Privacy Policy

Last revised: 3rd May 2021

The following information provides you with details about how we process your personal data and your rights under data protection law.

1. Controller and data protection officer


Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen, Germany
Tel.: +49 (0) 800 646 6582
Email: info@konicaminolta.eu

If you have any questions concerning data protection, you are welcome to contact our company data protection officer:

Dr. Frederike Rehker
Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen
Tel.: +49 (0)511 7404-0
Email: dataprotection@konicaminolta.eu

2. What are my rights as a data subject?


As a data subject, you have the following rights:

2.1 Right of access (Art. 15 GDPR): You have the right to be informed at any time of the categories of personal data processed, the purposes of processing, any recipients or categories of recipients of your personal data and the planned storage period.

2.2 Right of rectification (Art. 16 GDPR): You have the right to request the rectification or completion of personal data concerning you that is incorrect or incomplete.

2.3 Right to erasure ("right to be forgotten") (Art. 17 GDPR): You have the right to request the immediate erasure of your personal data. In particular, we are obliged as the responsible party to delete your data in the following cases:

Please be aware that the right to erasure is subject to a limitation in the following cases, so that a deletion is excluded:

2.4 Right of restriction of processing (Art. 18 GDPR): You also have the right to request that the processing of your personal data be restricted; in such a case, your personal data will be excluded from any processing. This right applies if:

2.5 Right of data portability (Art. 20 GDPR): You have the right to receive the personal data concerning you that you have provided to us as a controller in a structured, common and machine-readable format and to transfer it to another controller. Furthermore, you also have the right to request that your personal data be transferred from us to another controller, insofar as this is technically feasible.
The requirements for the applicability of data portability are:

2.6 Right to object (Art. 21 GDPR): You have the right at any time to object to the processing of your personal data on grounds arising from your particular situation. This also applies to profiling. The requirement for this is that the processing is based on a legitimate interest on our part (Art. 6 (1)(1)(f) GDPR) or the public interest (Art. 6 (1)(1)(e) GDPR).

Furthermore, you may also at any time object to the processing of your personal data for the purposes of direct marketing or profiling linked to such direct marketing.

Should you object to the processing of your personal data based on a legitimate interest, we will check in each individual case whether we can show grounds worthy of protection that override your interests and rights and freedoms. In the event that there are no reasons worthy of protection on our part or your interests as well as rights and freedoms override our own, your personal data will no longer be processed. An exception is made if your personal data is still used for the establishment, exercise or defence of legal claims.

If you object to the processing of your personal data for the purposes of direct marketing or profiling, insofar as this is linked to such direct marketing, your personal data will no longer be processed for these purposes.

2.7 Right to lodge a complaint with the supervisory authority (Art. 77 GDPR): Right to lodge a complaint with the supervisory authority (Art. 77 DPA): You also have the right to lodge a complaint with a supervisory authority at any time, in particular with a supervisory authority in the Member State of your residence, place of work or place of suspected infringement, if you consider that the processing of personal data concerning you is in breach of the data protection regulations.

The address of the supervisory authority responsible for our company is:
Barbara Thiel
Die Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 530159 Hannover, Germany
Tel: +49 511 120 4500
Email: poststelle@lfd.niedersachsen.de

2.8 Right of withdrawal (Art. 7 GDPR): If you have given us consent to process your personal data, you can withdraw this consent at any time without giving reasons and in an informal manner. Withdrawal of consent does not affect the lawfulness of the processing that has taken place on the basis of the consent up to the point of withdrawal.

3. General information regarding the topic "purposes"


As a matter of principle, the processing of your personal data by us is always linked to a specified, explicit and legitimate purpose, which has already been defined before the processing activity is commenced, in accordance with the principle of purpose limitation under Art. 5 (1)(b) GDPR. In the further course of this privacy policy, when a processing activity is cited, a description of the specific purpose is also included.

4. General information regarding the topic "legal bases"


We process your personal data in accordance with the GDPR. Accordingly, the processing of your personal data is always founded on a legal basis. Article 6 of the GDPR defines legal bases for the processing of personal data.

4.1 Legal bases for the processing of personal data


Consent
If we obtain your consent for the processing of your personal data, the processing will be carried out on the legal basis of Art. 6 (1)(1)(a) GDPR. The following example serves to clarify this legal basis: You receive advertising from us by electronic mail and/or telephone and have given your prior consent.

