The data protection supervisory authority for Unite is:
Das Bayerische Landesamt für Datenschutzaufsicht (BayLDA)
91522 Ansbach (Germany)
1 Data processing when using our websites
Unite operates the B2B platform Unite. When you visit our websites, various information such as your IP address is automatically sent to our server and temporarily stored. The legal basis for this is point (f) of Article 6(1) GDPR. Our legitimate interest arises from the following purposes:
Optimising the connection
Ensuring and optimising the user-friendliness and handling of the website
Ensuring system security and stability
Hazard prevention and criminal prosecution in the event of a cyberattack
More information about data processing on our website is contained in the document ‘Cookies, web analytics and social media (https://unite.eu/de-de/cookies). On the footer of each of our websites, you will find the cookie settings.
2 Accessing Unite
3 Client management
Users can set up users and companies. They are responsible for managing and organising their users and companies, and can access the information given and generated about them. The account holder can do the following:
Make settings affecting users
Allow users to access the account or cancel this access
Access and save account data
4 Unite Store
Information about an app (such as a BusinessShop or WebShop), such as the provider’s contact details, is publicly viewable in the Unite Store. Furthermore, when networking, the contracting parties have access to various contact data.
5 Data processing when orders are placed
Whenever an order is placed, data is processed to enable all the processes required to be carried out. The legal basis for this is provided by points (b) and (f) of Article 6(1) GDPR. The data required is shown in the input template which you fill in when placing an order.
The following data is processed to execute the purchase contract: Your email address is used to communicate with you electronically about your order and its processing in accordance with point (c) of Article 6(1) GDPR.
The partner company takes orders and forwards them to Unite. Unite then forwards each order to the respective provider.
Invoicing and payment processing
If invoicing and payment processing (payment acceptance and forwarding) is carried out via Unite Financial Services EU GmbH (for business within the EU and UK) or Unite Financial Services Schweiz GmbH (for Switzerland), Unite will forward the necessary data to them for this purpose. Unite Financial Services EU GmbH in turn will appoint a payment service provider (Mangopay, 2 Avenue Amélie, 1125 Luxembourg, Luxembourg; https://www.mangopay.com/en_UK/privacy/, https://unite.eu/en_GB/howTo/letterhead) and forward the payment data to it.
Assessment of business customers, credit analysis, fraud prevention
Verification of business customers
If the customer orders via our platform from a supplier via trading model (Spot Market) or commissionaire model, the supplier can use an affiliated company of us to check the customer´s creditworthiness to assess the risk of non-payment or insolvency. This is based on the legitimate interest pursuant to point (f) of Article 6(1) GDPR. For credit assessment, we will transmit the data required (the first and last name of the managing director, the name and address of the company) to a renowned credit bureau.
Order information can be used to check atypical order transactions. We have a legitimate interest in carrying out such checks for fraud prevention pursuant to point (f) of Article 6(1) GDPR.
6 Additional data processing
Furthermore, we collect and record the data which you explicitly provide us with, for example by email, on the telephone, or in any other way, such as online chat (Intercom) or a feedback form. You will be informed of the type of data which we need to collect before the respective process is carried out if this is not apparent from the process itself. In addition, data such as your IP address as well as the date and time may also be collected. If third-party communication software is used, the third-party providers may process usage data and metadata for security, service optimisation or marketing purposes. Therefore, please note the privacy policies of the respective third-party providers.
Furthermore, usage data which you create when using the network (e.g. during search operations) is collected. Usage data may include personal or corporate data or enable such data to be deduced. Usage data is stored automatically in server log files, and is employed to make the usage of the network’s features more attractive as well as to ensure and improve their efficiency. This constitutes a legitimate interest for us as provided for by point (f) of Article 6(1) GDPR.
7 Data processing for advertising purposes and newsletters
Data processing for advertising purposes constitutes a legitimate interest for Unite under point (f) of Article 6(1) GDPR. If you are registered, we are entitled to process your contact data and to advise you of products and services as well as relevant news or invitations to surveys regardless of whether you have subscribed to our newsletter.
You are entitled to opt-out of the processing of your data for advertising purposes with future effect at any time free of charge, either as a whole or for the respective communication channel. Following opt-out, the contact address concerned will be excluded from any further data processing for advertising purposes. You may opt out by using the unsubscribe link (at the end of advertising emails) or in writing (email or post) using the contact details provided.
Unite is not responsible for promotional communication among Unite users. Furthermore, we will send you regular newsletters by email after prior registration (with your consent as provided for in point (a) of Article 6(1) GDPR). The newsletters for example contain information about new and/or interesting products/items as well as information about Unite and its partners, webinars, competitions and events. This is a form of advertising for both Unite and third parties (providers and partners). Subscribing to the newsletter requires a double opt-in. This means that, after entering your email address, you will receive an email after registration asking you to confirm your subscription. This is the only way to prevent others from signing up with an email address that is not their own. Subscriptions to the email are logged. Consent to receive the newsletter can be revoked at any time. A link to cancel your subscription is included at the end of every email.
Tracking is used for both the newsletter and promotional emails to measure their success and thus to improve our newsletter. This enables us to assess the response to our emails. It is not our intention to analyse the usage behaviour of individuals.
For more information, especially on online marketing, please see the document ‘Cookies, web analytics and social media’
8 Sharing data with third parties
Unite sometimes uses third parties such as processors to process your data. Such third parties are selected very carefully. Your data is processed jointly with Unite or on behalf of Unite in particular by companies affiliated with Unite. If data is shared for administrative purposes, this is based on our legitimate business and commercial interests pursuant to point (f) of Article 6(1) GDPR.
9 Third party websites
Unite has no control over the current content or operation of third-party websites which can be accessed via the network. Unite bears no liability for the content of such websites or how they handle users’ personal data.
10 Recipients outside the EU
11 Deletion of personal data
Data which we store will be deleted when the corresponding authorisation lapses (in particular once the related purpose has been achieved), blocked from further use, and deleted when the retention periods legally required under tax and commercial law have expired, unless you have expressly consented to the further use of your data or contractually agreed otherwise.
12 Data security
We take necessary and appropriate technical and organisational measures to guarantee an appropriate level of protection. We take into account the state of technological knowledge, the cost of implementation, and the nature, scope, context and purposes of processing, as well as the risks of varying likelihood, and the extent of the risks to the rights and freedoms of data subjects. For your security, your data is encrypted using an SSL (Secure Sockets Layer) website certificate.
13 Rights of the data subject
Right of access: You are entitled to obtain information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your personal data has been or will be disclosed, the envisaged storage period, and the source of your personal data where it has not been collected from you directly.
Right to rectification: You are entitled to obtain the rectification of inaccurate personal data as well as the completion of correct data.
Right to erasure and restriction: You are entitled to obtain the erasure of your personal data or alternatively to obtain the restriction of processing in accordance with legal requirements.
Right to data portability: You are entitled to receive personal data which you have provided in a commonly used, machine-readable format, or to have it transmitted to another controller.
Right to lodge a complaint: Please contact the supervisory authority for your habitual residence or the supervisory authority responsible for us.
Right to opt-out: You are entitled to opt-out of all data processing described here that is carried out on the basis of point (f) of Article 6(1) GDPR. Unlike the data processing described in the section ‘Data processing for advertising purposes’, we are only required to accept your opt-out request if you demonstrate compelling legitimate grounds based on your particular circumstances.
To exercise your rights, please contact [email protected].
Last updated 09/2021