Software

WINTRIP® is your travel expense accounting software. Easy to use, perfect for process optimisation.

App

With the i&k Capture® app, you can scan your business trip receipts and upload them to the trip and travel request.

Fullservice

Let the professionals do it! Our travel specialists will book your business trip and invoice it for you on request.

Consulting

We support you in optimising your business travel management processes with the aim of achieving measurable cost reductions.

Training

We regularly offer your teams training courses with renowned speakers, such as on the subject of travel expense law and travel safety.

Informed on the move with i&k

Privacy policy

1. General information

 

a) What does this privacy policy apply to?

This privacy policy informs the user (hereinafter also referred to as the "data subject") of this website about the handling of personal data. The operator and controller of this website is the company i&k software GmbH (hereinafter also referred to as "i&k software" or "controller"). This privacy policy contains in particular the precise, transparent and easily understandable information pursuant to Art. 13 f. GDPR. The privacy policy also informs the user about their rights as a data subject in accordance with Articles 15 to 18, 20 and 21 GDPR.

 

Furthermore, the scope of this data protection declaration also extends to the processing of personal data of customers, interested parties, applicants (m/f/d) as well as suppliers and other partners outside the website by the company I&k software.

 

The scope of this data protection declaration of I&k software expressly does not extend to external links that are indicated on the website. It should be noted that the corresponding data protection provisions of the respective website operator apply here. For this reason, we expressly recommend that you read these in full and take note of them before using the respective website.

 

b) Which terms are particularly important?

What is personal data?

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject" or "user"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person." (Art. 4 No. 1 GDPR)

 

 What is meant by processing?

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction." (Art. 4 No. 2 GDPR)

 

c) Note

If only the male gender is mentioned in this declaration or on the website, this expressly does not constitute discrimination against another gender (f/d), but serves solely to improve readability.

 

2. Which body is responsible for the processing?

The controller pursuant to Art. 4 (7) GDPR is responsible for the processing of personal data:

 

i&k software GmbH

Neuer Wall 3

24782 Büdelsdorf (Schleswig-Holstein)

 

Users can contact the data controller by e-mail at datenschutz[at]iuk-software.de if they have any concerns about data protection.

 

3. What personal data does the website operator process?

When processing personal data, the website operator always works in accordance with the principles set out in Art. 5 (1) GDPR. These include the principles of transparency, purpose limitation and data minimisation.

 

Only those persons (employees) who actually need personal data and who are trained and obliged to handle personal data are granted access to personal data by the controller.

 

automatically collected personal data

This website does not automatically collect any personal data without the user's consent to the use of cookies or the voluntary provision of information (e.g. via the contact form).

 

The user is asked for consent to the use of cookies and external media immediately at the start of use. If the user does not give their consent, external media and their content will not be displayed. Beyond this, the selected settings have no further effect on the usability of the website. 

Further information on cookies can be found in article 7 "Cookies".

 

Note

The transmission of the IP address is necessary for successful data transmission to the device used by the user. This is stored anonymised in the server log files to protect personal data.

 

In addition to the IP address, the following information is stored in a log file:

  • Date and time of the website visit
  • Period of use
  • Usage path within the website
  • Referrer URL (from which page the user came to this page)
  • Operating system and / or browser used
  • Amount of data transferred in bytes
  • Errors during website use (status codes)
  • Screen resolution used

 

All data collected in a server log file is only used for (anonymised) statistical evaluations, for improvement and to enable error-free and secure use of the website. However, the controller reserves the right to check the server log files retrospectively as soon as there are concrete indications of illegal use of the website.

 

By anonymising the IP addresses, it is not possible to assign the individual log files to a user or an individual device. For this reason, the automatically generated server log files are no longer personal data within the meaning of the GDPR from the time of anonymisation. Anonymisation is carried out by the provider (hosting provider) after 7 days at the latest. To protect personal data, we can only view the IP addresses in anonymised form before they are anonymised by the provider.