Contract or pre-contractual measure
If the processing of your personal data is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures taken in response to your request, the legal basis on which our processing is based is Art. 6 (1)(1)(b) GDPR.

Legal obligation
In cases where the processing of your personal data is necessary to comply with a legal obligation to which we are subject, this processing is based on Art. 6 (1)(1)(c) GDPR.

Vital interest
Should the processing of your personal data be necessary to protect your vital interests or those of another person, this processing is carried out in accordance with Art. 6 (1)(1)(d) GDPR.

Public interest
In cases where we process your personal data in order to perform a task which is in the public interest or in the exercise of official authority delegated to us, Art. 6 (1)(1)(e) GDPR constitutes the legal basis.

Legitimate interest
If the processing of personal data is necessary to safeguard a legitimate interest of our company or a third party and at the same time the interests, basic rights and fundamental freedoms of the data subject, which require the protection of personal data, do not override our legitimate interest, Art. 6 (1)(1)(f) GDPR serves as the legal basis for the processing.

4.2 Legal bases for the processing of special categories of personal data


If, in extraordinary cases, we need to process special categories of personal data, such as

by you, this processing is based on one of the following legal bases, which are de-fined in Article 9 GDPR:

Explicit consent
If you have given us your explicit consent for the processing of the above categories of personal data, this constitutes the legal basis for the processing in accordance with Art. 9 (2)(a) GDPR.

Performing duties under social security/protection and employment law
If the processing of special categories of personal data relating to you is necessary in order to comply with a legal obligation arising from social security/protection or employment law, the legal basis for this processing is Art. 9 (2)(b) GDPR.

Protection of vital interests
If the processing of special categories of personal data relating to you should be necessary to protect your vital interests or those of another person, such processing is carried out pursuant to Art. 9 (2)(c) GDPR.

Manifestly public data
Insofar as special categories of personal data of yours are processed, which have previously been made public by yourself, the processing of these data is based on Art. 9 (2)(e) GDPR.

Establishment / Exercise / Defence of legal claims
Insofar as the processing of the special categories of personal data relating to you serves us to establish, exercise or defend legal claims, Art. 9 (2)(f) GDPR constitutes the legal basis for the processing.

Substantial public interest
In the case of the processing of special categories of personal data concerning you in order to safeguard a substantial public interest arising from EU or national law, the processing is based on Art. 9 (2)(g) GDPR.

Assessment of the person's work capacity or other medical purposes such as health care
If the processing of special categories of personal data relating to you arises from a law of the EU or a Member State or a contract concluded with a member of a health profession and is carried out for the purposes of preventive health care, occupational medicine, assessment of an employee's work capacity, medical diagnosis, care or treatment in the health or social field or the management of systems and services in the health or social field, this processing is based on Art. 9 (2)(h) GDPR.

Public interest in the area of public health
If the processing of special categories of personal data of yours should be necessary for public health reasons, including protection against cross-border health threats such as pandemics, this processing is carried out on the legal basis of Article 9 (2)(i) GDPR.

Archival purposes, scientific / historical research purposes, statistical purposes
Should the processing of special categories of personal data relating to you arise from a right of the EU or a member state, which stipulates processing for archiving, scientific or historical research or statistical purposes in the public interest, this processing is based on Art. 9 (2)(j) GDPR.

5. General information regarding the topic "obligation to preserve records and time limits of erasure"


Unless otherwise stated, we delete personal data in accordance with Art. 17 GDPR or restrict its processing in accordance with Art. 18 GDPR. Apart from the retention periods stated in this privacy policy, we process and store your personal data only as long as they are necessary for the fulfilment of our contractual and legal obligations. Personal data that is no longer required after the purpose has been fulfilled will be regularly deleted, unless further processing is required for a limited period of time, which may result from other legally permissible purposes. In order to fulfil documentation obligations as well as to comply with statutory obligations to preserve records in Germany, the necessary documents are kept for six years in accordance with § 257 (1) HGB and for ten years in accordance with § 147 (1) AO.

