We, Beehive GmbH & Co. KG, are very pleased that you are interested in our website. Your privacy protection is a very important issue for us. Below you can find detailed information regarding the use of your data.
For personal data collected on our website https://www.beehive.work/ and via our app (hereinafter together referred to as “website”) as well as in the context of visiting our office rooms the following information in regard to data protection is valid:
I. Name and contact details of the controller of data processing
This information regarding data protection is valid for data processed by:
Controller: Beehive GmbH & Co. KG (below Beehive), Steinstraße 7, Email: firstname.lastname@example.org, phone: 0800-2334483; Beehive GmbH & Co. KG is represented by the general partner (Komplementärin), alstria Hamburger Str. 43 GP GmbH, and this party is represented by their directors Alexander Dexne und Olivier Elamine.
II. Processing personal data of website users
We would like to inform you about the processing of your personal data, in case of using our website as a user. Below you can find further information about detailed processing of your personal data in section III, in case of using the services of our website as a registered user und using our office rooms (service offers).
1. Collecting and storing personal data as well as the purpose and way of their use
a.) When visiting our website
As soon as you visit our website information is sent automatically to the server of our website via your browser on your terminal device (laptop, tablet, smartphone etc.). This information is stored temporarily in a so-called logfile. The following information is recorded automatically and is stored until the data is cancelled automatically:
* IP-Address of the requesting PC
* Date and time of access
* Name und URL of the recalled data
* Website, from where access is carried out (referrer-URL)
* Used browser and system software of your PC as well as name of your access provider
We use the mentioned data for the following purposes:
* In order to grant a smoothly connection of the website,
* In order to grant a comfortable use of our website,
* Evaluation of system security and stability, and
* For further administrative matters.
The erasure of logfiles is normally carried out automatically, as soon as the data is no longer necessary in relation to the purposes described above, within a few days at the latest. Furthermore, the website can track your location. That data is not stored; it is only used for the correct presentation of the network frame.
From time to time we receive records about unexpected system crashes via the app development platform (Google and Apple). The logs will only be sent as far as you have adjusted your settings in your mobile device accordingly. You can adjust and change the settings at any time in your mobile device. The records contain technical information about the condition of the app and about the cell phone during the system crash (system version of IOS, information on data storage use of the app, which other processes ran simultaneously, if you were online, if the cell phone was connected with the Internet by WiFi or mobile networks). We do not create personal references by single data, although we are theoretically able to do so. The data is stored at Appel and Google. We are only able to see the data, but we are not able to process or to delete it.
The legal basis for processing data is Article 6(1)(1)(f) GDPR. Our legitimate interests follow from the above mentioned purposes of data collection. In no case shall we use any collected data for the purpose of drawing conclusions about your person.
b.) Subscribing to our newsletter
You can subscribe to our newsletter via our website. If you have explicitly consented pursuant to Article 6(1)(1)(a) GDPR, we will use your email address to send you our newsletter at regular intervals. Indicating an email address will be sufficient to receive the newsletter. We will only use your e-mail address to send you our newsletter until you have unsubscribed. You can unsubscribe at any time, e. g. via link at the end of each newsletter or via the above mentioned contact details. Alternatively you can unsubscribe by changing the settings on the website/app. The only costs resulting from this are the transfer costs according to the basic rates of your telecommunication service provider.
Your data will not be transferred to third parties except for those partner firms, who are responsible for the technical transmission of newsletters. In these cases the use of the transferred data is limited to the utmost.
c.) Using our contact form
If you should have any questions please do not hesitate to use our contact form on our website. A valid email address must be indicated there, so that we will know where the request comes from and to answer such. Further information can be provided freely.
Data processing for the purpose of contacting is either based on Article 6(1)(1)(a) GDPR in case you have given consent, or on Article 6(1)(b) GDPR where the data processing is necessary in order to take steps at your request prior to entering into a contract, or on Article 6(1)(1)(f) GDPR because of our legitimate interest to answer your request.
We process your personal data only to answer your request. The personal data collected by us shall be erased after completion of the request submitted by you or the use of the data will be limited in case we are legally obligated to store your data.