 

 

4. Customer data protection - personal data of customers and interested parties

In particular, our company processes the following personal customer data (processing outside this website):

  • Name of the company
  • Name of the contact person
  • Contact details (address, e-mail address, telephone number (mobile if applicable), fax if applicable)
  • Details of concerns / enquiries
  • Order-related data
  • Invoice and, if applicable, financial data
  • Data within the scope of order processing (a separate agreement on order processing (AVV) is concluded in accordance with Art. 28 GDPR)
  • Consents for advertising purposes (and revocations)
  • other personal data that are necessary in the context of pre-contractual measures and/or for the fulfilment of the contract

 

In the case of interested parties, i&k software processes in particular the name of the company, the name of the contact person, contact details and data on concerns / enquiries.

 

The legal bases specified below in Art. 6 also apply, where applicable, to the processing of personal data of customers, interested parties and suppliers. The processing is carried out in particular in accordance with Art. 6 para. 1 lit b, f GDPR.

 

5. Data protection for applicants - How will my data be processed?

 

a) Applications via application form

You can use our application form on our website to apply directly to us or send questions about the advertised positions to i&k software. The applicant consents to the controller processing all personal data exclusively within the scope of the respective job advertisement for the purpose of awarding the position.

 

Applicants (m/f/d, hereinafter referred to as "the applicant") regularly provide the following personal data:

  • Full name
  • Valid e-mail address
  • CV details (including name and contact details, details of professional qualifications (training, studies, specialisations and other qualifications if applicable), school-leaving qualifications, professional career, special skills, other details if applicable)
  • Other individual details and attachments
  • Details of the position applied for

 

The following personal data is required to answer questions about advertised positions:

  • Name of the applicant
  • E-mail address
  • Question / Request
  • All other information is voluntary

 

All data transmitted via the application form is SSL/TSL (HTTPS) encrypted. The data provided in this way will be used by i&k software exclusively as part of the application process. The lawfulness of the processing of applicants' personal data is based in particular on Section 26 BDSG.

 

Unsuccessful applications will be deleted no later than 6 months after the application process has been completed.

 

Would you like us to consider your interesting application for future vacancies? We will only store your personal data in an applicant database for up to 2 years if you consent to this. This enables us to consider you for future vacancies without the need for you to reapply. Of course, you can withdraw your voluntary consent at any time without giving reasons. We will delete your data immediately and completely after two years at the latest and immediately after revocation of your voluntary consent (for processing your data for a period of up to 2 years for consideration for future vacancies).

 

Further information on data protection is available to applicants directly in the respective job advertisement on our website. In the case of applications for job advertisements, applicants will receive information about the processing of their data as part of the application process and feedback on the application as soon as possible, but at the latest within two weeks of receipt of the application. In individual cases, the applicant may not receive specific feedback on the job allocation within two weeks. This may be the case, for example, if the application deadline is later.

 

b) Applications by post

Alternatively, you can also send us your application by post to i&k software GmbH, Neuer Wall 3, 24782 Büdelsdorf. The data protection provisions pursuant to lit. a (letter a) also apply accordingly to postal applications. Unsuccessful applications will be deleted no later than 6 months after the application process has been completed. We will generally return your application sent by post within this period.

 

c) Would you like to submit a speculative application?

You can send these by e-mail to info[at]iuk-software.de or by post to i&k software GmbH, Neuer Wall 3, 24782 Büdelsdorf. Please note that applications sent by e-mail are not encrypted by most e-mail programmes and providers. You will receive information about the processing of your data as part of the application process and feedback on your unsolicited application as soon as possible, but at the latest within two weeks of receipt of your application. Our data protection provisions naturally also apply accordingly to unsolicited applications.

 

  1. d) Note for applications by e-mail

As a rule, e-mails are transmitted on the Internet without any special encryption. Therefore, it cannot be ruled out that you may gain unwanted knowledge of or even modify e-mail content and unencrypted attachments from parties involved in the transmission (such as e-mail program, Internet access provider, e-mail service provider (hoster)) and other unauthorised third parties.