6. General information regarding the topic "disclosure of personal data"


Recipient of your data
We do not sell or rent user data in principle. A transfer to third parties beyond the scope described in this privacy policy will only take place if this is necessary for the processing of the respective requested service. For this purpose, we work together with service providers in the areas of marketing, sales, IT, logistics and human resources, among others. We select these service providers extremely carefully. In other cases we transfer data to requesting governmental authorities. However, this only takes place if there is a legal obligation to do so, for example if a court order exists.

Locations of the processing of your personal data
In principle, we process your data in Germany and in other European countries (EU/EEA). If your data is processed in countries outside the European Union (i.e. in so-called third countries), this will only take place if you have expressly consented to it, if it is stipulated by law or if it is necessary for our service provision to you. If, in these exceptional cases, we process data in third countries, this will be done by ensuring that certain measures are taken (i.e. on the basis of an adequacy decision by the EU Commission or by presenting suitable guarantees in accordance with Art. 44ff. GDPR).

7. Cookies


To make our website attractive to visitors and enable the use of certain functions, we use cookies on various pages. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information flows to the site that sets the cookie. Most of the cookies we use are deleted at the end of each browser session (so-called session cookies). Other cookies remain on your end device and enable us to detect your browser on your next visit (persistent cookies). We use permanent cookies e.g. to maintain your login-session.

You can set up your browser to inform you when cookies are saved, to enable you to decide whether to accept cookies on a case-by-case basis or to never accept cookies. If you choose not to accept cookies, the functionality of our website may be restricted.

Cookies are used on our website for various purposes. Each cookie we use can be assigned to one of the following categories:

Technically necessary
Cookies that belong to this category are required to ensure the core functionality and/or security of this website

Functionality
Cookies of this category are used to increase user comfort e.g. by storing preferences such as language settings, text size adjustments, user names or local settings.

Marketing
These cookies are used by advertisers to serve ads that are relevant to their prospects.

Performance and analysis
This type of cookie is used to help us analyze site usage in order to measure and improve performance.

In the settings of the browser you use, you have the option of rejecting the acceptance of cookies or, for example, to limit this rejection to cookies from other parties, so-called third-party cookies. However, the browser settings you have made may mean that you may not be able to use all the functions of our website to their full extent.

Here you will find further information on the administration of cookies for corresponding browsers:

8. Central administration tool – Google Tag Manager


On our website we use the Google Tag Manager, by the Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. With the help of the Tag Manager, we can integrate and manage any software solution, such as Google Analytics, centrally on our website via corresponding code sections - also called tags. These code sections also serve to collect data about your browser, your website visits or to set cookies. However, the Google Tag Manager is only a domain that neither sets cookies nor processes personal data. A processing of your personal data takes place exclusively through the solutions integrated via the code sections, such as Google Analytics itself.

OFurther information on the processing of your personal data within the framework of the individual solutions used can be found in the separate sections of the individual solutions in the following.

9. In the context of which processing activities are my personal data processed?

9.1 Processing activity – General use

When using the website, we collect and store certain data automatically. This includes: the IP address or device ID assigned to the respective end user device, which we require for the transmission of requested content (e.g. in particular content, texts, images and product information as well as files made available for download, etc.), the type of end user device, the URL of the previously visited Internet page, the browser type and operating system used and the date and time of use.

This data processing takes place in order to facilitate the use of the website and our Service.

Aside from this, we delete or anonymize this data, including the IP addresses, without undue delay as soon as they are no longer needed for the above mentioned purposes.

9.2 Processing activity - Registration and login

To use the website you must first register to the genARate portal. The following data will be collected as part of the registration process and will be processed in order to provide the service: company name, country of residence, first name and last name, address, e-mail address. Additionally, you must indicate a password for your account. After registration you must log in with provided information in order to use the website.

We delete this information when you delete your user account, unless the information is still required for the purpose of fraud detection or in case statutory retention periods apply.

9.3 Processing activity - Email information

For registered users of the service, we will supply information on our services as following:

Service messages: Your e-mail address will be used to send you information material and periodic updates of the service.

Marketing messages: We are committed to provide you with the most interesting marketing content about Konica Minolta’s solutions which are similar to the goods and services of GenARate. Therefore, we use the information stated above to send you marketing updates, also by e-mail, if you provide us with your respective consent.