2. Transferring data
* you have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR);
* forwarding is required under Article 6(1)(1)(f) GDPR for establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being passed on;
* processing is necessary for compliance with a legal obligation to which the we are subject (Article 6(1)(1)(c) GDPR);
* this is legitimate by law and required according to Article 6(1)(1)(b) GDPR for processing contractual relationships with you, and
* we have the personal data processed on our behalf in compliance with Article 28 GDPR.
o The website https://www.beehive.work/ is hosted in a cloud by our host provider Microsoft-Azure. Access to the above mentioned data is based on a data processing agreement according to Art 28 GDPR.
The cookie is used to store information that results from the respective context of the specifically used end device. However, this shall not mean that we directly gain knowledge of your identity this way.
Furthermore, we also use temporary cookies to optimise user friendliness, which are stored on your end device for a certain specified period. When you visit our website again in order to use our services, it will be automatically recognised that you have visited us before and which input and settings you have made so that you will not have to enter them again.
The data processed by cookies are required for the purpose of maintaining our legitimate interests and those of third parties according to Article 6(1)(1)(f) GDPR.
Most browsers accept cookies automatically. You may, however, configure your browser so that no cookies will be stored on your computer or that you will always be informed before a new cookie is set up. Complete deactivation of cookies may, however, render you unable to use all functions of our website.
4. Analysis tools
The tracking measures listed below and used by us are performed based on Article 6(1)(1)(f) GDPR. With the tracking measures used, we want to ensure demand-oriented design and continuous optimisation of our website. On the other hand, we use tracking measures in order to statistically record use of our website and to evaluate it for the purpose of optimising our offer to you. These interests are to be viewed as justified within the meaning of the above rule.
The respective purposes of the data processing activities and data categories can be taken from the corresponding tracking tool in this section.
For the purpose of demand-oriented design and continuous optimisation of our websites, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter: “Google”). In this context, pseudonymised user profiles are compiled and cookies are used (see section 5). The information generated by the cookie regarding your use of this website, such as
* browser type/version,
* operating system used,
* referrer URL (the website visited before),
* host name of the accessing computer (internet protocol address),
* time of the server query,
are transferred to servers of Google in the USA and stored there within the context of the agreement on contract data processing that we have entered into with Google. The information is used in order to evaluate use of the website in order to compile reports on the website activities and in order to provide further services connected to use of the website and use of the internet for the purpose of market research and demand-oriented design of these internet websites. This information may also be transferred to third parties if this is required by law or as far as third parties process these personal data based on a contract. In no case will your internet protocol address be combined with any other data of Google.
The IP-addresses are shortened before, that means they are made anonymous within the member states of the European Union or within other member states of the convention of the European Economic Area, so that assignments are impossible. (IP-Masking). This happens generally before data is transmitted to the US. Only in exceptional cases the full IP-address is transferred to a server from Google in the US and is shortened there. Sessions and campaigns shall be ended after the end of a specific period of time. By default, sessions shall be ended after 30 minutes without any activity, and campaigns after six months. The time limit for campaigns may be up to two years. Google uses a data processing agreement. Additionally Google commits itself to adequate safeguards pursuant to Art. 46 GDPR. You can find these safeguards on the website of Google.
You may prevent installation of the cookies by making the corresponding settings in your browser software; however, note that you may be unable to fully use all functions of the website in such a case.
You may furthermore prevent recording of the data generated by the cookie and referring to your use of the website (including your internet protocol address) and processing of these personal data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
For more information on data protection related to Google Analytics, see the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
5. Social Media
6. Rights of the data subject
You have the right:
* to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
* in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such data without undue delay;
* in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
* in accordance with Article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the data is contested by you, processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR;
* in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
* in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
* in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this.
7. Right to object
As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.
If you want to exercise your withdrawal right or right to object, simply send us an email to email@example.com.
8. Data security
Your personal data are transmitted through the internet as encrypted data in the ordering process. We secure our website and other systems against accidental or wilful manipulation, loss and destruction, as well as against access, change and distribution of your personal data by unauthorised persons with suitable technical and organisational measures. Furthermore, you should treat your access credentials confidentially at all times and close your browser window when you have completed your communication with us, in particular if you use your computer together with others. Our security measures will be improved continually to keep up with technological developments.
III. Information on processing of personal data of registered users on the website and in the Beehive offices ("Spaces")
The following provisions shall apply additionally if you use our service offer as registered user.
See our general terms and conditions on the Beehive Portal for a detailed description of the registration process, the object and scope of our service offers.
