Privacy Policy

September 2024  

We (i.e., the company providing this Privacy Policy or listed in the imprint as the operator of this site) take the protection of your personal data seriously. This Privacy Policy describes how we collect, use, disclose, transfer, and store (“process”) your personal data. The data collected depends on the context of your interactions with us, the products, services, and features you use, your location, and applicable laws. 

 1. Processing of Personal Data Related to Your Use of Our Websites, Applications, and Online Services 

Categories of Data and Purpose of Processing 

When you use our external and internal websites, applications, or online services (each referred to as an "Online Offering"), we process the following categories of personal data: 

- Contact information: such as first and last name, business address, business phone number, business mobile number, and business email address. 

- Organizational information: including position and company name. 

- Other personal data: provided by you in contact forms or other forms within the Online Offering. 

- Information submitted in support requests, surveys, comments, or forum posts. 

- Automatically collected information: such as device and user ID, operating system details, pages and services accessed during your visit, and the date and time of your user requests.  

Purpose of Processing:  

We process your personal data for the following purposes: 

- To enable you to use the services and functionalities of our Online Offerings, including account creation and administration, updates, security, and error resolution. 

- To provide customer support and improve our Online Offerings. 

- To process payments for the use of an Online Offering. 

- To verify your identity and enable user authentication. 

- To process your inquiries or instructions. 

- To manage your orders and provide related information and offers. 

- To contact you with information and offers about our products and services or for customer satisfaction surveys. 

- To enforce our terms of use, assert or defend legal claims, and prevent fraudulent or malicious activities, including attacks on our IT infrastructure.  

Online Offerings Provided by Your Company 

In some cases, our Online Offerings are provided by the company you are employed with. Personal data processed in these cases is done under the instruction of your company, according to a data processing agreement. Your company is the data controller in such cases. Please contact your company for any inquiries about the data processed on its behalf. 

 2. Processing of Personal Data Related to Your Use of Our Marketplaces 

Categories of Data and Purpose of Processing 

When you use our marketplaces (each referred to as a "Marketplace"), we process the following categories of personal data: 

- Contact information: such as first and last name, business address, business phone number, business mobile number, and business email address. 

- Organizational information: including position and company name. 

- Payment data: including information necessary for processing payments or preventing fraud, such as credit card details and security codes. 

- Other personal data: provided by you in forms within the Marketplace. 

- Compliance and export control screening data: such as birthdate, nationality, residency, ID numbers, and information on relevant legal proceedings. 

- Automatically collected information: such as device and user ID, operating system details, pages and services accessed, and the date and time of your requests. 

Purpose of Processing: 

We process your personal data to: 

- Communicate with you regarding our services and products. 

- Manage the contractual relationship, including order processing, payment collection, accounting, and delivery of goods and services. 

- Conduct marketing and customer satisfaction surveys, as outlined in Section 4. 

- Maintain the security of our products, services, and websites. 

- Comply with legal obligations, including compliance screenings to prevent financial crimes. 

- Settle legal disputes and enforce legal claims. 

 3. Processing of Personal Data of Business Partners 

Categories of Data and Purpose of Processing 

In the context of working with business partners (e.g., customers, prospects, distributors, suppliers), we process the following personal data: 

- Contact information: such as first and last name, business address, business phone number, business mobile number, and business email address. 

- Organizational information: including position and company name. 

- Payment data: necessary for payment processing or fraud prevention. 

- Other information: provided in the context of projects or contractual relationships. 

- Publicly available data: such as data from professional social networks. 

- Compliance and export control screening data: including personal identifiers and legal proceedings information. 

Purpose of Processing: 

We process this data to: 

- Communicate with business partners regarding products, services, and projects. 

- Manage the contractual relationship, including processing orders and conducting maintenance or repairs. 

- Create a business-related profile to improve communication and tailor offers. 

- Conduct market analyses, competitions, or events. 

- Conduct customer satisfaction surveys and marketing activities as outlined in Section 4. 

 4. Customer Satisfaction Surveys and Direct Marketing 

In compliance with applicable laws, we may use your contact data for direct marketing (e.g., event invitations, newsletters) and customer satisfaction surveys. You can object to this use at any time by contacting us at contact@orbit.eco. 

 5. Processing of Personal Data in Job Applications 

If you apply for a job, we process your personal data as described in the Privacy Policy of our recruiting portal or the platform used for your application. 

 6. Data Transfers and Sharing 

We only share personal data as follows: 

- With subsidiaries and partners: to facilitate business relationships. 

- Marketplace transactions: with relevant entities involved in the transaction. 

- With service providers: for tasks such as IT services and payment processing. 

- Other third parties: for legal compliance or enforcing rights. 

 7. Retention Periods 

Personal data is deleted once it is no longer needed unless legal obligations require longer retention. 

 8. Your Rights 

You have the right to: 

- Request access to and information about your personal data. 

- Request correction or deletion of your personal data. 

- Restrict or object to processing. 

- Request data portability. 

 9. Data Security 

We take appropriate technical and organizational measures to protect personal data. 

 10. Contact 

Our data protection team is available for all privacy-related inquiries and complaints. You can contact us at datenschutz@orbit.eco.  

Additionally, you can contact the relevant data protection authority. 

 11. Processing of Personal Data Under the GDPR 

This section applies if your personal data is processed by one of our entities within the European Economic Area (EEA). 

Data Controller for Online Offerings: The entity listed in the imprint of the Online Offering is the data controller. 

Legal Basis for Processing: 

Unless otherwise specified, data processing is based on: 

- Contractual fulfillment (Art. 6 (1)(b) GDPR) 

- Legal obligations (Art. 6 (1)(c) GDPR) 

- Legitimate interests (Art. 6 (1)(f) GDPR) 

Where consent is provided, it serves as the legal basis (Art. 6 (1)(a) GDPR). 

 12. Data Transfers Outside the EEA 

We ensure appropriate safeguards for data transfers outside the EEA, such as Binding Corporate Rules or Standard Contractual Clauses. 

 13. Additional Information for US Users 

Do Not Track: Our Online Offerings do not recognize “Do Not Track” settings. 

Use by Children: Our services are not intended for children under 13. 

For specific rights in certain US states, please refer to our detailed policies.