You may request at any time to stop receiving such information e-mails from us. The easiest way to do this is to send an e-mail to info@genarate.com or to the contact details given in the imprint or click on the link at the end of the information e-mails. You will not incur any costs other than the transmission costs according to the basic tariffs. We may communicate with you using a carefully chosen and monitored service provider, which will process your data in accordance with the GDPR’s obligations and who signed respective data processing agreements.

9.4 Processing activities - webanalytics


9.4.1 Google Analytics
This website uses features of the web analytics service tool Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and allow us to analyze the use of the website. The information generated by the cookie, about your use of this website, is generally transmitted to a Google server in the USA and stored there. We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.

We use the “Activation of IP anonymization” function on this website. This will reduce your Google IP address previously within Member States of the European Union or in other States Parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the US and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports on website activity, and to provide other services related to the use of the website.

For more information about how to deal with Google Analytics user data, please visit Google’s privacy policy: https://support.google.com/analytics/answer/6004245

You can prevent the storage of cookies by adjusting the settings of your browser software. However, we would like to point out that in this case, you may not be able to fully utilize all the functions of our website. In addition, you can prevent Google from collecting and processing the data (including your IP address) related to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout

9.4.2 Hotjar
This website uses features of the web analytics service tool Hotjar. The provider is Hotjar Inc., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta. This website uses features of the web analytics service tool Hotjar. The provider is Hotjar Inc., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta. We use Hotjar to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. On behalf of the operator of this website, Hotjar will use this information to evaluate the use of the website, to compile reports on website activity, and to provide other services related to the use of the website. The information generated by the cookie, about your use of this website, is generally transmitted to a Hotjar server and stored there. We use Hotjars Anonymization function on this website. This will reduce your IP address and make sure the analytics data is not personally identifiable. We will not merge the information with other personal information. Hotjar is a carefully chosen and monitored service provider, with whom we conducted a Data Processing Agreement to ensure all obligations of GDPR and national data protection laws. You may Opt-out against the analytics function simply by activating the “Do not Track” standard function in your browser. In this case, we will not process your personal data in the way described here. You may find an explanation on how to enable the “Do not Track” function at this link: https://www.hotjar.com/legal/compliance/opt-out/.

9.4.3 Intercom
We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyzes your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). The Intercom Messenger Apps and Apps in Inbox products may also provide you with access to other third party applications such as Stripe. You should consult these third parties' privacy notices for further information on their use of your personal data. As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us

9.4.4 Mixpanel
This website uses features of the web analytics service tool Mixpanel. The provider is Mixpanel Inc., 405 Howard Street, San Francisco, United States. Mixpanel’s ability to use and share information collected by Mixpanel about your visits to and use of the App is restricted by Mixpanel’s Terms of Use, available at https://mixpanel.com/terms/, and Mixpanel’s Privacy Policy, available at https://mixpanel.com/privacy/ . You can opt-out of Mixpanel at https://mixpanel.com/optout/ . To track opt-outs, Mixpanel will place a persistent opt-out cookie on your computer. If you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you might also clear the Mixpanel opt-out cookie. The legal basis for the use of Mixpanel is your consent, Art. 6 para. 1 sentence 1 lit. a GDPR.8.5. Processing activity - social media networks

9.4.5 Segment
This website uses features of the web analytics service tool Segment. The provider is Segment, 100 California Street, Suite 700, San Francisco, CA 94111, United States. Segment’s ability to use and share information by Segment about your citis to and use ot the Service is restricted by Segment’s terms of Use available at https://segment.com/legal/terms/, and Segment’s Privacy Policy available at https://segment.com/legal/privacy/. You may Opt-out against the analytics function simply by activating the “Do not Track” standard function in your browser. In this case, we will not process your personal data in the way described here. The legal basis for the use of Segment is your consent, Art. 6 para. 1 sentence 1 lit. a GDPR.8.5. Processing activity - social media networks

9.4.6 Usersnap
The Services use Usersnap to allow users to provide feedback on their experience on the various pages within genARate by taking screenshots and adding comments. The Usersnap feedback widget may ask for your name and email address. It also collects browser and operating system information to help us troubleshoot any reported issues. The provider is Usersnap GmbH, Industriezeile 35, 4020 Linz, Austria. You may visit their privacy policy here: https://usersnap.com/privacy-policy

