Legal Notice & Data Privacy

IMPRINT


FISA – powered by Financial Software Architects GmbH

Friedenheimer Brücke 20
80639 Munich
Germany

Phone: +49 89 9974 0901-0
E-Mail: info@fisa.one
Website: www.fisa.com


Financial Software Architects GmbH

Friedenheimer Brücke 20
80639 Munich
Germany

– or –

Rosa-Bavarese-Straße 3
80639 Munich
Germany


Registration: Amtsgericht München HRB 238979

Management Board:
Sven Schubert, Stefan Siemers, Thimo Brinkmann

Umsatzsteuer-ID: DE317399254


Phone: +49 89 9974 0901-0
E-Mail: info@fisa.one
Website: www.fisa.com




PRIVACY POLICY

The Financial Software Architects GmbH (FISA), takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the provisions of data protection law. With this data protection declaration, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both as part of the provision of our services as well as on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").

The terms used are not gender-specific.

I. Who is responsible for processing the data and who can I contact?

Responsible body for the processing of data on this website:

Financial Software Architects GmbH
Friedenheimer Brücke 20,
80639 Munich,
Germany


Phone: +49 89 9974 0901-0
E-Mail: info@fisa.one

II. What data do we process?

1. Data transfer via the internet

When you visit this website, we will process your IP address, the date and time of your visit, information about the browser used including language settings and operating system, the address of the website from which you came to our website (referrer URL) as well as information about the files you accessed. Your browser automatically transfers this data to your internet provider, and your internet provider transfers it to us.

We process this data so that you can load our website, to allow us to check and, if necessary, restore system security and stability, as well as for the purpose of obtaining statistics (see below). We are not able to assign this data to a particular person. The legal basis for this processing operation is Article 6 para 1(f) of the General Data Protection Regulation (GDPR). We have a legitimate interest in ensuring that our website is properly displayed on your screen, and in being able to identify and rectify the cause of any faults.

The data is stored in log files and automatically anonymized after 14 days.

There is neither a legal nor a contractual obligation for you to provide this data, nor is it required in order to conclude a contract with us. However, for technical reasons it would not be possible to visit our website without these data being processed.

2. Storage of cookies

We use cookies on our website. Cookies are small files that contain an ID number. Cookies are stored on your computer or mobile device when you access our website. When you access our website again, the ID number allows your computer or mobile end device to be recognized.

Thanks to session cookies, you do not have to re-submit data on our website, even if you have visited other websites in the meantime. The purpose of these session cookies is to make using our website easier. Session cookies are used solely to improve user-friendliness. We also employ persistent cookies in order to collect statistical data on the use of our website, and to evaluate this for the purposes of optimizing our services.

The legal basis is Article 6 para 1(f) GDPR. We have an interest in enabling the user-friendly use of our website and in optimizing our website and/or documenting user decisions. In particular, the cookies listed below are stored for 12 months and used for the following purposes:

  • Do Not Track cookie – preventing marketing cookies from being used

In addition, with your consent and the legal basis of Article 6 para 1(a) GDPR, we use the following cookies (stored for 12 months) for the following purposes:

  • Google Analytics – collecting statistical information about website usage
  • Google Ads – displaying interest-based advertising (retargeting)
  • LinkedIn Conversion Tracking – displaying interest-based advertising (retargeting)
  • Hubspot Analytics – collecting information about website usage

The following cookies will be erased after you close your browser.

  • Session cookie
  • Auth Server cookie

If you agree to the use of cookies and tracking technologies, you also consent to the transfer of your personal data to the USA. The USA is an insecure third country in which there is no level of data protection comparable to EU standards. In the case of certain providers, such as Google, Hubspot and YouTube, no other guarantees are offered to compensate for this deficit. There is therefore a risk that the transmission of your personal data may result in state authorities accessing your personal data without you being entitled to effective legal protection.

