ONE LOGIC Network - Data Protection Declaration

Data Protection Declaration for Members of the ONE LOGIC Network

This document is intended to inform you about the processing of your personal data as part of membership as well as the claims and rights to which you are entitled under data protection regulations pursuant to Art. 13 of the EU’s General Data Protection Regulation (hereinafter referred to as “GDPR”).


1. Who is responsible for the data processing?

Please refer to Point 1.1 of the Terms of Use.

ONE LOGIC GmbH has appointed the following external data protection officer:

Verimax GmbH, Warndtstr. 115, D-66127 Saarbrücken
Mr Winfrid Meusel, email: dsb.onelogic@verimax.de
Tel.: +49 681/309873-33 (extension), Fax: +49 681/309873-29


2. Which sources and data are used?

Only personal data (Art. 4 No. 2 GDPR) provided by a member of the Network during registration (see Point 2 of the Terms of Use) or voluntarily sent as part of membership (e.g. while using the Service Desk) shall be processed. It should be noted that the ONE LOGIC Network is an offering for professional business users (a so-called B2B offering) and members register as part of their role as representatives of their company.


3. What is the purpose of processing the data and what is the legal basis of this processing?

The processing of personal data is carried out for the purpose of concluding and executing the contract and the associated secondary obligations (contract in the sense of membership to the ONE LOGIC Network), and the legality of it is based on Art. 6 Para. 1 b GDPR. Among other things, this includes communications with the members, e.g. regarding new use cases, supporting material, blueprints, white papers, product and version updates, new functionalities, insights from beta testing and development projects, as well as the promotion of the ONE LOGIC GmbH product and service portfolio.

In addition, legality may arise from the fulfilment of statutory information obligations (Art. 6 para. 1 c GDPR in conjunction with Section 24 BDSG).


4. Who will use the data and how will it be used?

Within ONE LOGIC GmbH, the only departments and functions to have access to the data are those which require it to support members within the Network.

In addition, ONE LOGIC uses various service providers (so-called “processors”) for registration, member management and communication with members. Contracts for order processing were signed with these processors within the meaning of Art. 28 GDPR. The communication channels used for this are protected against access by third parties.

Personal data is not generally transferred to third parties.

Requested feedback from members is anonymised and exclusively evaluated and used in summarised form.


5. How long will the data be stored?

To the extent required for the aforementioned purposes (No. 3), the personal data will be stored and processed for the duration of the initiation and execution of membership in the Network. In the case that membership is terminated (see Point 5 in the Terms of Use), the data is promptly deleted.

If during membership of the Network, additional contracts are concluded with ONE LOGIC GmbH, the data processing agreements concluded with it as well as a range of storage and verification obligations arising from the German Commercial Code (HGB) and the German Tax Code (AO) shall apply. The storage periods can last up to ten years.


6. Is data transferred to a third country or to an international organisation?

Data is not transferred to third countries (states outside of the European Economic Area – EEA).


7. What data protection rights exist?

Every affected person has the right to information pursuant to Art. 15 GDPR, the right to correction pursuant to Art. 16 GDPR, the right to cancellation pursuant to Art. 17 GDPR, the right to limitation of processing pursuant to Art. 18 GDPR, the right to data transfer pursuant to Art. 20 GDPR and the right to object pursuant to Art. 21 GDPR. The restrictions outlined in Sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply to the right of information and the right to deletion. In addition, there is a right to appeal to a competent data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).


8. Is there an obligation to provide data?

In the context of a membership, members are only obligated to provide personal data which is necessary for the establishment, implementation and termination of the membership. Without this data, a membership is generally not possible. Moreover, additional data can be provided on a voluntary basis for each respective purpose (e.g. when using the Service Desk or taking part in surveys).