Data Privacy
Responsible Party
We are pleased about your visit to our website. First, we would like to introduce ourselves as the responsible party under data protection law:
auronet GmbH
represented by Managing Director Michael Mücke
Labbéstr. 18
41169 Mönchengladbach
Phone: +49 (2166) 3 92 95 93
Email: info@auronet.de
General Information
Just as we are interested in ensuring that our data is carefully protected when using other services, this is also our primary task in providing PlainStaff. Without this protection, our service would be useless. We would like to inform you in this document, in accordance with our legal obligation, about the collection, use, and protection of your personal data.
When you use our website, personal data about you is collected. This can occur through data you enter yourself, such as your email address or a time booking in the app. Our system also automatically collects data about you, such as your visit to our website. This occurs regardless of which device or software you use to access our website.
Any input of data by you on our website is voluntary; you will not face any disadvantages by not disclosing your data. However, without certain data, we cannot provide services or enter into contracts. We will inform you of such mandatory data when necessary.
Personal data on this website is collected only within the framework of applicable data protection laws, especially the General Data Protection Regulation (GDPR). The technical terms used in the text are explained in Art. 4 of the GDPR.
Inventory Data
We collect inventory data as far as it is necessary for establishing, structuring, or modifying a (even gratuitous) contractual relationship between us and the user. This may include: customer data (e.g., name, address), contact data (e.g., email address, phone number), service data (e.g., ordered service, duration, fee). When establishing the user relationship, we will ask you for these data (e.g., name, address, email address) and inform you to what extent the provision of these data is mandatory to establish the user relationship.
Usage Data
We also collect usage data to enable the use of services on our website by the user. This may include: usage information (e.g., accessed websites or areas, duration of visits, interest in services), content data (e.g., data entered by you), and metadata (e.g., operating system, used browser, approximate location).
A combination of usage data is only carried out if and to the extent necessary for billing purposes or to fulfill our service. Otherwise, we will create usage data only in pseudonym form and only to the extent that you have not objected to this. You can send this objection at any time to the address indicated in the imprint or the responsible person mentioned in this privacy policy.
The legal basis for this data processing is our legitimate interest according to Art. 6 para. 1 lit. f GDPR in the analysis of the website and its use, as well as the legal permission to store data within the framework of initiating a contractual relationship according to Art. 6 para. 1 lit. b GDPR.
Additionally, our provider stores information in so-called server log files that are automatically transmitted by your browser whenever you use this website. These are:
- Type and version of your browser
- Hostname
- Time of visit
- The website from which you accessed our website
- Name of the accessed website
- Exact time of access
- Amount of data transmitted
These data are used only for statistical purposes and do not allow us to identify you as a user.
Advertising
Before sending you advertising, we will ask for your explicit consent according to Art. 4 No. 11 GDPR, unless it is about advertising similar products that you have already purchased. This is particularly the case if you give us consent to send our newsletter or fill out a contact form. You can revoke your consent according to the following point "Consent" at any time.
TO THE EXTENT THAT WE USE YOUR PERSONAL DATA FOR DIRECT MARKETING, YOU CAN OBJECT TO THE USE OF YOUR DATA FOR THIS PURPOSE AT ANY TIME. THIS CAN BE DONE THROUGH ANY OF OUR CONTACT OPTIONS, PARTICULARLY BY INFORMAL EMAIL TO THE EMAIL ADDRESS GIVEN IN THE IMPRINT. WE WILL THEN NO LONGER USE YOUR DATA FOR DIRECT MARKETING.
First Contact via Electronic Inquiry
If you contact us in electronic form (e.g., email, fax, phone, messenger, etc.), we store and process the data you have provided to us (e.g., name, contact information, content of the inquiry). The legal basis for this is our legitimate interest in effective customer communication according to Art. 6 para. 1 lit. a GDPR and, if it concerns a request to enter into or fulfill a contract, also Art. 6 para. 1 lit. b GDPR.
We will only share these data with third parties to the extent necessary (according to Art. 6 para. 1 lit. b GDPR) to fulfill the contract, it corresponds to the overriding interest in effective service provision (according to Art. 6 para. 1 lit. f GDPR), or your consent (according to Art. 6 para. 1 lit. a GDPR) or another legal permission or obligation exists.
