1. Personal data

The use of our website is generally possible without providing personal data. However, different regulations may apply to the use of individual services, which we will point out to you separately.

Therefore, apart from the cookies described in detail below, we only collect and store the data that you yourself provide to us by entering it in our input masks or otherwise actively interacting with our website.

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, your name, your address, your telephone number or your date of birth, but also your IP address or geolocation data that allow a conclusion to be drawn about you

2. Use of cookies

a. If you use our website for information purposes only, i.e. if you do not register for a service or otherwise send us information - for example, via a contact form - we only collect the personal data that your browser transmits to our server. If you wish to visit our website, we collect the following data, which is technically necessary for us to display the website and to ensure its stability and security in accordance with Art. 6 (1) p. 1 lit. f EU-DSGVO:

•  IP-address
•  Date and time of the request
•  Time zone difference from Greenwich Mean Time (GMT)
•  Request content
•  Access status / http-status code
•  Amount of data transferred in each case
•  Website from which the request comes
•  Browser in use
•  Operating system and its interface
•  Language and version of the browser software

b. In addition to the aforementioned data, first and third-party cookies are stored on your computer when you use our website; these are small text files that are stored on your hard drive in the browser you are using. The entity that sets a cookie (in this case, this is done by us and the third parties listed below) thereby receives certain information. We need these cookies on the one hand to recognize you as a user:in the website and on the other hand to be able to track the use of our services. Finally, we use cookies for marketing purposes in order to analyze your usage behavior and, if necessary, to send you targeted advertising.

A basic distinction can be made between first party cookies, third party cookies and third party requests.

• Erste Partei Cookies

First party cookies are stored by us or our website itself in your browser to provide you with the best possible user experience. These are in particular functional cookies, such as shopping cart cookies.

•  Third Party Cookies

Third-party cookies are stored in your browser by third-party providers. These are mostly tracking or marketing tools, which on the one hand evaluate your user behavior and on the other hand offer the third party the possibility to recognize you on other visited websites. Basically, retarget marketing, for example, is based on the function of such cookies. You can find out exactly which third-party cookies we use from our cookie banner.

•  Third Party Requests

Third Party Request sind alle Anfragen, die Sie als Seitenbenutzer:in über unsere Seite an Dritte stellen – also beispielsweise, wenn Sie mit Plugins sozialer Netzwerke agieren oder etwa das Angebot von Bezahlanbieter:innen nutzen. In diesem Fall werden zwar keine Cookies in Ihrem Browser gespeichert, es ist aber nicht auszuschließen, dass durch die Interaktion personenbezogene Daten an diese Drittanbieter:innen gesendet werden. Aus diesem Grund informieren wir Sie auch im Detail in unserer Datenschutzerklärung über die von uns eingesetzten Tools & Applikationen.

3. Collection and processing of personal data

Personal data that goes beyond the information stored by cookies will only be processed by us if you voluntarily provide it to us, for example, when you register with us, enter into a contractual relationship with us or

otherwise get in touch with us. This is exclusively contact data as well as information about the concerns with which you approach us.

We use the personal data you provide only to the extent necessary to fulfill the respective purpose of the processing (e.g. registration, sending newsletters, processing an order, sending information material and advertising, processing a competition, answering a question, enabling access to certain information) and as permitted by law (esp. pursuant to Art. 6 EU-DSGVO) (e.g. sending advertising and information material to existing customers).

We process the data of applicants in the course of contract initiation and for 6 months thereafter in order to be able to defend any claims of an applicant resulting from a rejection. If you give your consent, we will store your application documents for a period of 3 years for record keeping.

The purpose of processing your data as a website visitor is the operation of our website and the targeted provision of company-specific information including the presentation of the range of our goods and services (marketing). Any further use of your data will only take place if you have given your express prior consent. You can revoke your consent - as explained in detail below - at any time for the future.

4. Storage period

Data that you have provided to us exclusively for customer service or for marketing and information purposes will generally be stored until three years after our last contact. However, if you wish, we will also delete your data before this period expires, provided that there is no legal obstacle to this.

In the event that a contract is initiated or concluded, we will process your personal data after the contract has been fully processed until the expiry of the warranty, guarantee, limitation, product liability and compensation periods applicable to us as well as the statutory retention periods, and furthermore until the end of any legal disputes in which the data is required as evidence.

5. Tools and applications used

a. We use Google Analytics, which is a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This service uses cookies, the functionality of which has already been explained in detail before. Thus, if you agree to the use of Google Analytics in our cookie banner, the information generated by these cookies about your use of this website is usually transferred to a Google server and stored there.

On our behalf, Google uses this information to evaluate your use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google by the responsible party.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as its transmission and processing by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

Should you require further information on the type, scope and purpose of the data collected by Google, we recommend that you read their privacy policy. https://support.google.com/analytics/answer/6004245?hl=de

Google also processes your data in the USA.

In the event that you consent to the use of Google Analytics, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

b. On our website, we also use the offers of Google Maps. This allows us to display interactive maps directly on our website with your consent and enables you to conveniently use the map function to find our location and facilitate your journey.

