Leinhäuser Language Services GmbH, Inselkammerstraße 8, 82008 Unterhaching, Germany, collects and processes your personal data in accordance with statutory data protection regulations and this Privacy Policy. The following paragraphs provide you with information on the nature, scope and purpose of data collection and our use of personal data.

Server log files

When you access our website, data is transmitted automatically from your browser to our web server and saved in so-called server log files for technical reasons.  This data includes, in particular, the date and time of access, the accessed URL of the web page you were referred from, the requested file, the volume of data transferred, the type of browser used and its version, the operating system, and the IP address.

This data is stored separately from the other data you actively transmit.  Data is processed solely for the purpose of technical monitoring, security, and statistical analysis. No person-related analysis is carried out, and the data is not combined with other data.

Contract data

If a contractual relationship between you and us is to be established, expanded or modified, we process your personal data insofar as it is necessary to fulfill these contractual purposes. Data is only passed on to third parties or processed outside the European Economic Area (EEA) in compliance with the applicable data protection regulations.

Usage data

We process personal usage data to enable you to use our online offer and, if applicable, so that we can charge for fee-based services. The data includes information to identify the user, and when usage began and ended and its scope.

User profiles may be created using pseudonyms for the purposes of advertising, market research, and to tailor our online offer to demand.  You have the right to object to this processing.

Disclosure of data

In the case of a statutory obligation or an official order, personal data may be transmitted in individual cases to authorized bodies if this is necessary to prosecute criminal offenses, repel threats, or enforce legal claims.

Security of processing

We have implemented appropriate technical and organizational measures to protect personal data.  They are reviewed regularly and adapted to comply with the state of the art.

Contact form and communication

When you contact us using our contact form or by e-mail, we process the information you send so that we can handle your request or inquiry.  The information is transmitted using SSL or TLS encryption.

Microsoft Bookings booking tool

We use Microsoft Bookings, a service of the Microsoft Corporation, as part of our Microsoft 365 (Premium) licenses, to arrange appointments.

Use of the booking tool involves processing personal data required to organize and carry out appointments. That includes in particular name, email address, possibly telephone number, appointment details, and additional information provided voluntarily as part of the booking.

Data is processed for the purpose of appointment management, communication in connection with the booked appointment, and efficient organization of our services.

The legal basis for the processing is Article 6 (1) lit. b GDPR (to take steps prior to entering into a contract or for the performance of a contract) and Article 6 (1) lit. f GDPR (legitimate interest in efficient appointment organization).

Microsoft Bookings is operated at data centers within the European Union and – depending on the configuration – also outside the EU. In these cases, Microsoft ensures an adequate level of data protection particularly through data processing agreements pursuant to Article 28 GDPR and EU Standard Contractual Clauses.

You can find additional information on data processing by Microsoft at
https://www.microsoft.com/en-us/privacy/privacystatement

Cookies

We use cookies to improve the functionality of our website and to make using it more convenient. Cookies can store information on your computer when you visit our website. You can set your browser to prevent cookies from being stored on the device you use to access our site. However, this could limit the functionality of our website.

Most of the cookies we use are technical cookies, which are also known as session cookies and which are automatically deleted when you leave our website. Other cookies are stored on your device until you delete them yourself. Cookies enable us to recognize your browser when you visit our website again.

Deletion of your Leinhäuser cookies, withdrawal of consent

In the event that you would like to withdraw or amend your consent to data processing on our website, please simply delete the cookies belonging to our website in your browser.
You can find out how to do this for your respective browser by searching the Internet. Simply enter your browser name (e.g. Firefox, Chrome or Edge) along with “delete cookies” as the search term.
You will find suitable instructions in the search results. After you have deleted the Leinhäuser cookies, the settings dialogue for data privacy will appear when you visit our website again.

Reset your cookie settings here…
 

Privacy policy for the use of Google Analytics

This website uses the function of the Google Analytics web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies, which are text files that are stored on your computer and make it possible to analyze the way you use the website. The information generated by the cookie about your use of this website is usually transferred to and stored on a server operated by Google in the USA.

However, within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area, your IP address will be truncated by Google beforehand if IP anonymization is activated on this website. Only in exceptional cases is the complete IP address sent to a Google server in the USA and truncated there . Google uses this information to evaluate your use of the website on behalf of the operator of this website. Additionally, reports on website activity are compiled and other services associated with the use of the website and the Internet are provided to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

You can prevent the storage of cookies by activating the corresponding setting in your browser software. However, in that case you may not be able to use all the functions of this website in full. Data relating to your use of the website is generated by the cookie (including your IP address), recorded, and sent to Google, where it is processed. You can prevent this by downloading and installing the browser plug-in available at: http://tools.google.com/dlpage/gaoptout?hl=en
Please click here to opt out of Google Analytics.

Google Maps

We use Google Maps on our website for a graphic presentation of where we are located and to provide directions on how to reach us. This map service is provided by Google Inc.

It is therefore possible that, when you visit our website, information about the use of the website, including your IP address, is sent to Google in the United States. Because your browser creates a direct connection with the Google servers, we have no influence on the scope of data that is collected by Google in this manner.

You can find the terms and conditions for Google Maps at the following link: https://www.google.com/intl/en_en/help/terms_maps.html

Links to social media

Social media are websites that allow users to interact and create media content individually or in a group. In the process, personal data is usually published, collected and processed by users themselves or the service provider.

Our website contains links to social media such as LinkedIn in the form of small buttons with logos. When you click on such a button, you are taken to the website of the provider in question. As soon as you open such a website, user information may be transferred to the provider.

Please refer to the providers’ privacy policies for details of how your personal data is handled when you use these websites.