3. Web analysis using Google Analytics

We use Google Analytics, an analytics tool provided by Google LLC (Google), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This tool creates pseudonymous usage profiles for visitors to our website. Google uses persistent cookies (see II. 2.). The information created by the cookie about the use of our website is processed by Google in the USA. This information is the data described under II. 1. above. Google also processes the search term you used to find our website via a search engine. We use Google Analytics with enabled IP anonymization. Google will shorten your IP address within the European Union and the European Economic Area. Only in exceptional cases is the full IP address transferred to the USA before being anonymized. For more information on Google Analytics, please visit the following Google website: https://support.google.com/analytics/answer/6004245?hl=en.

This data is processed for the purpose of market research and to tailor the design of our website to meet user requirements. Google processes this data on our behalf in order to evaluate the use of our website and to compile reports on activities on our website.

The legal basis is your consent in accordance with Article 6 para 1(a) GDPR.

The data will be held for 14 months.

There is no obligation for you to provide this data, nor is it necessary for the conclusion of a contract with us. You can prevent cookies from being stored and Google Analytics from being used by changing your browser settings (see II.2.). Furthermore, you can prevent the processing of data generated by the cookie by downloading and installing the plug-in available from the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

4. Google Ads, Google DoubleClick, Google Dynamic Remarketing and Google Conversion Tracking

Our website uses other Google services provided by Google LLC (Google), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, namely Google Ads, Google DoubleClick, Google Dynamic Remarketing and Google Conversion Tracking.

If you have reached our website via an advertisement placed by Google, Google Ads will place a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad placed by Google.

If the user visits certain pages within our website and the cookie has not expired, both Google and we can recognize that the user was directed to those pages after clicking on the advertisement. A different cookie is assigned to each Ads customer so that cookies cannot be traced via webpages owned by an Ads customer. We do not collect or process any personal data as part of the advertising measures mentioned. We do not receive any additional data from using this advertising medium; in particular, the identification of users based on this information is not possible. The information collected using the conversion cookies helps in compiling conversion statistics.

These cookies generally expire after 30 days and are not used to identify individuals.

The legal basis for the integration of Google Ads and the resulting transfer of data to Google is your consent in accordance with Article 6 para 1 sentence 1(a) GDPR.

Personal data, including your IP address, is transmitted to Google in the USA whenever you visit our website. Google stores this personal data. Google may transfer the personal data collected through this technical process to third parties. Further information about data protection at Google is available at https://policies.google.com/privacy?hl=en.

There is no obligation for you to provide this data, nor is it necessary for the conclusion of a contract with us.

In addition to the consent and consent modification means described in II.2., the following applies:

If you do not want too see advertising selected by the Google Ads Tool, you can disable it using the Google Ads Preferences Manager: https://adssettings.google.com.authenticated

Google DoubleClick sets a cookie on your computer in order to record your surfing activities on different websites (tracking) and display interest-related advertising. If you want to stop this permanently, you can download a plug-in under the following link to disable the double-click cookie: https://www.google.com/settings/u/0/ads/plugin?hl=de

5. LinkedIn conversion tracking

On our website we use the LinkedIn Insight Tag for conversion tracking by LinkedIn Ireland Unlimited Company (LinkedIn), Wilton Place, Dublin 2, Ireland.

The LinkedIn Insight Tag places a unique LinkedIn browser cookie (conversion cookie) in your browser to enable the collection of the following data for this cookie: Metadata such as IP address, time stamp and page events (e.g. page visits). These cookies have limited validity. If you visit certain pages within our website and the cookie has not expired, both we and LinkedIn can recognize that you were directed to that page after clicking on the advertisement.

The LinkedIn Insight Tag allows LinkedIn to collect data on website visits, including URL, referrer URL, IP address, and device and browser features (user agent) as well as the time stamp. This data is transmitted to LinkedIn, the IP addresses are shortened or hashed (if they are used to reach members on different devices). The direct LinkedIn member identification numbers are removed within seven days in order to pseudonymize the data. The remaining pseudonymized data are then deleted by LinkedIn within 180 days.