1. Registration, login and Beehive Community Tool
a. At registration
You need to indicate the following data necessary for your registration when you register with Beehive:
* Name and first name
* Email address
You can optionally provide us with the following further personal data:
* Phone number
* Company name
* Tax number
You also have the option of choosing whether Beehive may contact you by text message and send you its newsletter (for details on the newsletter, see above, item II.1.b. of this data protection statement).
Furthermore, you must accept the terms and conditions and acknowledge that you want to register in your property as entrepreneur in accordance with § 14 German Civil Code.
The legal basis for this type of processing is sect. 6 para. 1 s. 1 lit. b GDPR, execution of pre-contractual measures. The data will only be processed for as long as it is required for the purposes named.
b. For the login
If you log in to the Beehive Portal with your user account, we will collect your usage data for the purpose of compliance with the contract between you and us and based on our legitimate interest to improve our offers; the legal basis for this is Sec. 6(1)(1)(b) and (f) GDPR. Beyond this, it is possible that we are at times required by law to process your data (e.g. due to statutory archiving obligations); the legal basis for this is Sec. 6(1)(1)(c) GDPR. The data will only be processed for as long as it is required for the purposes named.
c. Beehive Community Tool
You may register in the "Beehive Community" and use our Bee Community Tool.
When you request a membership invitation in the Beehive Community, you need to indicate the following data necessary for registration:
* Name and first name
* Email address
* Beehive status (information of whether you already are a member or whether you do not want to provide any information concerning this)
You can optionally provide us with the following further personal data:
* The email address of a friend who has recommended the Beehive Community to you.
* Information on Mobile pro
Once you have been accepted into the Beehive Community, you may log in with your email address and your password.
You also have the option of logging in with your Facebook account, your LinkedIn account or your Xing account. The plug-ins of the social networks Facebook, LinkedIn and Xing respectively are integrated in this case. The respective plug-in can be recognised by the logo of the respective service provider. If you exercise this option, data will only be transmitted to us by Facebook, LinkedIn or Xing after your advance consent, which the respective service provider will request from you. There will not be any permanent link between the accounts at Facebook, LinkedIn or Xing and the Beehive Community.
Information on the purpose and scale of data collection by Facebook, LinkedIn and Xing, further processing and use of the data by such service providers and your rights and setting options in this respect to protect your privacy can be found in the data protection notes of Facebook under http://de-de.facebook.com/privacy/explanation.php, of LinkedIn under https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv, of Xing under https://www.xing.com/privacy.
Within the Beehive Community, parts of your Beehive Community account will be visible to other members. It is your own decision which data you want to share with other users. For the details on this, see your Beehive account.
The legal basis for this processing is Sec. 6(1)(1)(b) GDPR to comply with a contract or perform pre-contractual measures with you, and Sec. 6(1)(1)(a) GDPR as far as you have consented to processing of your data. The data will only be processed for as long as it is required for the purposes named.
2. Data when using the service offer, including use of the "Spaces"
It is of special importance for us to continually improve our service offers and to preserve the high level of security and user friendliness in our offices. For these purposes, we use
* an access system that records which user has entered the office when.
* sensors within the individual spaces are used in order to determine how they are used by the users. It is possible that data are collected on whether users use a seat, how long they stay there and whether they leave it in between. A personal reference is only possible for us if the user is in our premises alone. However, we do not establish any personal reference. Furthermore, we collect data concerning the temperature in the premises and the closing condition of the doors.
It is possible that data with a personal reference will be collected from you within the context of the processes described above. Processing will take place in accordance with Sec. 6(1)(1)(f) GDPR based on our legitimate interest in ensuring security in our premises for our clients and improving our service offers. The data will only be processed for as long as it is required for the purposes named.
3. Data use regarding WiFi access
For the details concerning our free WiFi access, see our terms and conditions in the Beehive Portal. Data transmission between the WiFi access and end device of the member will take place unencrypted. Therefore, it cannot be excluded that third parties will acquire unauthorised access to the transmitted data. You have the obligation of performing a security configuration of your software to protect the data transmission against third-party access. The corresponding security software (e.g. VPN software) should be used for sensitive data. Any use of the WiFi access leads to documentation and archiving of the following information:
* Internet protocol address,
* MAC address,
* Date and duration of the use,
* Name and URL of the called file,
* Downloaded data volume.