Important note on commissioned data processing (Article 28 GDPR)

If external service providers are used to process personal data (in particular wxrks, Microsoft, OpenAI and DeepL), this is governed by concluded data processing agreements (DPO) pursuant to Article 28 GDPR. The service providers shall process personal data only according to documented instructions and observing appropriate technical and organizational measures.

Note on third country transfers

Individual deployed services are operated at data centers outside the European Union (such as the United States). In these cases, we ensure through EU Standard Contractual Clauses and supplementary protective measures that a level of data protection comparable to GDPR is observed.

Processing: Operating the Translation Management System (TMS) wxrks

Purpose of the processing

  • Manage, organize, and carry out translation and language services projects
  • Project, workflow, and quality management
  • User, role, and rights management

Categories of data subjects

  • Employees of Leinhäuser Language Services
  • External translators and vendors
  • Customer contacts

Categories of data processed

  • Master data (name, Email address, company affiliation)
  • User and authentication data
  • Project and meta data
  • Content data (uploaded texts and documents)

Legal framework

  • Article 6 (1) lit. b GDPR (performance of a contract)
  • Article 6 (1) lit. f GDPR (efficient and secure project execution)

Recipients/processors

  • Bureau Translations, Inc. DBA wxrks (Article 28 GDPR)
  • Hosting via Amazon Web Services (AWS)

Third country transfer

  • United States (AWSRegion useast1)
  • Safeguard through EU Standard Contractual Clauses

Storage period

  • Up to 12 months after account termination

Processing: Use of machine translation (MT) and AI functions via wxrks

Purpose of the processing

  • Boost efficiency in the translation process
  • Linguistic preprocessing, quality assurance, and support for human translators

Categories of data subjects

  • End customers of the customer (if texts contain personal data)
  • Customer contacts

Categories of data processed

  • Content data (texts, segments, documents)
  • Meta data for processing

Legal framework

  • Article 6 (1) lit. b GDPR (contractual service provision)
  • Article 6 (1) lit. f GDPR (legitimate interest in efficient service provision)
  • Article 6 (1) lit. a GDPR (consent, where required)

Recipients/subprocessors

  • Microsoft (Azure Machine Translation, Azure OpenAI)
  • OpenAI (for activated LLM functions)
  • Own connected providers (BYOP), where configured

Special note

  • The transfer is made solely when the respective function is in active use
  • According to the information available, no further use of the data is made for training purposes

Processing: Communication, support, and system administration in conjunction with wxrks

Purpose of the processing

  • User and customer communication
  • Technical support
  • System and contract administration

Categories of data subjects

  • Employees
  • External users (translators, project partners)

Categories of data processed

  • Contact and communication data
  • Support and ticket content

Legal framework

  • Article 6 (1) lit.  f GDPR (proper system operation)

Recipients/subproviders

  • Zendesk (support)

Processing: Use of DeepL

Purpose of the processing

Machine translation of individual content as a supporting component in the translation process. Data processing agreements pursuant to Article 28 GDPR were concluded with the respective providers used (in particular wxrks, Microsoft, OpenAI and DeepL).

Description of the processing

DeepL is used as an external service for machine translation, to translate texts automatically and support the translation process. It is used to supplement human translation services.

Categories of data subjects

  • End customers of the customer (if texts contain personal data)
  • Customer contacts

Categories of data processed

  • Content data (texts, documents, text segments)
  • Language and context data required for the translation

Legal framework

  • Article 6 (1) lit. b GDPR (contractual performance)
  • Article 6 (1) lit. f GDPR (legitimate interest in efficient translation support)

Recipients/service providers

  • DeepL SE

Data protection information

  • Use is governed by contractual agreements
  • According to the information available, no further use of the entered content is made by DeepL for own training purposes or is contractually excluded

Processing: Use of other AIpowered applications (such as GatewayAI)

Purpose of the processing

  • Support for internal work processes
  • Analysis and assistance functions

Categories of data processed

  • Usage and input data
  • Content dependent on the respective use case

Data protection classification

  • Use independent of the specific tool
  • A data protection assessment is carried prior to use

Special notes on AI use

  • AI functions are – where technically possible – optional and can be deactivated
  • It is advisable not to enter any special categories of personal data (Article 9 GDPR) or trade secrets
  • Employees are given training on GDPR and EU AI Act compliant use

Rights of the data subject

Data subjects have in particular the right to:

  • Access (Article 15 GDPR)
  • Rectification (Article 16 GDPR)
  • Erasure (Article 17 GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data portability (Article 20 GDPR)
  • Object (Article 21 GDPR)

As a data subject, you have the right to demand access to and information on the data we have stored about you and its origins. The information can also be provided electronically upon request.

You also have the right to demand that we correct, delete or block the data we have stored about you.

If data subjects have given their consent to, for example, the receipt of newsletters or permanent storage of their personal data, they can revoke it at any time.

A failure to observe the rights of data subjects constitutes a breach of data protection regulations and is punishable by the supervisory authority.

Data subjects have the right to complain to the responsible supervisory authority.

Deletion of data

We delete data when it is no longer required for the purpose for which it was stored and do so in compliance with the deadlines for deleting it and the rights of data subjects, unless we have legitimate interests in retaining it longer or are required to retain it by other statutory regulations.

Requests relating to data protection

Please contact our Data Protection Officer at f.muens@immerce-consulting.de about any aspect of data protection f.muens@immerce-consulting.de.

Contact information of the Data Protection Officer

Immerce Consulting GmbH, Mr. Frank Müns

Kemptener Straße 9, 87509 Immenstadt, Germany | Phone +49 8323 209 99 40 | www.immerce-consulting.de

Responsible data protection supervisory authority

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian Data Protection Authority)
Promenade 27, 91522 Ansbach, Germany | Phone: +49 981 531300| http://www.lda.bayern.de