We thank you for your interest in the range of services offered by Business Operation Systems.
The high standards you expect of our product TopLogic – the automated app engine and of our services, serve as our guide in handling your data. We have undertaken a variety of organizational measures to create and maintain a business relationship of trust with our customers, partners and all interested parties.
The confidentiality and integrity of your personal data is of the highest priority for us. Business Operation Systems will process and use your data carefully, for a specific purpose, in accordance with your consent and in accordance with the legal provisions regarding data protection.
The following sections describe how Business Operation Systems collects, processes and uses the personal data of customers, partners and other interested parties.
Responsibility for the processing of personal data
Business Operation Systems is responsible for the processing of your personal data in accordance with the EU General Data Protection Regulation (“GDPR”).
Business Operation System is responsible for data you have transmitted to us via top-logic.com, your personal account on top-logic.com, or your cooperation with us or one of our partners, if and to the extent that the necessary data protection requirements are met.
Partners of Business Operation Systems are responsible for the processing of personal data that you yourself provide to these partners in connection with your concerns and your cooperation. Partners of Business Operation Systems also process data transmitted to partners by BOS, if and to the extent that the necessary data protection requirements are met.
Collection and processing of personal data
Business Operation Systems collects and processes your personal data in the following cases, among others:
- when you contact Business Operation Systems directly, e.g., via the website top-logic.com, chats, conferencing tools, telephone calls, e-mails or other direct contact options offered by, e.g., social media platforms.
- when you license our product TopLogic or order other services
- when you conclude a partner contract with Business Operation Systems
- when you request information about our products and services and these are e.g., transmitted electronically
- when you respond to our direct marketing activities, e.g., when you fill out a reply card or when you submit your data online on top-logic.com or on a landing page
- if your personal data is transmitted to us by partners of Business Operation Systems or third parties, if and to the extent that the necessary data protection requirements are met, e.g., when you have given your consent or you have not objected to the transfer of your data to Business Operation Systems for the purpose of customer service by written address in full knowledge of your right of objection.
- if third parties (e.g., certified address providers) legitimately provide us with personal data about you.
We ask you to support us in keeping your information up to date by informing us about changes to your personal data, in particular, your contact details.
- Data provided by you
- Contact details: name, address, telephone number, e-mail address
- Reasons for contact: interest in products, services, a partner relationship or an employee relationship
- Other personal data, such as e.g., date of birth, education, professional situation, employer, job title, area of responsibility
- Data that may be collected by Business Operation Systems in the context of a business relationship
- Contract data: customer number, contract number, commissioned services
- Online account data: Your Account ID
- Use of the Website top-logic.com: Information about how you use the Website and whether you open or forward communications from us, including information collected through cookies and other tracking technologies. Further information can be found in our Cookie Guidelines.
- Credit information: Information about any non-payment to us, as well as information about fraud, criminal acts, politically exposed persons and sanction lists in which your data is included.
- Use of TopLogic licenses
Google Analytics: Performance reports by demographics and interests (Google Ireland Limited)
Google Analytics: Performance reports by demographics and interests is a Google advertising reporting feature that provides demographic and personal interest data within Google Analytics for this website (demographic data refers to age and gender data).
Personal data processed: Unique device identification for advertising (Google Advertising ID or IDFA, for example); Trackers.
Google Analytics advertising reporting features (Google Ireland Limited)
Google Fonts (Google Inc.)
Google Fonts is a service provided by Google Inc. for the visualization of fonts, which this website can use to integrate corresponding content on its pages.
Google reCAPTCHA (Google LLC)
Google reCAPTCHA is a SPAM protection service provided by Google LLC.
Personal data processed: Cookie; usage data.
Purpose of collecting data
The data collected from you in the context of a business relationship may be processed for the following purposes.
- In fulfillment of contractual obligations in the context of license distribution and maintenance (Art. 6, paragraph 1, subparagraph b, GDPR)
Business Operation Systems collects, processes and uses personal contact data within the framework of the contractually agreed business relationship.
- Ensuring product quality and promoting the research and development of new products (Art. 6, paragraph 1, subparagraph f, GDPR)
Business Operation Systems uses the data obtained through the provision of services by BOS or by partners in a de-personalized form to ensure the quality of products and services as well as for research and development purposes. “De-personalized” means that the data is no longer directly attributable to you.
This processing is based on the legitimate interest of Business Operation Systems to meet the expectations of our customers with regard to high-quality products and services and to meet the customer desire for newly developed, innovative solutions. In order to protect your interests – in addition to de-personalization – additional security precautions and controls are implemented as required, e.g., strict data access restrictions, restrictions on data use, security measures, retention periods and data economy principles, such as the collection of exclusively relevant data.
- Customer service (Art. 6, paragraph 1, subparagraphs b, f, GDPR)
BOS uses your personal data to contact you in the context of contract processing or for the processing of a request made by you. For all aspects of the execution of the contract or the processing of a request, we will contact you without separate consent, e.g., in writing, by telephone, by messaging services, by e-mail, depending on which contact details you have provided.
We will also contact you in carefully considered cases with advertising communication if and to the extent that the necessary data protection requirements are met, and if you have not objected to the use of your data for the purpose of a written communication with your full knowledge of your right of objection.
Business Operation Systems also processes your personal data on this basis in order to uniquely identify you, e.g., in the context of your communication with us.
- Advertising communication and market research upon consent (Art. 6, paragraph 1, subparagraph a, GDPR)
Sofern Sie separat Ihre Einwilligung in eine weitergehende Nutzung ihrer personenbezogenen Daten erteilt haben, dürfen Ihre personenbezogenen Daten gemäß dem in der Einwilligung beschriebenen Umfang, zum Beispiel zu Werbezwecken und mit Ihrem gesonderten Einverständnis auch mit hoher Personalisierung auf Basis eines individuellen Kundenprofils und/oder Marktforschung, durch die Business Operation Systems genutzt und an Partner der Business Operation Systems weitergeben werden. Details hierzu ergeben sich aus der jeweiligen Einwilligungserklärung, die jederzeit für Sie widerruflich ist.