The information is collected in order to be able to demonstrate which member used the WiFi access at which time. This is done for reasons of data security and in order to uncover possible violations of applicable law or our terms and conditions. Furthermore, the information is used to ensure smooth access of all members to the WiFi. The information will be shared with the service provider aerohive (www.aerohive.com) for this purpose as well. The member's identity will not be disclosed for this. Processing will take place in accordance with Sec. 6(1)(1)(f) GDPR based on our legitimate interest in ensuring security of our systems. The data will only be processed for as long as it is required for the purposes named.
4. Authentication by TWILIO
This website uses services of Twilio Ireland Limited, 25-28 North Wall Quay, Dublin 1, Ireland, for the provision of account information by text message. In order to have authentication by text message performed via Twilio, we will transmit your phone number to Twilio. The respective current data protection information on Twilio and supplementary information can be called up on this website: https://www.twilio.com/legal/privacy. Processing will take place in accordance with Sec. 6(1)(1)(b) GDPR to execute a contract with you. The data will only be processed for as long as it is required for the purposes named.
5. Payment processing by Stripe
If you pay by credit card, your credit card data will not be stored by us, but passed on encrypted to the payment service provider Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, and processed by Stripe. Stripe will process the following information:
In relation to all transactions:
* Date of the transaction
* Monetary amount of the transaction
* Status of the transaction (accepted/rejected)
When paying by credit card:
* Credit card origin (only the last four digits will be visible to us and stored at Stripe)
* The internet protocol address through which the order was placed, in order to identify fraud
* Expiration date of the card (month and year)
* Country of origin of the credit card
* Type of credit card (credit or debit)
* Name of the credit card company (Visa, American Express, Mastercard…)
When paying by SEPA:
* Name and first name of the account holder
The respective current data protection information concerning Stripe and supplementary information can be called up on this website: https://stripe.com/de/privacy. We use the above data for statistical evaluation of our website as well. Processing takes place in accordance with Sec. 6(1)(1)(b) GDPR to comply with a contract with you or due to legitimate interests in accordance with Sec. 6(1)(1)(f) GDPR. The data will only be processed for as long as this is required for the purposes named. The financial information will be stored with Stripe exclusively. We have no access to them.
6. Emails sent by SendGrid
This website uses serves of SendGrid, Inc., 1401 Walnut, Suite 500, Boulder, CO 80302, USA, to send out emails for confirmation of registrations and orders. In order to send emails through SendGrid, we transmit your email address, your first and last name (for personalisation of the emails) to SendGrid. The respective current data protection information on SendGrid and supplementary information can be called up on this website: https://sendgrid.com/privacy. Processing will take place in accordance with Sec. 6(1)(1)(b) GDPR to execute a contract with you. The data will only be processed for as long as it is required for the purposes named.
7. Emails sent by MailChimp
This website uses services of
MailChimp, The Rocket Science Group, LLC
675 Ponce de Leon Ave NE
Atlanta, GA 30308 USA
to send emails to confirm registrations, orders and newsletters. In order to be able to have emails sent by MailChimp, we transmit your email address, your first and last name (to customise the emails) to MailChimp. The respective current data protection information on MailChimp and supplementary information can be called up on this website: https://mailchimp.com/legal/privacy/.
Processing will take place in accordance with Sec. 6(1)(1)(b) GDPR to execute a contract with you. The data will only be processed for as long as it is required for the purposes named.
8. Push messages to app users through Amazon S3
We use the service Amazon S3 to send push messages to app users. Push messages are only sent to such users who have permitted this beforehand by giving their consent by setting their mobile end devices accordingly (opt-in). After the setting is activated, an ID token will be generated and provided to us via Apple or Google through Amazon; this enables us to only contact those users who have given their consent. You can change your settings in your mobile end device at any time.
9. Consent and withdrawal
If you consent to use of your personal data, you consent to collection, processing and storage at the scale described. You may revoke your consent at any time, effective for the future. A message to the contact details named below will be sufficient for this. You may object to use of your personal data for purposes of marketing or individual measures at any time, effective for the future, by notifying us at the contact details named below.
10. Further data protection rights of the users
It is made clear that the rights of the data subjects pursuant to items II.6 and II.7 of this data protection statement apply to processing under this item III. as well.
IV. Topicality and changes of this data protection statement
This data privacy statement is currently valid as of May 2018.
Further development of our website and offers through it or changed statutory or authority specifications may require changes to this data privacy statement. You may view and print the respective current data privacy statement at any time on the website at [Please insert URL].