You can request information from us at any time, free of charge, about the purpose of the processing, the origin, and, if applicable, the recipients of your personal data. You can also request the correction, deletion, and restriction of the processing of your personal data. You can object to the (further) processing of your data at any time and have a right to data portability and a right to lodge a complaint with the relevant supervisory authority.
Your data will generally remain stored only as long as necessary for the purpose of the respective data processing. Further storage may be necessary if it is required for legal prosecution or due to legitimate interests or if there is a legal obligation to retain the data (e.g., tax retention periods, statute of limitations).
Consent
If we ask for your consent to process your data, we will inform you in clear language and easily accessible about the cases for which you give your consent. Any consent requested by us is voluntary; any benefit you wish to obtain by giving consent can also be obtained without consent, just ask us.
For each consent, you have the right to withdraw the consent to process your personal data at any time. This can be done through an informal message, e.g., via our contact form, an email to the email address provided in the imprint, or an unsubscribe link (if offered by us). Your withdrawal does not affect the legality of the data processing carried out up to that point.
Storage Duration
Your data will generally remain stored only as long as necessary for the purpose of the respective data processing. Further storage may be necessary if it is required for legal prosecution or due to our other legitimate interests.
For your inventory data, which were necessary to fulfill a (even gratuitous) contractual relationship, this means that we store them until the full performance or termination of the contractual relationship plus the limitation period (generally 2 or 3 years) along with a reasonable allowance for any interruption of the limitation period.
For your usage data, collected during your use of the website, this means that we store them only as long as necessary for the proper functioning of our website and our legitimate interest extends. Statistical information will primarily be stored only in pseudonymized form.
Additionally, we store your data as long as we are legally obliged to do so. These are, in particular, tax retention periods, which generally amount to 6 or even 10 years.
Cookies
Our website uses cookies within the scope of our legitimate interest in a technically flawless online offer and its economically efficient design and optimization according to Art. 6 para. 1 lit. f GDPR so that our offer can be used better, more effectively, and more securely. Cookies are text files that are stored on your computer and save certain data about your settings on our site. These can be so-called "session cookies," which are automatically deleted at the end of your visit to our website. There are also cookies that are permanently stored on your computer unless you delete them. This allows us to recognize your settings the next time you visit our website and to provide you with functions according to your previous use.
Cookies from (www.)plainstaff.com
Our public information offer under the domains https://plain staff.com and https://www.plainstaff.com presents a modal dialog to the visitor on the first visit, in which they can decide which cookies are allowed to be stored. The corresponding cookies are only created after consent. These include:
| Cookie ID | Type | Domain | Description |
|---|---|---|---|
| cc_cookie | Permanent (6 months) | plainstaff.com | Stores whether the cookie window was hidden or not (required). |
| _ga | Permanent (2 years) | google.com | Google analytics cookie to distinguish users (optional). |
| _ga_G6C541WTRJ | Permanent (2 years) | google.com | Google analytics cookie to store the session status (optional). |
| _gid | Permanent (1 day) | google.com | Google analytics cookie to distinguish users (optional). |
| _gcl_au | Permanent (2 years) | google.com | Google Ad Sense cookie for tracking conversions (optional). |
Data Sharing
We dislike spam as much as you do. Therefore, we will not share your data with third parties unless legally permitted.
Data sharing can either be necessary for the fulfillment of a contract and then permitted according to Art. 6 para. 1 lit. b GDPR, be allowed based on our legitimate interest in effective service provision according to Art. 6 para. 1 lit. f GDPR, be covered by your consent, or become necessary if we are legally obliged to release your data to a state or authority according to Art. 6 para. 1 lit. c GDPR.
As far as your data is shared with third parties, this is outlined in this privacy policy.
User Rights
You can request information from us at any time, free of charge, about the personal data stored about you. Identification of your person is required to prevent misuse.
