In the context of the use of this website, personal data of you will be processed by us as the controller for data processing and stored for the time necessary to fulfil the defined purposes and legal obligations. In the following, we will inform you about what data is involved, how it is processed and what rights you are entitled to in this respect.
According to Art. 4 No. 1 of the General Data Protection Regulation (hereinafter referred to as “GDPR“), personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject or user“).
1. Name and contact details of the controller
This data protection information applies to the data processing on the website  by the responsible controller:
Xovis Germany GmbH
Ullsteinstraße 140
12109 Berlin, Germany
(hereinafter “Xovis“)
E-Mail:                 info@xovis.com
Phone:                 +49 (30) 417 35 54 5
You can contact the data protection officer of Xovis via the address mentioned above, for the attention of the data protection officer, or by E-Mail to dataprivacy(at)xovis.com.
2. Processing of personal data and purposes of processing
a) Web hosting
For the provision of this website we use the web hosting service of the Hostpoint GmbH, Neue Jonastrasse 60, 8640 Rapperswil-Jona, Schweiz (hereinafter referred to as “Hostpoint”).
In order to offer a website, the commissioning of a web hosting service is required. The use of Hostpoint is made in accordance with Art. 6 para. 1 s. 1 lit. f GDPR due to our legitimate economic interest in making our services available on this website. In connection with the hosting, Hostpoint processes personal data on our behalf that is generated when the website is used.
We have concluded a data processing agreement with Hostpoint. Through this contract, the service provider assures that he processes the data in accordance with the GDPR and guarantees the protection of the rights of the data subject.
b) When visiting the website
You can access the website ps.xovis.de without revealing your identity. The browser you use on your end device automatically sends information to the server of our website (e.g. date and time of access, name and URL of the file accessed, browser type and version, website from which access is made (referrer URL)). This also includes the IP address of your enquiring end device. This information will not be stored by us or our web hosting provider.
c) When setting up a user account
As a customer you have the possibility to get access to our Download Portal, where you will find our latest software updates, user manuals and documentation. Therefore, you have to send a request via E-Mail to psp-access@xovis.com. After your verification as our customer, you will receive your password for the Download Portal via E-Mail, which provides you access together with your E-Mail address.
The data are processed upon your request and are according to Art. 6 Subs. 1 Sentence 1 lit. b GDPR required for the stated purposes of fulfilling the contract and pre-contractual measures.
After the deletion of your user account, your data will be deleted.
d) When using the contact form
We offer you the opportunity to send us general enquiries via the online contact form. Here we collect the following mandatory information:
•    Name,
•    company,
•    country,
•    E-Mail address and
•    your personal message.
We need this information
•    to be able to determine from whom the enquiry originated,
•    to be able to allocate your enquiry to the appropriate responsible regional manager,
•    to be able to contact you by e-mail or if necessary by telephone (optional information), and
•    to be able to answer your enquiry.
This data processing is carried out within the scope of answering the contact enquiry on the basis of our legitimate interest pursuant to Art. 6 para. 1 s.1 lit. f GDPR.
The personal data collected by us as part of the contact enquiry via the contact form is transferred to our CRM system. You will receive separate data privacy information about this circumstance by e-mail with the option to object to the processing. Your personal data will be deleted within one week in the event of an objection.
3. Transfer of data
In addition, we only pass on your personal data to third parties if:
•    you have given your express consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR;
•    in the event that there is a legal obligation for disclosure under Art. 6 para. 1 s. 1 lit. c GDPR.
4. Cookies
We use cookies on our website. These are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone etc.) when you visit our website. Cookies do not cause any damage to your end device, do not contain viruses, trojans or other malicious software.
The cookie stores information which arises in conjunction with the specifically used end device. This does not mean, however, that this gives us direct knowledge of your identity.
The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website.
In addition, we also use temporary cookies, which are stored on your end device for a certain fixed period of time, to optimize user-friendliness. If you visit our site again to use our services, we will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to record the use of our website statistically and to evaluate it for the purpose of optimizing our offer for you (see point 5.). These cookies enable us the statistically analyzation of the use of our website. These cookies are automatically deleted after a defined time.