9.5 Processing activities – Targeting and advertisement


9.5.1 Google Adwords
On our website we use the service Google Adwords from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). This service enables us to draw attention to our appealing offers on external websites by means of advertising material (so-called Google Ads). These advertising materials are delivered by Google via so-called "Ad Servers". Ad server cookies are used for this purpose. For further information on the topic of cookies, please go to "7. cookies". Ad server cookies enable the evaluation of performance parameters (e.g. ad impressions, clicks or conversions). In this way we can determine how successful the individual advertising measures are. If you come to our website via an ad from Google, Google Adwords stores a cookie on your end device. This cookie stores analysis values (unique cookie ID, number of ad impressions per placement (frequency), last impression, opt-out information (marking that the user no longer wants to be addressed)). The cookies set by Google Adwords lose their validity after 30 days. These cookies are not intended to identify you personally. Rather, they enable Google Adwords to recognize your internet browser. If you visit certain pages on the website of an Adwords client, Google and the client will recognize that you have been redirected to the client's page via a clicked advertisement. Google provides us as an Adwords customer with a statistical analysis. This analysis enables us to measure the effectiveness of our advertising measures. We do not receive any further data beyond this.
The legal basis for the processing of your personal data in the context of the use of Google Adwords is your consent according to Art. 6 I 1 lit. a GDPR. When the information stored in the ad server cookies is transferred to Google's servers. Due to Google's localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under section 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy policy. Further information on data protection at Google can be found here:
Privacy Policy – Privacy & Terms – Google
GDPR & Google Ads FAQ - Google Ads

9.5.2 LinkedIn Insight Tag
On our website we have included the conversion tool "LinkedIn Insight Tag" from the LinkedIn Ireland Unlimited Company (hereinafter: LinkedIn).
The LinkedIn Insight Tag is a small JavaScript code snippet that we have implemented on our website. With the help of the LinkedIn Insight tag, data about the visit of our website is collected and transmitted to LinkedIn. This data includes the referrer URL, IP address, device information, browser information, and a timestamp for the visit of our website. LinkedIn does not provide us with access to the personal data collected in detail. LinkedIn uses this information to provide us with reports on website audiences and ad performance, based on aggregate data, so that we can optimize our website based on the information we receive. In addition, LinkedIn provides us with the ability to track conversions and retarget our website visitors through the LinkedIn Insight tag. This allows us to display targeted advertising outside of our website without identifying the website visitor. The legal basis for the processing of your personal data in the context of the use of LinkedIn is your consent pursuant to Art. 6 I 1 lit. a GDPR.
Because of LinkedIn's localization, the transfer of your personal data to LinkedIn may involve a transfer of personal data to a third country, which is neither in the European Union nor the European Economic Area, in this case especially to the USA.
The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under section 2.8 "Right of withdrawal (Art. 7 GDPR)" in this privacy policy.
The data processed in the LinkedIn Insight tag is encrypted and anonymized within seven days. After 90 days at the latest, the anonymized data is automatically deleted if it is no longer required for the fulfillment of the defined purpose.
For more information about LinkedIn's privacy policy, please visit the following address:
https://www.linkedin.com/legal/privacy-policy

9.5.3 Newsletter
Konica Minolta offers customers and interested users a newsletter. You only need to enter your email address and the country of your company to subscribe to the newsletter. Completion of the marked fields is voluntary, and the data is used to address you personally. Registering for the newsletter is by means of a so-called double opt-in. Once you register, we send you an email to the email address you specified asking you to confirm that you want to receive the information. If you do not confirm your registration by clicking the link in the email, the link we sent you will be deactivated and your data deleted. If you consent to its receipt, you will be given access to the following information:

As part of the registration process, we store the IP addresses you use for 30 days and the dates on which you registered and confirmed registration. If you give us your consent, we will evaluate your user behavior in relation to our websites and the newsletter we send you and link it to your email address/user profile in our database. We also store information about the browser you use, your setting preferences in the operating system you use and information about your Internet connection which you used to access our website. The newsletter we send you provides us with your confirmation of receipt and reading, and information about the links you clicked onto in our newsletter. We also store which areas you visited on our website and in our apps. By creating a personal user profile we aim to focus our advertising on your interests and optimise the products on our website for you.

