provide the service you have called up. These cookies are technically necessary.

Name: my_app_session
Purpose: technical protection measure
End of Session: Exit page, close browser

Name: XSRF-TOKEN
Purpose: Prevents cross-site attacks in the customer portal
End of session: Exit the page, close the browser.

6.4 Objection to data collection

In addition to the general deactivation of cookies, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link. http://tools.google.com/dlpage/gaoptout?hl=de . This will place an opt-out cookie on your terminal device.

6.5. YouTube

Our website uses the YouTube button of the social network YouTube, which is operated by YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA ("YouTube"). When you call up a web page of our website that contains such a button, your browser establishes a direct connection with the YouTube servers. The content of the YouTube button is transmitted by YouTube directly to your browser, which then integrates it into the website. We therefore have no influence on the scope of the data that YouTube collects with the button, but assume that your IP address is also collected. For the purpose and scope of the data collection and the further processing and use of the data by YouTube, as well as your rights in this regard and setting options for protecting your privacy, please refer to YouTube's privacy policy on the YouTube button:

https://support.google.com/youtube/answer/2801895?hl=de

If you are a YouTube member and do not want YouTube to collect data about you via our website and link it to your membership data stored on YouTube, you must log out of YouTube before visiting our website.

6.6 Re-marketing

easybell does not use re-marketing on easybell.com.

6.7 Social media

For data protection reasons, we do not integrate social plugins directly into our website. When you call up our pages, no data is therefore transmitted to social media services such as Facebook, Twitter, XING or Google+. Profiling by third parties is therefore excluded.

6.8. Web Fonts by Adobe Typekit and Google

This page uses so-called web fonts provided by Adobe Typekit and Google Web Fonts for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to the Adobe Typekit and Google servers. This enables Adobe Typekit and Google Web Fonts to know that our website has been accessed via your IP address. The use of Adobe Typekit Web Fonts and Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO.

Further information about Adobe Typekit Web Fonts: typekit.com plus the privacy policy of Adobe Typekit: www.adobe.com/de/privacy/policies/typekit.html Further information about Google Web Fonts: developers.google.com/fonts/faq plus Google's privacy policy: https://www.google.com/policies/privacy/

6.9 Integration of rating platforms

This site does not use any integration of rating platforms.

7. Your rights as a data subject

Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG). You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the DSGVO came into force, i.e. before May 25, 2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

8. Special reference to your right of objection according to Art. 21 DSGVO

Due to the regulation in Art. 21 DSGVO, we would like to draw your attention once again in a special way to your following right of objection:

Information about your right to object according to Article 21 DSGVO

Right to object on a case-by-case basis

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) DSGVO (data processing in the public interest) and Article 6(1)(f) DSGVO (data processing on the basis of a balance of interests). this also applies to profiling based on these provisions.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

The objection can be made without any formalities and should be sent by e-mail to privacy@easybell.com. It is also possible to send it by letter (easybell GmbH, Brückenstr. 5A, 10179 Berlin).