LinkedIn does not share any personal data with us. It merely offers summary reports about the website’s target group and the performance of the advertisement. The information collected using the conversion cookie is used to compile conversion statistics. These inform us about the total number of users who click on one of our advertisements and who have been taken to a page with a conversion tracking tag. The retargeting function provided by LinkedIn helps us show visitors to our website target group-specific advertisements for our products and services outside of our website without being able to identify the user.
LinkedIn members can set the use of their personal data for advertising purposes in their account settings.

The legal basis for data processing is the consent you have given in accordance with Article 6 para 1 sentence 1 (a) of the General Data Protection Regulation (GDPR).

You can revoke your consent for user-tracking and the associated recording of your user behavior by LinkedIn by disabling cookies (see II.2.).

For more information about cookies and the LinkedIn privacy policy, please visit https://www.linkedin.com/legal/cookie-policy and https://www.linkedin.com/legal/privacy-policy.

6. Hubspot

When you visit our website and give us your consent (see II.2.), we use the technology of HubSpotInc. (HubSpot), 24 First St, 2nd Floor, Cambridge/MA 02141, United States.

HubSpot is an integrated software solution that we use to cover different aspects of our online marketing. This includes, among others: email marketing, social media publishing & reporting, reporting, contact management (e.g., user segmentation & CRM), landing pages and contact forms.

The contact information you provide is stored on the servers of our software partner HubSpot. We can use it to make contact with you and to determine which of our company’s services are interesting for you. All information collected by us is subject to this data privacy policy. We use all information collected exclusively for optimizing our marketing measures.


This technology may also include cookies (see II.2.). As part of the optimization of our marketing activities, Hubspot may collect and process the following data: geographical position, browser type, navigation information, reference URL, performance data, information about how often the application is used, mobile apps data, HubSpot subscription service credentials, files that are displayed on site, domain names, viewed pages, aggregated use, version of the operating system, internet service provider, IP address, device identification, duration of the visit, where the application was downloaded from, operating system, events that occur within the application, access times, clickstream data, device model and version.

You can find further information relating to data processing by HubSpot under https://www.hubspot.de/data-privacy/gdpr More information about HubSpot Cookies can be found under https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser? and https://knowledge.hubspot.com/account/hubspot-cookie-security-and-privacy.

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with (see II.2. and V.).

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by Hubspot. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, Art. 49 (1)(a) GDPR can serve as a legal basis. Please note the reference to the risk of data transfer to an unsafe third-country under II.2.

7. Google Tag Manager

This website uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal information. The tool triggers other tags that may collect data. Google Tag Manager does not access this data. If deactivation is made at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.


8. Newsletters

If you have subscribed to a newsletter, we will process the data you provided when subscribing to the newsletter. We process your first and last name, your work email address and company name for the purpose of regularly sending you our newsletter. Once you have subscribed to the email newsletter, we will send you an email with a confirmation link in order to verify your email address. The legal basis is the consent you gave to us when subscribing to the newsletter (Article 6 para 1(a) GDPR).

The newsletters also contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from the server of our dispatch service provider HubSpot when the newsletter is opened. In the process, information about your browser, your system, your IP address and the time of the possible retrieval is collected. This information is used for technical improvement and statistical purposes of our newsletter. The legal basis is the consent you gave to us when subscribing to the newsletter (Article 6 para 1(a) GDPR).

If you no longer wish to receive the newsletter, you can withdraw your consent to receiving the newsletter at any time without stating any reasons by clicking the unsubscribe button at the end of each newsletter.

The data which you provided when subscribing to the newsletter will be deleted without delay once you have unsubscribed from the newsletter. If you are also our customer, partner or employee, this data may be retained for a longer period for other purposes, provided it is needed to perform a contract or employment contract, or is subject to statutory retention obligations.

Our newsletter service is provided on a voluntary basis. However, we require your email address to send you our email newsletter, your name to allow us to address you personally, and your company name to verify the B2B context.