Our newsletter contains information and news about Konica Minolta Business Solutions Europe GmbH and other affiliated group companies (Konica Minolta Business Solutions Deutschland GmbH, Konica Minolta Business Solutions Austria GmbH, Konica Minolta Business Solutions (Belgium) N.V., Konica Minolta Business Solutions Nederland B.V., Konica Minolta Business Solutions Spain S.A., Konica Minolta Business Solutions Italia S.p.A., Konica Minolta Business Solutions Portugal Unipessoal Lda., NEA RENT - ALUGUER E COMÉRCIO DE EQUIPAMENTOS S.A., Konica Minolta Business Solutions Sweden AB, Konica Minolta Business Solutions Denmark A/S, Business Center Nord og Midtsjælland A/S, Konica Minolta Business Solutions Finland Oy, Konica Minolta Business Solutions Norway AS, Konica Minolta Business Solutions Czech spol. s r.o., Konica Minolta Business Solutions Bulgaria EOOD, Konica Minolta IT Solutions Czech a.s., WEBCOM Poland Sp. z o.o., Konica Minolta Hungary Business Solutions Ltd., Konica Minolta Business Solutions SE Ltd, Konica Minolta Croatia - business solutions Ltd, Konica Minolta Poslovna Rjesenja BH d.o.o., Konica Minolta Business Solutions Polska Sp.z o.o., Konica Minolta Slovakia spol. s r.o., Konica Minolta Business Solutions Romania s.r.l., Konica Minolta Business Solutions Slovenija poslovne resitve d.o.o., Konica Minolta Baltia UAB, Konica Minolta Business Solutions Greece S.A., Konica Minolta Marketing Services Limited, Konica Minolta Marketing Services Ireland Limited, Konica Minolta Marketing Services B.V., Charterhouse Print Management AG, Charterhouse AB, Indicia Group Limited, Hamsard 3099 Limited, Evolving Media Limited, Indicia Limited, Indicia Edinburgh Limited, Konica Minolta Business Solutions France S.A.S., Conibi S.A.S, Dactyl Buro du Centre S.A.S., OMR Impressions S.A.S., Konica Minolta Business Solutions (UK) Ltd., Konica Minolta Business Solutions East Ltd., KONICA MINOLTA Business Solutions (Northern Scotland) Ltd, Capture Imaging Ltd, ProcessFlows Holdings Ltd, ProcessFlows (UK) Ltd, Software Paradise Ltd, Digital Document Solutions Ltd, Konica Minolta Business Solutions (Ideal) Ltd., Konica Minolta Printing Solutions (UK) Ltd., Konica Minolta Business Solutions (Wales) Ltd., Konica Minolta Sensing Europe B.V., Mobotix AG)

The legal basis for the processing of your personal data is Art. 6 (1)(1)(a) GDPR.

Your consent to dispatch can be revoked at any time. You can also send an e-mail to info@genarate.com or to the contact data given in the imprint. By withdrawing your consent, the legality of the processing that has taken place on the basis of the consent until the withdrawal is not affected. Further information on your right of withdrawal can be found under point 2.9 "Right of withdrawal (Art. 7 GDPR)" in this privacy policy.

9.5.4 MailChimp
We use the services of MailChimp to send out our information e-mails and newsletters for the GenARate solution to general users. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

Among other things, MailChimp is a service that can be deployed to organise and analyse the sending of emails. Whenever you enter data for the purpose of subscribing to a newsletter and information material (e.g. your e-mail address), the information is stored on MailChimp servers in the United States.

With the assistance of the MailChimp tool, we can analyse the performance of our mailings. If you open an e-mail that has been sent through the MailChimp tool, a file that has been integrated into the e-mail (a so-called web-beacon) connects to MailChimp’s servers in the United States. As a result, it can be determined whether a newsletter message has been opened and which links the recipient possibly clicked on. Technical information is also recorded at that time (e.g. the time of access, the IP address, type of browser and operating system). This information cannot be allocated to the respective newsletter recipient. Their sole purpose is the performance of statistical analyses of newsletter campaigns. The results of such analyses can be used to tailor future newsletters to the interests of their recipients more effectively.