Deletion, Correction, Restriction
You can request the correction (also by supplement) of incorrect data at any time, as well as a restriction of their processing or the deletion of your data. This applies in particular if the processing purpose has expired, the necessary consent has been revoked and no other legal basis exists, or our data processing is unlawful. We will correct, block, or delete your personal data immediately within the legal framework.
Objection
YOU CAN OBJECT TO ANY PROCESSING OF YOUR PERSONAL DATA BASED ON A BALANCE OF INTERESTS UNDER ART. 6 PARA. 1 LIT. F GDPR AT ANY TIME IF THERE ARE REASONS ARISING FROM YOUR PARTICULAR PERSONAL SITUATION.
WE WILL THEN NO LONGER PROCESS YOUR DATA UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS ON OUR PART.
Data Transfer
You can request the transfer of the data stored about you in a machine-readable format from us.
Complaint
If you feel that your rights have been violated by our data processing, you can file a complaint with the relevant supervisory authority (here you can find a list of authorities).
Changes to the Privacy Policy
If a change to the privacy policy becomes necessary for legal or factual reasons, we will update this page accordingly. Changes to the consents granted by the user will not be made.
Data Entries
Encryption
If you enter data on our website, whether on a contact form, during registration, logging in, or for payment purposes, the web page where you enter the data is encrypted. This prevents third parties from reading the data you enter. You can recognize the encryption by the lock symbol in your browser and the fact that the address line starts with "https" instead of just "http".
Registrations
If you register on our website, we ask for mandatory and, if applicable, non-mandatory data according to our registration form for the purposes specified below.
Your data entry is encrypted, preventing third parties from reading your data during entry.
The basis for this storage is our legitimate interest in communication with interested users according to Art. 6 para. 1 lit. f GDPR and, in the case of - even gratuitous - contracts, the storage of contract data according to Art. 6 para. 1 lit. b GDPR. Your data will remain stored as long as the registration lasts, in particular, storage is still necessary for contract fulfillment/processing, for legal prosecution by us, or due to our other legitimate interests, or we are legally required to retain your data (e.g., in the context of tax retention periods).
Member Area Registration
If you register for our member area, we ask for data according to our registration form, as we do not allow anonymous use of our services.
External Providers
To provide our website and our service, we use external service providers. You can find out which these are and how data processing is regulated in detail in the following sections. The external service providers are:
- Microsoft Ireland Operations Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland
- SENDINBLUE, 7 rue de Madrid, 75008 Paris, France
- Google Ireland Limited, incorporated and operating under the laws of Ireland (Registration Number: 368047 / VAT Number: IE6388047V), Gordon House, Barrow Street, Dublin 4, Ireland
The basis for sharing your data with all these external partners is primarily the processing of your contract data according to Art. 6 para. 1 lit. b GDPR and our legitimate interest in a technically flawless online offer and its economically efficient design and optimization according to Art. 6 para. 1 lit. f GDPR.
Microsoft
If you decide to use our app and create a user account, all data you enter in the app will be stored in a German data center of Microsoft. Both the transmission and storage of the data are encrypted. Your data is additionally backed up daily in a Dutch data center of Microsoft. The backup is kept for one week and is used to restore the service in case of an error. All data centers and services of Microsoft are certified (ISO/IEC 27001, ISO 9001, ISO 27002, ISO 27018, NIST 800-171, UK G-Cloud, etc.).
Microsoft processes our data according to its own Data Processing Agreement (available upon request) and considering the EU's standard contractual clauses.
Sendinblue
The sending of emails from PlainStaff (e.g., in case of a forgotten password) and the newsletter (about one every 3 months) is done via Sendinblue. Except for the email addresses of the recipients, no further personal data is stored on the servers of Sendinblue. Sendinblue processes our data according to its own Data Processing Agreement (available upon request) and considering the EU's standard contractual clauses.
We use Google Analytics to anonymize the analysis of user behavior on our public information offer under the domain (www.)plainstaff.com. We also use anonymous conversion tracking of our ads in Google AdSense. Visitors can object to both when they first visit the website. Under no circumstances will the visitor's IP address be stored by Google. All data remains on servers within the EU.
Google also processes our data according to its own Data Processing Agreement (available upon request) and considering the EU's standard contractual clauses.