Privacy Policy for linQsupply®
Your data is primarily stored and processed in the Germany West Central region of Microsoft Azure. For international data transfers, we ensure that appropriate safeguards are in place.
If you have any questions about this policy or the processing of your data, please contact us at partnermanagement@linQsupply.com
Effective Date: 2024-11-28
Information We Collect
Data You Provide
We collect the following data when you use linQsupply®:
- Account Information: Name, email address, phone number, job title, and company details.
- Subscription Details: Payment information and billing details.
- Support Requests: Information you provide in support tickets or inquiries.
Business Data in EDI Messages
As part of our services, we may process the following business data:
- EDI Documents: Invoices, purchase orders, delivery notes, payment information, and other business-related data provided by you or your business partners.
- Personal Data in Business Documents: Names, contact details, or similar information included in EDI documents.
Data Collected Automatically
When you use our platform, we automatically collect:
- Usage Data: Login times, activity logs, and performance metrics.
- Technical Data: IP address, browser type, device details, and operating system.
Data from Third Parties
We may receive data from:
- Microsoft Azure: Hosting and performance metrics related to our platform.
- Payment Processors: For subscription and billing purposes.
How We Use Your Data
We use your personal and business data for the following purposes:
- To provide, operate, and maintain linQsupply®.
- To process EDI messages and forward them to your designated business partners.
- To handle subscriptions and payment transactions.
- To communicate with you regarding your account, support requests, and important updates.
- To improve platform functionality and security.
- To comply with legal obligations and enforce our terms of use.
Legal Basis for Processing
The processing of your data is based on the following legal grounds under GDPR:
- Contractual Necessity: To deliver the services you subscribed to.
- Legitimate Interests: To ensure platform functionality and security.
- Legal Obligations: To comply with applicable laws.
- Consent: For optional communication or analytics purposes.
Sharing Your Data
We do not sell your data. However, we may share it in the following cases:
- Service Providers: Trusted partners such as Microsoft Azure and payment processors who assist us in delivering our services. More information on our third-party providers can be found on our [Third-Party Sub-processors Page]. [Third-Party Sub-processors-Seite].
- Authorities: Where required to comply with legal obligations.
- Business Partners in the EDI Network: Business documents, such as invoices or purchase orders, are forwarded to your specified business partners, including those located outside the EEA (see Section "Data Transfers").
Your data will be stored and processed exclusively in the Germany West Central region of Microsoft Azure in order to meet the requirements of the GDPR and data sovereignty.
Data Transfers
International Data Transfers in the EDI Context
As an EDI service provider, it may be necessary to transfer business data to your business partners outside the European Economic Area (EEA). We ensure the following:
- Standard Contractual Clauses (SCCs): Transfers to countries without an adequacy decision are based on SCCs to ensure an appropriate level of data protection.
- Technical Measures: All transferred data is encrypted and secured using protocols such as AS2 and AS4.
- Contractual Measures: We ensure that your business partners commit to complying with data protection requirements.
Processing Within the EU
Data stored on linQsupply® is primarily retained in the Germany West Central region of Microsoft Azure.
Data security
We implement extensive security measures, including:
- Encryption: Data is encrypted both in transit and at rest.
- Access Controls: Access to data is restricted to authorized personnel only.
- Logging: All data access is logged to prevent misuse.
- Regular Security Audits: Our platform undergoes regular security assessments to identify and address vulnerabilities.
Data Retention and Deletion
We retain your data only as long as necessary for the following purposes:
- EDI Data: Business documents and transaction logs are retained for the agreed-upon period and subsequently deleted in accordance with your instructions.
- Personal Data: Personal data is deleted once it is no longer required for the original purpose.
Your Rights
Under GDPR, you have the following rights:
- Access: Request a copy of the data we hold about you.
- Rectification: Correct any inaccurate or incomplete data.
- Erasure: Request the deletion of your data ("Right to be Forgotten").
- Restriction of Processing: Limit the processing of your data in certain circumstances.
- Objection: Object to the processing of your data, particularly in cases of legitimate interest.
- Data Portability: Receive your data in a machine-readable format.
To exercise these rights, please contact us at partnermanagement@linqsupply.com
Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant updates will be communicated to you via email or notifications within the platform. The "Effective Date" at the top of this policy will always indicate the latest version.
Contact
If you have any questions or concerns about this policy, you can reach us at:
- E-Mail: partnermanagement@linQsupply.com
- Address: inSyca IT Solutions GmbH, Finsinger Feld 5, 85521 Ottobrunn, Deutschland
- Phone: +49 (089) 2154 6094