If you do not want to permit an analysis by MailChimp, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe via email to info@genarate.com.

The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

The data you archive with us for the purpose of the newsletter subscription shall be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted from our servers as well as those of MailChimp. This shall not affect data we have been archiving for other purposes.

For more details, please consult the Data Privacy Policies of MailChimp at: https://mailchimp.com/legal/terms/.

9.5.5 Marketo
We use the solution of Marketo EMEA Limited both in the course of our general newsletter registration and to send you information about the GenARate solution during the trial version. Marketo helps us to collect data about how you use our website and communication activities to optimise our services/products accordingly and conduct email marketing and sales activities. Processing is partially automated with the aim of assessing specific personal aspects (profiling). Marketo captures your IP address and uses cookies (text files stored on your computer – see point 7 in this privacy policy for further information) to track and analyse website use in order to tailor information to suit the interests of the user. Information generated by the cookies is transmitted to a Marketo server (sited in the EU/EEA) and stored there. On our behalf, Marketo uses this information to evaluate website use by registered persons and to compile reports about website activities. You can prevent cookies being stored via the setting preferences in your browser software. However, your cookie preferences may result in you not being able to use all the online functions offered on our website. We have also concluded a data processing agreement with Marketo.

Third-party provider information: Marketo Inc., 901 Mariners Island Blvd. Suite 500, San Mateo, CA 94404, USA; you can find the Marketo data privacy statement under the following link: https://documents.marketo.com/legal/privacy/.

9.5.6 Active Campaign
We use ActiveCampaign for our newsletter and campaigns to send you information about genARate during your usage of genARate and to track user interaction. If you choose to join our email updates, the email address that you submit to us will be forwarded to ActiveCampaign who provide us with email marketing services. Your email address will remain within ActiveCampaign’s database for as long as we continue to use ActiveCampaign’s services for email marketing or until you specifically request removal from the database. You can do this by unsubscribing using the unsubscribe links contained in any email that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list. Active Campaign also helps us to collect data about how you use our Service. It captures your IP address and uses cookies (text files stored on your computer – see point 7 in this privacy policy for further information) to track and analyse website use in order to tailor information to suit the interests of the user. You can prevent cookies being stored via the setting preferences in your browser software.

Third party provider information: Active Campaign LLC, 1 North Dearborn St, 5th floor, Chicago, IL 60602 – USA; you can find the ActiveCampaign data privacy statement under the following link: https://www.activecampaign.com/legal/privacy-policy

9.6 Processing activity - CloudFront


This website uses the content delivery network (CDN) CloudFront. This is a service of Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA (hereinafter: Amazon Web Services). The CDN is integrated in the form of Java script code on our website and reloaded during a visit. CloudFront allows us to provide increased loading performance, improved availability and data loss prevention by providing duplicate data (e.g. graphics or scripts) from this website on different servers around the world. The CDN can speed up the delivery of websites, whether its static objects (e.g., images, style sheets, JavaScript, etc.) or dynamic content (e.g., videos, audio, motion graphics, etc.), to users across the globe. The CDN offers a multitier cache by default that improves latency and lowers the load on origin servers when the object is not already cached at the server.

When you visit this website, Cloudfront is acting like a proxy server between you and the origin server and request data in an automated way to increase the performance. These automated requests may lead to a processing of personal data, such as photo/video files and your IP address, on the servers of Amazon Web Services. Because of Amazon’s localization, the transfer of your personal data to Amazon may involve a transfer of personal data to a third country, which is neither in the European Union nor the European Economic Area, in this case especially to the USA. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Due to the fact that Cloudfront is embedded on our website by means of Java Script, you can prevent its execution by disabling Java Script in your browser or by installing a so-called Java Script blocker (e.g. https://www.ghostery.com).

The legal basis for the processing of your personal data in the context of the use of Cloudfront is our legitimate interest, which in this case is to ensure the security and availability of this website, according to Art. 6 I 1 lit. f GDPR.

You can obtain further information on the subject of data protection at Amazon Web Services at the following address(es): Data Privacy - Amazon Web Services (AWS) or GDPR - Amazon Web Services (AWS)

10. Konica Minolta Global Policy

To the Global Personal Data Protection Policy.