Unite Network AG, Neumarkt 9, 04109 Leipzig, Germany (hereinafter ‘Unite’ or ‘we’), the operator of the B2B network Unite, takes the protection of your data very seriously. We maintain the B2B network Unite in accordance with applicable data protection legislation as well as the rights and obligations contained in the EU General Data Protection Regulation (hereinafter ‘GDPR’). Below, we explain how your personal data is processed by Unite.
The data protection supervisory authority for Unite is:
Das Bayerische Landesamt für Datenschutzaufsicht (BayLDA)
91522 Ansbach (Germany)
1 Date processing when using our website
Unite operates the B2B network Unite. When you visit our website, various information such as your IP address is automati-cally sent to our server and temporarily stored. The legal basis for this is point (f) of Article 6(1) GDPR. Our legitimate interest arises from the following purposes:
- Optimising the connection
- Ensuring and optimising the user-friendliness and handling of the website
- Ensuring system security and stability
- Hazard prevention and criminal prosecution in the event of a cyberattack
2 Accessing Unite
3 Client management
Users can set up users and companies. They are responsible for managing and organising their users and companies, and can access the information given and generated about them. The account holder can do the following:
- Make settings affecting users
- Allow users to access the account or cancel this access
- Access and save account data
4 App Store
Information about an app, such as the provider’s contact details, is publicly viewable in the App Store. Furthermore, when networking, the contracting parties have access to various contact data.
5 Data processing when orders are placed
Whenever an order is placed, data is processed to enable all the processes required to be carried out. The legal basis for this is provided by points (b) and (f) of Article 6(1) GDPR. The data required is shown in the input template which you fill in when placing an order.
The following data is processed to execute the purchase contract: Your email address is used to communicate with you electronically about your order and its processing in accordance with point (c) of Article 6(1) GDPR.
The partner company takes orders and forwards them to Unite. Unite then forwards each order to the respective provider.
Invoicing and payment processing
If invoicing and payment processing (payment acceptance and forwarding) is carried out via Unite Financial Services EU GmbH (for business within the EU and UK) or Unite Financial Services Schweiz GmbH (for Switzerland), Unite will forward the necessary data to them for this purpose. Unite Financial Services EU GmbH in turn will appoint a payment service provi-der (Mangopay, 2 Avenue Amélie, 1125 Luxembourg, Luxembourg; https://www.mangopay.com/en_UK/privacy/, https://unite.eu/en_GB/howTo/letterhead) and forward the payment data to it.
If orders are placed using the Commissionaire Model, the order data is forwarded to both the respective Mercateo national subsidiary as the seller (to process the purchase contract) and the provider as the principal (to process the order). The seller is the respective Mercateo national subsidiary executing the contract which operates the Mercateo procurement platform for the territory where delivery is to take place. A list of Mercateo’s national subsidiaries and individual procure-ment platforms (including their privacy policies) is available at https://www.mercateo.com/corporate/info/contractual-partners/.
6 Additional data processing
Furthermore, we collect and record the data which you explicitly provide us with, for example by email, on the telephone, or in any other way, such as online chat (Intercom) or a feedback form. You will be informed of the type of data which we need to collect before the respective process is carried out if this is not apparent from the process itself. In addition, data such as your IP address as well as the date and time may also be collected. If third-party communication software is used, the third-party providers may process usage data and metadata for security, service optimisation or marketing purposes. Therefore, please note the privacy policies of the respective third-party providers.
Furthermore, usage data which you create when using the network (e.g. during search operations) is collected. Usage data may include personal or corporate data or enable such data to be deduced. Usage data is stored automatically in server log files, and is employed to make the usage of the network’s features more attractive as well as to ensure and improve their efficiency. This constitutes a legitimate interest for us as provided for by point (f) of Article 6(1) GDPR.
7 Data processing for advertising purposes and newsletters
Data processing for advertising purposes constitutes a legitimate interest for Unite under point (f) of Article 6(1) GDPR. If you are registered, we are entitled to process your contact data and to advise you of products and services as well as relevant news or invitations to surveys regardless regardless of whether you have subscribed to our newsletter.
You are entitled to opt out of the processing of your data for advertising purposes with future effect at any time free of charge, either as a whole or for the respective communication channel. Following opt-out, the contact address concerned will be excluded from any further data processing for advertising purposes. You may opt out by using the unsubscribe link (at the end of advertising emails) or in writing (email or post) using the contact details provided.
Unite is not responsible for promotional communication among Unite users. Furthermore, we will send you regular newsletters by email after prior registration (with your consent as provided for in point (a) of Article 6(1) GDPR). The newsletters for example contain information about new and/or interesting products/items as well as information about Unite and its partners, webinars, competitions and events. This is a form of advertising for both Unite and third parties (providers and partners). Subscribing to the newsletter requires a double opt-in. This means that, after entering your email address, you will receive an email after registration asking you to confirm your subscription. This is the only way to prevent others from signing up with an email address that is not their own. Subscriptions to the email are logged. Consent to receive the newsletter can be revoked at any time. A link to cancel your subscription is included at the end of every email.
Tracking is used for both the newsletter and promotional emails to measure their success and thus to improve our newsletter. This enables us to assess the response to our emails. It is not our intention to analyse the usage behaviour of individuals.
For more information, especially on online marketing, please see the document ‘Cookies, web analytics and social media’
8 Sharing data with third parties
Unite sometimes uses third parties such as processors to process your data. Such third parties are selected very carefully. Your data is processed jointly with Unite or on behalf of Unite in particular by companies affiliated with Unite. If data is shared for administrative purposes, this is based on our legitimate business and commercial interests pursuant to point (f) of Article 6(1) GDPR.
9 Third party websites
Unite has no control over the current content or operation of third-party websites which can be accessed via the network. Unite bears no liability for the content of such websites or how they handle users’ personal data.
10 Recipients outside the EU
11 Deletion of personal data
Data which we store will be deleted when the corresponding authorisation lapses (in particular once the related purpose has been achieved), blocked from further use, and deleted when the retention periods legally required under tax and commercial law have expired, unless you have expressly consented to the further use of your data or contractually agreed otherwise.
12 Data security
We take necessary and appropriate technical and organisational measures to guarantee an appropriate level of protection. We take into account the state of technological knowledge, the cost of implementation, and the nature, scope, context and purposes of processing, as well as the risks of varying likelihood, and the extent of the risks to the rights and freedoms of data subjects. For your security, your data is encrypted using an SSL (Secure Sockets Layer) website certificate.
13 Rights of the data subject
- Right of access: You are entitled to obtain information about the purposes of processing, the categories of per-sonal data concerned, the categories of recipients to whom your personal data has been or will be disclosed, the envisaged storage period, and the source of your personal data where it has not been collected from you directly.
- Right to rectification: You are entitled to obtain the rectification of inaccurate personal data as well as the completion of correct data.
- Right to erasure and restriction: You are entitled to obtain the erasure of your personal data or alternatively to obtain the restriction of processing in accordance with legal requirements.
- Right to data portability: You are entitled to receive personal data which you have provided in a commonly used, machine-readable format, or to have it transmitted to another controller.
- Right to lodge a complaint: Please contact the supervisory authority for your habitual residence or the supervi-sory authority responsible for us.
- Right to opt out: You are entitled to opt out of all data processing described here that is carried out on the basis of point (f) of Article 6(1) GDPR. Unlike the data processing described in the section ‘Data processing for advertising purposes’, we are only required to accept your opt-out request if you demonstrate compelling legit-imate grounds based on your particular circumstances.
- To exercise your rights, please contact email@example.com.
Last updated 02/2021