Thank you for your interest in our service.
The following passages provide you with detailed information about our policies for the data protection and why we collect data and how we protect it.
Article 12 of the General Data Protection Regulation (GDPR) states that the controller shall take appropriate measures to provide any information relating to processing data in a way its
In order to maintain a high level of data protection as well as the faith of our customers we considered those measures and adapted our data protection policy.
You can visit our website www.createctrl.com without providing us any personal data.
During your visit of our webpage, it is possible that we will store automatically specific types of data (e.g. cookies). The following passages will give specific information about this topic.
Cookies can have a unique Cookie-ID, which consists out of a string. Webpages and servers can be assigned to the specific web browser by storage.
The temporary storage or process of cookies is based on Art. 6 (1) lit f GDPR. The data is not stored consistently.
Our webpage or the host of the webpage processes data in so-called log files. This type of data is used solely to ensure an operation of our webpage without any troubleshooting and improves our offers.
The following data will be protocolled:
We use this data for statistical analysis and to improve our webpage.
CreateCtrl AG reserves to analyse the log-files if indications suggest an unlawful use of our webpage.
The temporary storage or process of log-files is based on Art. 6 (1) lit f GDPR. This data is not stored consistently.
As a service, customers are able to use a remote maintenance on our webpage. We are using TeamViewer for this service. If TeamViewer will be conducted in the process of this service you are automatically agree to their terms and conditions as well as their End-User License Agreement
In order to guarantee a safe data processing, we concluded data processing agreements with all controllers within the meaning of Art. 28 GDPR. The contracts have been reviewed whether they meet the prevailing standards of the GDPR. In addition, we implemented technical measures for safe data processing. The signed contracts are becoming valid after May 25th 2018.
We are using the social media platform Facebook in order to inform our customers about news and updates regarding our company. While using or visiting our platform it is possible that data will be processed outside EU borders. Additionally it could be possible that data will be used for the purpose of market research or advertising.
The legal basis for processing the data from our platform is based on Art. 6 (1) lit. f GDPR. In this case, our interest persists in enforcing and resisting rights as well as communicating with our customers. If the users have to give consent in order to process their personal data, the legal basis is Art. 6 (1) lit. a GDPR (given consent to the processing)
Further information about the process and purpose of collecting and using personal data by the given social media platform as well as the rights of concerned people can be found here:
For information requests or enforcement of rights we highly recommend to contact Facebook directly. Neither can we access your data nor are we able to take actions.
By using the contact form on our webpage or the customer area, personal data will be compiled and saved.
The following paragraphs providing an overview of why we compile the data and how we are using it.
If you are using the customer area or the contact form in order to get in touch with us, personal data will be compiled for the following reasons:
Personal data can be compiled and saved in the following categories:
Customers with a support contract and a Jira account can log-in to the customer area. The following data will be compiled:
The processing of personal data in combination of a customer account serves for the purpose of customer support services, which are defined in the support contract. The data will be solely processed for the given purpose.
The legal basis for compiling the data is Art. 6 (1) lit. b GDPR.
By using the contact form on our website, the following personal data will be compiled:
If a contact request will be include the conclusion of a contract, the data will be saved for a longer period.
The legal basis for compiling the data is Art. 6 (1) lit. f GDPR.
The legal basis for saving the data for a longer period is Art. 6 (1) lit. b GDPR.
On our webpage are open vacancies to which people can send us a job application via e-mail. The personal data will be compiled for the purpose of managing the job applications. The data will be solely processed for the given purpose. Job applications can be send to us either by using the specific contact form or by sending them directly via mail. By using the contact form for job applications, the following data will be compiled:
The legal basis for compiling personal data from job applications is primarily §26 BDSG as amended. Thereafter the processing of the data, which is required in the process of justification for the employment relationship.
Legal basis for processing the data for an application is § 26 BDSG in its applicable version starting with the 25th of May 2018. With this version, the processing will be permitted within the coherence of the decision making in order to justify the employment relationship.
For the purpose of prosecution, the processing of data can take place on the legal base of Art. 6 (1) lit f GDPR. In this case, our interest persists in enforcing and resisting rights.
If you contact us by mail for the purpose of an enquiry, your data will be saved for processing your enquiry. If the enquiry is for closing a contract with us, the processing of data can take place on the legal base of Art. 6 (1) lit b GDPR. Depending on your type of enquiry, the processed data can be your surname, first name, telephone number, e-mail or address. Further processing of your data will be limited by the given purpose (e.g. interest in using our products, contract closing, acquiring new customers). The data will be deleted after the intended purpose has been reached and all statutory retention obligations, with respect to commercial and tax law, have been met.
We compile personal data solely for the following purposes:
Personal data is saved on our in-house databases. We implemented technical and organisational measures for the safety of the data.
Unless there is no enactment or valid and mandatory instruction from a government or regulating authority, the data will not be disclosed.
Unless there is no enactment or valid and mandatory instruction from a government or regulating authority, the data will not be passed or disclosed.
For the safety, maintenance and service of personal data operators within our company have rights of access. In addition, affiliated companies have the same rights of access
The GDPR provides the following rights for individuals:
Individuals have the right to be informed about the collection and use of their personal data.
Individuals have the right to access their personal data. It is possible to make a subject access request verbally or in writing.
Individuals have the right to have inaccurate personal data rectified, or completed if it is incomplete. They can make a request for rectification verbally or in writing.
Individuals have the right to have personal data erased. They can make a request for erasure verbally or in writing. The right is not absolute and only applies in certain circumstances.
Individuals have the right to request the restriction or suppression of their personal data. They can make a request for restriction verbally or in writing. The right is not absolute and only applies in certain circumstances.
Individuals have the right to obtain and reuse their personal data for their own purposes across different services.
Individuals have the right to object to the processing of their personal data in certain circumstances. They can make an objection verbally or in writing.
If you have further questions or want to retrieve further information about the given rights, please feel free to contact use directly by using the contact details provided here in our data policy or in our legal notice.
If a customer thinks that we process data unlawful and against the GDPR, he can reach out to us or the corresponding controlling institution.
If it is necessary, we may change parts of our data policy. Due to changes in law enforcement, regulations or standards, which might develop and change frequently, we have to adapt our data policy. Furthermore, changes in our business model have to be considered as well.
Changes will be implemented in this data policy continuously.
Therefore, we highly recommend reading our data policy from time to time in order to check if we implemented some changes.
Responsible in terms of the GDPR is:
Friedenheimer Bruecke 21
Tel.: +49 89 / 55 27 77-0
Bezüglich Inanspruchnahme von Betroffenenrechten, können Sie sich an unseren Support oder den Datenschutzbeauftragten wenden.
Friedenheimer Bruecke 21
Our webpage uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In case IP-anonymization is activated on this website, and your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area.
You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser: Google Analytics Opt-out Browser Addon
Here you can read further information about the data usage of Google Inc: Safeguarding your data