By visiting our website, Google receives the information that you have accessed the corresponding subsite of our website and the personal data listed under 2. This occurs regardless of whether you are logged in via a Google account or not. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out of Google before using this service. Google uses your data for purposes of advertising, market research and website design tailored to your needs. You have the right to object to the use of your data in this regard, which you must address directly to Google.

For more information on the purpose and scope of data collection, please refer to Google's privacy policy, which can be found at http://www.google.de/intl/de/policies/privacy. Google also processes your data in the USA.

In the event that you consent to the use of Google Maps, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

c. If you agree, we also use Google Tag Manager on our website. Google Tag Manager is a popular tool for controlling tags on websites. Google Tag Manager can be used to control everything from statistical scripts or marketing tags that collect data for analytics and advertising, such as tracking page views on websites, button clicks, and user scrolling and behavior. Websites use Google Tag Manager to update and optimize their websites and content based on tracking user interactions.

For more information on the purpose and scope of data collection, please refer to Google's privacy policy, which can be found at http://www.google.de/intl/de/policies/privacy. Google also processes your data in the USA.

In the event that you consent to the use of Google Tag Manager, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

d. Another tool for marketing purposes - if you agree to it - is Google Ads Remarketing, an advertising system from Google. We can use this tool to place ads that are primarily based on the search results when you use our services.

Google Ads is Google's online advertising tool. With this tool you can create online ads that do targeted marketing based on your personal interests and preferences.

For more information on the purpose and scope of data collection, please refer to Google's privacy policy, which can be found at http://www.google.de/intl/de/policies/privacy. Google also processes your data in the USA.

In the event that you consent to the use of Google Ads Remarketing, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

e. We also use the Facebook pixel if you give your consent. The Facebook pixel is an analytics tool that measures the effectiveness of our advertising. It can be used to analyze actions that people take on our website.

The Facebook pixel is a JavaScript code that is embedded on websites. It can link people's behavior on the website to Facebook user profiles. It collects data that helps track conversions, optimize ads, and create audiences.

In the event that you consent to the use of the Facebook Pixel, you consent to the use of your data collected via this feature also in the USA, if applicable (Art 49 (1)(a) DSGVO).

For more information on the purpose and scope of data collection, please refer to Meta's privacy policy, which you can find at https://www.facebook.com/business/gdpr. Meta also processes your data in the USA.

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

f. On our website, we also set links to other websites; this is done for information purposes only. These websites are not under our control and are therefore not covered by the provisions of this privacy policy. However, should you activate a link, it is possible that the operator of this website will collect data about you and process it in accordance with its privacy policy, which may differ from ours. Please always also inform yourself about the current data protection provisions on the websites linked by us.

g. On our website there is also the possibility to interact with various social networks via plugins. These are:

•  Linked In, operated by LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA

When you click on a plugin of one of these social networks, it is activated and a connection to the respective server of this network is established as described before.

If you activate these plugins, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference.

We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network by clicking on the plugin or which may subsequently be subject to access by US authorities.

Should you wish to inform yourself about the nature, scope and purpose of the data collected by the operators of these social networks, we recommend that you read the privacy policy of the respective social network.

h. LinkedIn - Fansite

We operate a LinkedIn - fan page at  https://www.linkedin.com/company/jawa-management-software-gmbh/ The purpose of this fan page is to share information about our company's activities, to set marketing activities and to provide another channel of communication with us.

In this context, we are "joint controllers" with LinkedIn, operated by LinkedIn Ireland Unlimited Company (Gardner House, 2 Wilton Pl, Dublin 2, D02 CA30, Ireland, which provides this service to us. In principle, LinkedIn allows you to select in your settings which personal data is shared with us. If you do not wish to do so, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.

For this purpose, we have concluded a so-called Art. 26 EU-DSGVO agreement with LinkedIn. You can find more information about this at https://de.linkedin.com/pulse/wie-du-social-media-fanpages-rechtlich-richtig-nutzt-kandelhard. In this context, we also ask you to read LinkedIn's privacy policy, which you can find at https://de.linkedin.com/legal/privacy-policy find.

You can therefore assert your data subject rights both against us in accordance with point C. 3. of this data protection declaration, and against LinkedIn Ireland Unlimited Company (Gardner House, 2 Wilton Pl, Dublin 2, D02 CA30, Ireland).

i. Customer Relationship Management (CRM)

The management of our customer relationships is done with Jira Service Management.

The legal basis for the use of "Customer Relationship Management" is the fulfillment of the contract including pre-contractual measures, legitimate interest of the responsible party or third party, or consent.

The following categories of data are processed: Contact data (from sales data of existing and possible new customers), user data, image and video data, order and delivery, IP address, location, usage behavior (frequency).

In this context, we or Jira Service Management store and process all data provided by registered users. Furthermore, technical data of the registration, such as date, time or IP address, are stored in the background.

Tools used:

• Jira Service Management, Atlassian. Pty Ltd Level 6, 341 George Street Sydney NSW 2000 Australien

We have no control over the scope and content of the data that is transmitted to Jira Service Management through use or which may subsequently be subject to access by Australian or US authorities.

Should you wish to inform yourself about the type, scope and purpose of the data collected by the operators, we recommend that you read the privacy policy of Jira Service Management. In the event that you consent to the use of Jira Service Management, you also consent to the use of your collected data in Australia or the USA, as applicable (Art 49(1)(a) DSGVO).