Privacy policy

BlueID GmbH appreciates your interest in our company and our services/products.

We would like to inform you by means of the following data protection information about which personal data, to what extent and for what purpose is collected, processed and, if applicable, transmitted when you visit our website. This applies equally to the services and offers accessible via the website.

If this website refers to external pages of other providers (links), you will leave our website via these links. The operators of these linked pages are solely responsible for compliance with data protection regulations and not BlueID GmbH.

1. Data protection principles of BlueID GmbH

The protection of your privacy and the security of all business data are very important to us, which we take into account in our business processes. Data protection and information security are part of our corporate policy

We attach great importance to the protection of your personal data and process it exclusively in accordance with the laws and regulations of the Federal Republic of Germany and higher-level European legal requirements, including the EU General Data Protection Regulation (GDPR). Your personal data will be processed to the extent described below for the purposes explained. This means that we only use your personal data if this is expressly permitted by data protection laws or if you have given us your express prior consent.

2. Definitions

The EU General Data Protection Regulation uses certain terms that are defined in Art. 4, e.g. personal data, processing, pseudonymization, controller, processor, recipient, third party, consent. Learn more about what certain terms mean under the General Data Protection Regulation

3. Name and contact details of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

BlueID GmbH
Schellingstraße 109a
80798 Munich
Germany

Tel.: +49 89 8099026 – 00
E-mail: info@blueID.net
Website: www.blueID.net

4. Address of the data protection officer

BlueID GmbH
Datenschutzbeauftragter
Schellingstraße 109a
80798 Munich
Germany

Tel.: +49 89 8099026 – 00
E-mail: datenschutz@blueID.net

5. General information on the processing of personal data

5.1 Scope of processing

We only process our users’ personal data to the extent necessary to provide a functional website and the content and services we offer. The processing of personal data is only carried out on the basis of the currently applicable legal basis.

5.2 Purposes of processing

The purposes of the processing of personal data are based on the performance of the business operations of BlueID GmbH and all associated ancillary business.

5.3 Legal basis for processing

  • Art. 6(1)(b) GDPR serves as the legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is party. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
  • If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.
  • Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
  • If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
  • In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

5.4 Legal or contractual provisions for the provision of personal data

The provision of personal data by you may be required by law or contract or may be necessary for the conclusion of a contract

In particular, you may be obliged to provide us with personal data for the conclusion of a contract. Failure to provide the personal data would mean that the contract with you could not be concluded.

5.5 Disclosure of personal data

We only pass on your personal data to third parties if

  • this is necessary for the performance of an existing contractual relationship with you
  • it is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of you (the data subject) which require protection of personal data
  • we are legally obliged to do so
  • this is necessary to enforce our claims and rights.
  • we receive requests from official bodies (e.g. supervisory authorities or law enforcement authorities if disclosure is necessary to prevent threats to public safety and order and to prosecute criminal offenses)

In the context of such disclosure, however, the personal data may only be used for the respective purpose.

5.6. Involvement of external service providers

Like most companies, we are not specialists in everything. That’s why we use service providers to support us in some areas of our business activities, e.g.

  • IT service providers for the maintenance of our infrastructure
  • IT developers for the further development of our applications
  • Data centers for the secure operation of our services
  • Agencies and printers for sending e-mail information or printed information

We have concluded the legally required contracts for order processing, which specifically define what the service provider may do with which data. In particular, disclosure to third parties is also excluded here. Service providers are obliged to comply with the applicable data protection regulations in these contracts.

5.7 Data erasure and storage duration

Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data.

6. Provision of the website and creation of log files

You can visit our website without registering or logging in. When you visit our website, data is collected by the web server for the transmission of data (information from the computer system of the calling computer) and partly stored in log files on the web server. This data is referred to as “usage data”.

Find out more about the creation of log files when you visit our websites

7. Use of cookies

Cookies are not fundamentally evil, but allow user interactions and other useful things when using websites. Cookies do not harm your computer and do not contain viruses

We use cookies on various pages to make your visit to our website more attractive and to enable the use of certain functions. Cookies are small text files that your browser stores on your end device at the instruction of our website.

Find out more about the use of cookies

8. Contact form and e-mail contact

Our website contains a contact form that can be used to contact us electronically. If you use this option, the data entered in the input mask will be transmitted to us and stored.

Find out more about the processing of data entered when contacting us electronically

9. Processing of business contacts

For business reasons, we receive contact information from employees and managing directors of other companies on various occasions. This information, which is usually provided personally, is stored in our contact database as a business contact.

Find out more about the processing and storage of business contacts

10. Subscription to our newsletter

You can subscribe to a free newsletter on our website. When you subscribe to the newsletter, data from the input screen is transmitted to us and stored.

Find out more about the processing of personal data when you subscribe to our newsletter

13. Registration / download portal

On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored.</p

Through this registration, we offer access to our download portal.

Find out more about the processing of personal data when you register with us

14. Use of third-party extensions

Like many other companies, we use third-party extensions (social media, analysis tools, marketing tools, etc.). Personal data (e.g. IP numbers, information from pseudonymized cookies, geodata, etc.) may be passed on to the third-party providers or transmitted automatically. The type, scope, purpose and duration of this processing of personal data may vary from case to case.

Find out more about the processing of data by third-party extensions used by us

15. When you apply online

You have the option of applying via our website. We process the personal data that you send us in the course of an online application exclusively for the purpose of handling the application process.

Find out more about the processing of your data when you apply to us online

16. Processing of data when using BlueID apps

Data is required and collected for the provision, activation and use of our apps for iOS & Android. To continuously improve our apps, we record the use of our apps anonymously. We attach great importance to privacy and do not collect any data that allows us to draw conclusions about individual persons.</p

Find out more about the processing and storage of personal data when using our BlueID apps

17. Processing of data when visiting the BlueID Facebook page

In addition to our own website, we use a Facebook page for communication and interaction with our customers and interested parties. We and Facebook are jointly responsible for the processing of personal data of visitors to this page.

Find out more about the processing and storage of personal data when you visit our Facebook page

18. Your rights as a data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

  • Right to information: You can find out whether we are processing your personal data and, if so, which data we are processing.
  • Right to rectification: If the personal data we process about you is incorrect, we must rectify it.
  • Right to erasure (“right to be forgotten”): If certain reasons apply, we must erase your personal data.
  • Right to restriction of processing: Under certain conditions, you can have the processing of your personal data restricted (e.g. blocked).
  • Right to be informed: A rectification, erasure or restriction of processing must be communicated to all recipients of your personal data.
  • Right to data portability: You may receive the personal data that you have provided to us in a machine-readable format.
  • Right to object: You may object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR. This includes in particular the objection to direct advertising.
  • Right to revoke the declaration of consent under data protection law: You can revoke any consent given to us at any time.
  • Automated decision-making in individual cases, including profiling: In certain cases, scoring and profiling may not be carried out without the involvement of a verifying person.
  • Right to lodge a complaint with a supervisory authority: You can lodge a complaint with a data protection supervisory authority. However, we ask you to contact us first to exercise your rights.

Find out more about your rights as a data subject

19. Amendment to the data protection notice

We reserve the right to adapt this data protection notice when introducing or changing new services so that it always complies with current legal requirements. The current version will then apply when you visit our website again.

Jan 2024