 

6. Lawfulness of the processing

i&k software processes all personal data provided via this website for the following purposes:

  • to respond to enquiries (pursuant to Art. 6 para. 1 lit. b GDPR)
  • for communication with the user (pursuant to Art. 6 para. 1 lit. a, b and f GDPR)
  • the purpose of contractual or pre-contractual service provision (pursuant to Art. 6 para. 1 lit. b GDPR)
  • for the provision of information and / or services intended for the user (pursuant to Art. 6 para. 1 lit. f GDPR)
  • Examination of complaints or other information from users (pursuant to Art. 6 para. 1 lit. f GDPR)
  • for the improved operation and corresponding administration of the website (pursuant to Art. 6 para. 1 lit. f GDPR)
  • to detect and prevent fraud and criminal offences and/or to ensure the necessary network and data security, insofar as these interests are consistent with the applicable law and with the rights and freedom of the user (pursuant to Section 24 (1) BDSG and Art. 6 (1) (f) GDPR)
  • if the controller is obliged to do so for legal reasons (pursuant to Art. 6 para. 1 lit. c GDPR)

 

If the data subject does not provide us with all the personal data required before, during or after order processing, this may mean that the order / enquiry cannot be processed or can only be processed incompletely. This also applies to a restriction of data, where the respective data is blocked for further use. However, this does not affect your visit to the website.

 

7. Cookies / External media

To protect the personal data of users, i&k software does not use cookies, other tracking technologies or external media that use tracking technologies on its website.

 

Note: The user's consent is not required for technically necessary cookies. Therefore, this website does not require a consent manager (cookie banner).

 

8. Other plugins / Software

Font /Fonts

The font used on this page (web fonts) is integrated via the server on which the website is operated. This means that no data is transferred to Google servers or other providers.

 

 

9. Data from other sources

If permitted by applicable law, i&k software may merge data provided by the user with other information that i&k software has already collected and stored about you at an earlier point in time for a legally compliant purpose (Art. 6 para. 1 lit a, b and f GDPR). This may be the case, for example, if the user provides i&k software with personal data via the contact form and i&k software merges this with data from an order form or quotation.

 

10. Will my personal data be passed on to third parties?

i&k software does not sell or distribute personal data, nor does it pass it on to third parties for a fee or utilise it commercially in any other way. The only exception to this is if we are obliged to do so by law or official regulations or if the person concerned has given their consent.

 

If i&k software offers a service in co-operation with a third party, i&k software will inform the customer of this in advance. In this context, we will only pass on the data to such a co-operation partner (third party) with express consent. In doing so, i&k software limits the transferred data to what is absolutely necessary and strictly complies with the applicable data protection regulations (in particular the GDPR and the BDSG).

 

i&k software will only pass on personal data to third parties in the following cases:

  1. If the data subject has given their consent in accordance with Art. 6 para. 1 lit. a and Art. 7 GDPR.
  2. The transfer is necessary for the fulfilment of contractual or pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR.
  3. There is a legal obligation to do so in accordance with Art. 6 para. 1 lit. c GDPR.
  4. If this is necessary in accordance with Art. 6 para. 1 lit. f GDPR for the establishment, exercise or defence of legal claims and there are no overriding legitimate interests to the contrary.

 

 

11. Social Media

This page only uses HTML links to social media pages in the following networks:

  • LinkedIn
  • XING

 

For pure HTML links to social media pages of i&k software (without tracking), no consent is generally required.

 

For the social media sites operated by i&k software, there is joint responsibility together with the respective network operator. This means that both i&k software and the network operator are responsible for the protection of personal data. Insofar as this falls within its sphere of influence and responsibility, i&k software consistently implements data protection in accordance with this privacy policy. However, the controller (in accordance with this privacy policy) has only limited influence on the specific organisation of and compliance with data protection by the respective network operator.

12. Where will my personal data be processed (processing area)?

In principle, all personal data collected and transmitted by i&k software via this website is processed exclusively within Germany. However, third-party websites may send personal data to servers outside the European Union (third countries) after clicking on external links (such as social media).

Data will only be transferred if you have consented to its use or if we expressly state another legal basis in this privacy policy in certain cases. The basis for the transfer of data to third countries is either an adequacy decision of the EU Commission pursuant to Art. 45 para. 3 GDPR, standard data protection clauses and on the basis of Art. 49 para. 1 lit. b GDPR. These bases ensure adequate protection of your personal data within the meaning of the GDPR.

 

You can change the settings for the use of cookies and external media, in particular within the website, at any time by clicking on the "Change cookie settings" button at the beginning of this privacy policy. Further information on cookies and external media can be found in Article 7 of this privacy policy.

 

All personal data of customers, interested parties and applicants are processed by i&k software exclusively within the European Union, unless otherwise stated.