9. Marketing via email, mail and telephone

If you have given your consent to promotional communication or contact, e.g. in connection with event registration, we or our order processors will contact you by e-mail, post or telephone with information about our range of services. We use your data to send e-mail advertising and, if you have provided your address, postal advertising as well as telephone advertising if you have provided your telephone number (see right of objection under V.).

The legal basis is the consent you gave to us (Article 6 para 1(a) GDPR).

If you no longer wish to receive any marketing material, you can withdraw your consent at any time without stating any reasons by sending an email to info[at]fisa.one (for more information about the right to withdraw your consent, see V.).

The data you provided will be deleted without delay once you have withdrawn your consent. If you are also our customer or partner, this data may be retained for a longer period for other purposes if it is required for the performance of contractual or employment relationships or for compliance with statutory retention obligations.

10. Contact form

When you contact us using the contact form, we will process your personal data (especially salutation, your first and last name, the name of your company and your work email) and process them in order to answer your inquiry. This also applies when you ask for information material.

We may process data that you enter in our contact form in accordance with Art. 6 Para. 1 a) DSGVO and use it for marketing purposes, provided that you have consented to this processing by ticking the "Send" button. If you enter any sensitive information containing special categories of data (e.g. racial or ethnic origin, political opinion, religion or beliefs, trade union membership, genetic or health status or sexual orientation) into the “message” field, you are giving your consent for this data to be processed. If you transmit this data to us by email, the legal basis is Article 6 para 1(f) GDPR. If you are also our customer, Article 6 para 1(b) GDPR also applies as a legal basis.

If you no longer wish to receive any marketing material, you can withdraw your consent at any time without stating any reasons by sending an email to info[at]fisa.one (for more information about the right to withdraw your consent, see V.).

The data you provided will be deleted without delay once you have withdrawn your consent. If you are also our customer or partner, this data may be retained for a longer period for other purposes if it is required for the performance of contractual or employment relationships or for compliance with statutory retention obligations.

Our contact form service is provided on a voluntary basis. However, we require your email address to respond you, your salutation and name to allow us to address you personally, and your company name to verify the B2B context.

11. Meeting booking

When you contact us using the meeting booking form, we will process your personal data (especially salutation, your first and last name, the name of your company and your work email) and process them in order to answer your inquiry.

We may process data that you enter in our meeting booking form in accordance with Art. 6 Para. 1 a) DSGVO and use it for marketing purposes, provided that you have consented to this processing by ticking the "Confirm" button.

If you no longer wish to receive any marketing material, you can withdraw your consent at any time without stating any reasons by sending an email to info[at]fisa.one (for more information about the right to withdraw your consent, see V.).

The data you provided will be deleted without delay once you have withdrawn your consent. If you are also our customer or partner, this data may be retained for a longer period for other purposes if it is required for the performance of contractual or employment relationships or for compliance with statutory retention obligations.

Our contact form service is provided on a voluntary basis. However, we require your email address to respond you, your salutation and name to allow us to address you personally, and your company name to verify the B2B context.

12. Registering for webinars and downloading white papers and market studies

When you register for a webinar or download a white paper or a market study, we will process the data you enter for the purposes of contract performance and taking steps prior to entering into a contract. This means, in particular, that we process your email address in order to be able to send you a participation certificate or a download link. We will process your title, name, company name and your postal address for the purposes of invoicing and accurately assigning your order to your company. The legal basis for the data which you have entered into the required fields is Article 6 para 1(b), and for the data you have provided on a voluntary basis is your consent pursuant to Article 6 para 1(a) GDPR.

In addition, with your consent we use your data in order to send you email advertising and – if you have provided your postal address – to send you advertising by mail (see V. regarding your right to object).

We might share your personal data for communication purposes with a partner when you register for a joint webinar. This is explicitly pointed out when registering for a partner webinar. The legal basis is the consent you gave to us when registering for a partner webinar (Article 6 para 1(a) GDPR).