The data processed by cookies is required for the purposes mentioned above in order to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 s. 1 lit. f GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your device or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you will not be able to use all the functions of our website.
5. Piwik
We use on our website the web analytics service PIWIK PRO Cloud of Piwik PRO GmbH, Lina-Bommer-Weg 6 51149 Köln, Germany (hereinafter referred to as “Piwik”). Piwik uses cookies (see point 4.) to help us analyze the use of our website. The information generated by the cookies about visitors’ website usage is stored and processed by Piwik on servers in Germany.
IP addresses are completely anonymized before the data collected can be reviewed by us. It is not possible to reverse the anonymization of IP addresses and to assign IP addresses to collected data.
The data processing by Piwik is carried out on the basis of Art. 6 para. 1 s. 1 lit. f GDPR, our legitimate interests, whereby our interest lies in the evaluation of visitor behaviour, the creation of reports as well as in the continuous optimization and design of our website to meet your needs. Piwik will not share this information with third parties or use it for any marketing or promotional purposes whatsoever.
7. Zendesk
For efficient and customer-oriented processing of contact and service requests (hereinafter “CRM”), we use the service of Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, USA (hereinafter “Zendesk”).
In the context of contact and service requests, the following data is collected via Zendesk for identification and personal contact:
•    Name and
•    E-mail address.
Furthermore, a profile picture, a telephone number and a description (e.g. the department or organizational unit) can be provided voluntarily.
The processing of the data in the context of simple contact inquiries is based on our legitimate interest in accordance with Art. 6 para 1 s.1 lit. f GDPR. If there is a contractual relationship with the person concerned or one is being initiated, the data will be processed in accordance with Art. 6 para. 1 s. 1 lit. b GDPR for the purpose of initiating or fulfilling a contract.
After your contact request has been answered, your data will be automatically blocked for further use and deleted after 10 years at the latest, unless we are required by Art. 6 para. 1 s. 1 lit. c GDPR due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) to store it for a longer period of time.
We have concluded an order processing contract with Zendesk. With this contract, Zendesk assures that your data will be processed in accordance with the GDPR and that your rights will be protected. When using Zendesk, data can also be transmitted to servers in the USA. In order to ensure the appropriate level of data protection required by law when transferring data to the USA, we have concluded the EU standard contractual clauses in the so-called “Controller to Processor” variant with Zendesk.
For more information on data protection in connection with Zendesk, please refer to the privacy policy.
8. Data subjects‘ rights
You have the right:
•    pursuant to Art. 15 GDPR to request information from us about the personal data stored about you;
•    pursuant to Art. 16 GDPR to demand immediate rectification of inaccurate or completion of your personal data saved with us;
•    pursuant to Art. 17 GDPR to demand deletion of your personal data saved with us;
•    pursuant to Art. 18 GDPR to demand restriction of processing of your personal data;
•    pursuant to Art. 20 GDPR to receive your personal data you have provided us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
•    pursuant to Art. 77 GDPR to lodge a complaint to a supervisory authority. You can contact the supervisory authority of our registered offices (https://www.datenschutz-berlin.de/).
9. Right to object pursuant to Art. 21 GDPR
Pursuant to Art. 21 GDPR you have the right to object to the processing of your data at any time. In the event of an objection, we will no longer process your data. An exception exists if there are compelling reasons worthy of protection which outweigh your interests.
If you want to exercise your right to object, simply send an email to dataprivacy(at)xovis.com.
10. Technical data security
All data that you personally transmit is encrypted using the common and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure TLS connection by the attached s at http (i.e. https://..) in the address bar of your browser or by the lock symbol in the lower area of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
11. Actuality of and changes to this Data Protection Policy
This privacy policy is currently valid and has the status of May 2024. Due to the further development of the website or due to changes in legal or official requirements, it may become necessary to amend this data protection declaration.