 

13. Storage period / Deletion of personal data

In principle, i&k software will only store your personal data within the meaning of Art. 17 para. 1 lit. a or process it in any other way for as long as is necessary for the purposes for which the personal data was collected. Subsequently, i&k software will delete the data of the data subjects immediately. However, in certain cases, i&k software may be legally obliged to store certain data for a longer period of time. 

 

The cookies used by the controller will be deleted from the hard drive or your device/storage location at the latest upon expiry of the validity period specified in Art. 7 lit. a of this data protection declaration (cookies) after storage on the device memory or, in the case of an update, at the latest after expiry of the specified validity period after an update.

 

14 How secure is my data? - Data security

The i&k software website is hosted exclusively on servers located in certified high-security data centres within Germany. In addition, i&k software takes appropriate technical and organisational measures to protect your personal data from any unauthorised access.

 

SSL-encrypted data transmission

When data is transmitted via the website server(s), all data is encrypted using the HTTP/2 SSL/TSL transmission protocol. This means that all data transmitted via the contact form or application form in particular is SSL/TSL encrypted. In addition, we regularly review our security policies and procedures to ensure the highest level of security for our systems and thus for personal data.

Despite all security measures taken to protect personal data, it is not possible to guarantee 100% security of data transmitted via our website when transmitting data over the Internet. If we become aware in any way that personal data may have been lost or stolen via our website, we will inform the data subjects immediately upon becoming aware of this in accordance with Art. 34 GDPR.

 

15. Rights of data subjects

For i&k software, the rights of data subjects (in particular users, interested parties, customers, applicants and suppliers) to their personal data are extremely important.

 

In particular, you have the following rights vis-à-vis i&k software:

  1. Right of access to processed personal data in accordance with Art. 15 GDPR:

Data subjects have a right to a copy of the processed data (if actually processed) as well as further information about its use. This is intended to enable users to determine whether i&k software processes their own personal data and whether this processing complies with applicable data protection law. The controller may refuse to disclose information in certain cases. This is justified in particular if the rights and freedoms of other persons are impaired or the provision of information would involve a disproportionate effort.

  1. Right to rectification of the personal data stored about the data subject in accordance with Art. 16 GDPR:

You can request i&k software to take appropriate measures to correct your personal data. Examples include a change of name, a new address or a new e-mail address.

  1. Right to erasure ("right to be forgotten" Art. 17 (1) GDPR):

As a data subject, you generally have the right to request the erasure of your personal data. This right exists in particular if the data is no longer necessary for the purpose for which it was collected by i&k software or if the processing is unauthorised. However, the right to erasure of personal data for the duration of statutory retention periods and in particular for the defence and enforcement of legal claims does not exist or only exists to a limited extent.

  1. Right to restriction of processing Art 18 GDPR:

Data subjects have the right to restrict the further processing of their personal data. This means that the data may only be stored and further processing is generally excluded. You can request the restriction of your data if we are reviewing a request for rectification of your data or as a weakened alternative to erasure.

  1. Right to data portability pursuant to Art. 20 GDPR

Within the scope of Art. 20 GDPR, you are entitled to receive your data from i&k software in a corresponding machine-readable format or to request the transfer to a third party.

  1. Right to object Art. 21 GDPR

Data subjects have the right to object to the processing of personal data pursuant to Art. 6 para. 1 lit. e or f GDPR. This objection arises from your particular situation and is possible at any time. In this case, i&k software may only continue to process your personal data if the company can demonstrate compelling legitimate interests for the processing and there are no overriding interests, rights and freedoms to the contrary, or if it requires the data for the establishment, exercise or defence of legal claims.

  1. Revocation of consent

Data subjects have the right to withdraw their consent (such as the sending of advertising information) at any time.

 

If you have any questions or other concerns relating to data protection at i&k software, please contact us at the e-mail address datenschutz[at]iuk-software.de.

 

16. Complaint to the supervisory authority

Data subjects have the right to complain to the competent data protection supervisory authority about legal violations in the processing of personal data by the controller.

 

17. Other

i&k software reserves the right to amend this privacy policy if necessary. The updated privacy policy will be published on this website in its current version. Subject to applicable law, any changes will take effect as soon as the updated privacy policy is published on the i&k software website.

 

 

Status: 20.07.2023