If you no longer wish to receive any marketing material, you can withdraw your consent at any time without stating any reasons by sending an email to info[at]fisa.one (for more information about the right to withdraw your consent, see V.).

The data you provided will be deleted without delay once you have withdrawn your consent. If you are also our customer or partner, this data may be retained for a longer period for other purposes if it is required for the performance of contractual or employment relationships or for compliance with statutory retention obligations.

13. Processing of your data, if you contact us for business purposes

If you contact us as a interested party, supplier, service provider or other business partner, we process your personal data such as contact data or correspondence to the extent that this is necessary to process your enquiry (legitimate interest according to Article 6 para 1(f) GDPR) or to initiate or process the respective transaction (Art. 6 para. 1 letter b GDPR) and, if necessary, store the data within the scope of statutory storage obligations (due to statutory obligations according to Article 6 para 1(c) GDPR).

The same applies if you are an employee of an interested party, supplier, service provider or other business partner and we receive your personal data in this context; the legal basis in this case is our legitimate interest in establishing or carrying out the business relationship with your employer (Article 6 para 1(f) GDPR).

14. Embedding of YouTube videos

On this website, we use the YouTube embedding function to display and play videos from the provider YouTube, which is owned by Google Ireland Limited (Google), Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

We use the extended data protection mode, which means that videos are not accessed via youtube.com, but via youtube-nocookie.com. According to the provider, the extended data protection mode ensures that user information is only stored when the video(s) is/are played. When you start playing an embedded YouTube video, the provider YouTube uses cookies to collect information about your user behavior. According to YouTube, these are used, among other things, to collect video statistics, improve user friendliness and prevent any improper behavior. If you are logged in to a Google account, your data will be directly associated with your account.

Data may also be transmitted to the servers of Google LLC. in the USA.

Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in accordance with Article 6 para 1(f) GDPR on the basis of Google's legitimate interests in showing personalized advertising, market research and/or needs-based website design. In addition, our legitimate interest in connection with the integration of the videos according to Article 6 para 1(f) GDPR lies in the evaluation of user behavior, design of our website in response to user interest and the exploitation of the financial potential of our website.

We do not store any data in connection with playing YouTube videos. For information on data saved by Google, please see the provider’s privacy policy under the heading of YouTube: https://www.google.de/intl/de/policies/privacy.

If you do not want the assignment with your profile at YouTube, you must log out of Google before activating the button.

You have the right to object to the creation of these user profiles, but to do so, you must contact YouTube directly. Visit https://adssettings.google.com/authenticated to opt out.

15. Google reCAPTCHA

We use Google reCAPTCHA from Google Inc. (Google), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, to prevent spam.

reCAPTCHA is a free service that protects websites from spam and abuse. It uses advanced risk analysis techniques to distinguish humans from bots. With the new API, a significant number of your valid human users will pass the reCAPTCHA challenge without having to solve a CAPTCHA. We use reCAPTCHA to secure forms.

The legal basis for the use is Article 6 para 1 (f) (lawfulness of processing), because there is a legitimate interest to protect this website from bots and spam.

By using reCAPTCHA, data is transferred to Google which Google uses to determine whether the visitor is a human or a (spam)bot. What data is collected by Google and what it is used for, you can read at https://policies.google.com/privacy?hl=de-AT

The terms of use for Google services and products can be found at https://policies.google.com/terms?hl=de-AT

16. Google Fonts

We use Google Fonts from Google Inc. (Google), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, on our website.

Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google account information is transmitted to Google while using Google Fonts. Google only records the usage of CSS and the fonts used and stores this data securely. You can find out more about these and other issues at https://developers.google.com/fonts/faq?tid=111106004

You can read about what data is collected by Google and what it is used for at https://www.google.com/intl/de/policies/privacy .

17. Link to third party websites

The website may contain links to websites provided by third parties. If you follow a link to any of these websites, we advise you to note that such websites have their own privacy policies and that we do not under any circumstances vouch for such websites or their policies. Hence, we encourage you to read the privacy policy of each website before disclosing any personal data.