If you have given the corresponding consent to advertising communication, BOS collects and processes:
- Contact information, e.g., name, address, e-mail, telephone number
- Supplementary, personal information, preferences, e.g., company, needs, concerns, interests, status of your data protection declaration of consent, and selected or preferred communication channel
- Identification data, e.g., customer number, account ID
- Business relationship history, e.g., contract number, services commissioned and used
- Websites and social media data, if you have registered or logged in, e.g., your account ID, your account data
- Compliance with legal obligations to which Business Operation Systems is subject (Art. 6, paragraph 1, subparagraphs c, f, GDPR)
Business Operation Systems will also process personal data if there is a legal obligation to do so. This may be the case, for example, if we have to contact you because, e.g., the product you are using is affected by technical measures.
Collected data is also processed as part of securing the operation of IT systems. Securing is understood to mean, inter alia, the following activities:
- Backup and recovery of data processed in IT systems
- Logging and monitoring of transactions to check the correct functioning of IT systems
- Detection of and defense against unauthorized access to personal data
- Incident and problem management to remedy faults or disturbances in IT systems
BOS is subject to a variety of other legal obligations. In order to comply with these obligations, we process your data to the extent necessary and, if necessary, pass it on to responsible authorities within the framework of legal reporting obligations.
Furthermore, we may process your data in the event of a legal dispute if the legal dispute makes it necessary to process your data.
- Transfer of data to selected third parties
- carefully selected and vetted Business Operation Systems partners with whom we work to provide you with products and services. We only do this within the framework of the strict requirements of data processing on behalf of the company, to fulfil a contractual obligation or on the basis of your express consent.
- other third parties (e.g., public offices/authorities) insofar as we are legally obliged to do so.
Protection of personal data
Business Operation Systems employs various security measures, such as state-of-the-art encryption and authentication tools, to protect and maintain the security, integrity and availability of your data.
One hundred percent protection against unauthorized access cannot be guaranteed when data is transmitted via a website. BOS and the service providers and partners commissioned by us will use their best effort to protect your personal data in accordance with the applicable data protection regulations by means of state-of-the-art physical, electronic and procedural security measures. Among other things, we employ the following measures:
- Strict criteria for the authorization to access your data in accordance with the “need-to-know principle” (limitation to as few people as possible) and exclusively for the stated purpose,
- Firewall protection of IT systems to protect against unauthorized access, e.g., by hackers and
- Permanent monitoring of access to IT systems to detect and prevent misuse of personal data.
If you have received a password from us or have assigned one yourself that gives you access to certain areas of our website or to other portals or apps operated by us, you are responsible for maintaining the confidentiality of that password and for complying with any other security procedures of which we notify you. In particular, we ask you not to disclose your password to anyone.
Data Retention Period
Business Operation Systems will only retain your data for as long as is necessary for the relevant purposes for which we process your data. The basic principles according to which this data deletion policy provides for the deletion of your personal data are presented below.
- Use for the performance of contract obligations
In order to fulfill contractual obligations, data collected from you may be kept for as long as the contract is in force and beyond in order to comply with statutory data retention obligations and to clarify any requests or claims after the expiry of the contract.
- Use for investigation of claims
Data that, at our sole discretion, will be necessary to investigate or defend claims against us or to initiate criminal prosecution or bring claims against you, us or third parties may be retained by us for as long as appropriate proceedings may be initiated.
- Use for customer support and marketing purposes
For customer service and marketing purposes, the data collected from you may be kept for 3 to 10 years after collection, unless you request the deletion of this data and there are no contractual or legal retention obligations that conflict with this deletion request.
Granting of access to and protection of your data
Personal data is processed by employees of Business Operation Systems and its partners preferably within the EU.
If data is processed in countries outside the EU, BOS ensures with EU standard contracts, including appropriate technical and organizational measures, that your personal data is processed in accordance with the European level of data protection.
For some countries outside the EU, such as e.g., Canada and Switzerland, the EU has already established the existence of a comparable level of data protection. Due to the comparable level of data protection, the transfer of data to these countries does not require any special approval or agreement.
If necessary, BOS relies on business partners who are commissioned on behalf of Business Operation Systems within the framework of the strict requirements of data processing under data protection laws or who have concluded a partner contract with Business Operation Systems for the purpose of supporting the services offered.
To exercise your personal rights, please contact Business Operation Systems using the contact details provided or contact the data protection officer email@example.com by e-mail. Your rights include:
- Information about your data stored by us and their processing (Art. 15 GDPR)
- Correction of incorrect personal data (Art. 16 GDPR)
- Deletion of your data stored by us (Art. 17 GDPR)
- Restriction of data processing in case we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR)
- Objection to the processing of your data by us (Art. 21 GDPR)
- Data portability, if you have consented to data processing or have concluded a contract with us (Art. 20 GDPR).
If you have given us your consent to the processing of personal data, you may revoke this at any time with immediate effect for the future.
You can contact a supervisory authority at any time with a complaint, e.g., the competent supervisory authority of the federal state of your place of residence or the authority responsible for us as the responsible body. A list of supervisory authorities for the non-public sector with addresses in Germany can be found at:
E-mails from Business Operation Systems contain confidential and/or legally protected information. If the addressee becomes aware that he/she is not the correct addressee or has received the e-mail in error, we ask the addressee to inform the sender and to destroy the e-mail. Business Operation Systems points out that the unauthorized copying and distribution of e-mails is not permitted.