III. What is the source of my data?

Generally speaking, we obtain your data from you. In some cases, data may originate from one of the following sources:

  • Publicly available commercial registers or registers of associations (company name, addresses)
  • LinkedIn Corp., 2029 Stierlin Court, Mountain View, CA 94043, USA based on your consent given when registering using your LinkedIn account (first name, last name, email address, profile picture, link to your LinkedIn profile, header of your LinkedIn profile, city of residence, place of residence, information given under “Skills & Endorsements”, “industry”, summary, number of contacts, most recently shared article)

IV. Will my data be transferred to third parties?

We will not sell, rent or trade or otherwise share any of your personal data to any unaffiliated third party or use your e-mail address for unsolicited e-mails, unless otherwise stated in this Privacy Policy.

However, we may share personal data with subcontractors to facilitate, provide, perform, or to analyze the services and website. They will only process data under our instruction; they will not do so for their own purposes.

In certain cases, some of your data may be transferred to data processors, either if you have given your consent to this (Article 6 para 1(a) GDPR, if we have a legal obligation to do so (Article 6 para 1(c) GDPR, or if it is necessary in order to safeguard our legitimate interests (Article 6 para 1(f) GDPR).

Where the processors or other recipients are located outside the EU or the European Economic Area, an adequate level of data protection shall be established by concluding standard contractual clauses adopted by the European Commission with the respective contractual partner.

We use the following categories of contractors who may process your personal data:

  • Storage providers (servers)
  • CRM-system providers
  • Accounting and bookkeeping providers
  • Communication providers (e-mail and chat systems)
  • Marketing automation providers

Please note that we may disclose personal data to third parties if we are required to do so by applicable law, regulation or a decision from a competent court.

V. What rights do I have with respect to my data?

Under the provisions of Article 15 GDPR, you have the right to request information on whether we process your personal data and on which data we process. You have the right to request the rectification and completion of incomplete personal data pursuant to Article 16 GDPR. Under the provisions of Article 17 GDPR, you have the right to have your data deleted, or under the provisions of Article 18 GDPR, to have it made unavailable. Pursuant to Article 21 GDPR, you have the right to receive any data transmitted to us on the basis of consent or a contract, provided that the data is processed by automated means. If you wish, and if this is technically possible, we will transfer this data to a third party. In certain circumstances, your rights may be limited, or excluded, by law.

If we process data to safeguard our own interests exclusively on the basis of Article 6 para 1(f) GDPR, you have the right to object to your data being processed for reasons arising from your particular situation. Should you object, we will no longer process the data concerned unless we can demonstrate compelling legitimate grounds for the processing thereof, grounds which override your interests, rights and freedoms, or unless such processing serves for the enforcement of legal claims.

Furthermore, you may withdraw your consent to the use of your data for advertising purposes at any time without incurring any costs other than the cost of transmitting the notification at the basic rate. You have the right to object to being sent advertising emails at any time free of charge, for example by clicking on the unsubscribe button at the end of such an email. You also have the option to object by writing an email to info[at]fisa.one.

If you have given your consent to data processing, you have the right to withdraw that consent at any time. Withdrawing your consent will not affect the legality of processing until such withdrawal is received. You can object by writing an email to info[at]fisa.one. Once your objection has been received, your data will no longer be processed. This shall not apply if we have the legal right or obligation to do so.

You have the right to lodge complaints in connection with data protection to a data protection authority, in particular to:

Landesbeauftragter für Datenschutz und Informationsfreiheit,

Wagmüllerstr. 18, 80538 München

Date: January 2022

Local and international companies trust our software

Our customers

Get your own impression

Book a live demo

Book a free live presentation of our software with our team. We are happy to answer all of your questions and see if it fits to your organization.

Send us a message

Just send us a message. We will come back to you as fast as possible according to your request.

Back