Data Privacy

The following privacy policy applies to the use of the website www.pyliot.com (hereinafter "website"). We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you the above-mentioned portal. This statement describes how and for what purpose your data is collected and used and what choices you have in connection with personal data. By using this website, you consent to the collection, use and transfer of your data in accordance with this privacy policy.


1. Responsible party
The controller for the collection, processing and use of your personal data within the meaning of the GDPR is

pyliot
c/o iDTRONIC GmbH
Sedanstraße 31b
81667 München

Phone: +49 176 43668402
E-mail: info@pyliot.com

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions as a whole or for individual measures, you can address your objection to the above-mentioned responsible body.You can save and print out this privacy policy at any time.


2. General use of the website
2.1 Access data
We collect information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us and register data about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). The access data includes the name and URL of the retrieved file, date and time of retrieval, amount of data transferred, notification of successful retrieval (HTTP response code), browser type and version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting provider.We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content and analyze traffic, troubleshoot and fix errors, and improve our services. We reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use one of our offers. After canceling the order process or after receipt of payment, we delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).

2.2 Cookies
Data protection setting
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (PC, laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.
On the one hand, the use of cookies serves to make the use of our website more convenient for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
These cookies enable us to automatically recognize that you have already visited our website when you visit it again. These cookies are automatically deleted after a defined period of time. The data processed by cookies is required for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are
cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.Some cookies are technically necessary, as they enable the use of our website and thus make it usable. Other cookies are not absolutely necessary, but improve certain functions or support you on your next visit to our website by saving web browser settings when you return to a website that you have already visited several times or by generating analyses of your surfing behavior to help us design needs-based advertising for our products or the products of other providers (so-called performance/analysis cookies).The cookies we use can be divided into the following different categoriesNecessary cookies,
Performance/analyze cookies

We use cookies from third-party providers, in particular from our server host "webflow" and "Google".You can find more detailed information on this in our cookie settings on our website under "Show details".

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device for longer and enable page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage period in the cookie settings overview of your web browser.If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of consent given or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit. You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Please note that if you do not accept cookies, the functionality of our website may be restricted.

2.3 Use of LinkedIn
Plugins of the social network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn") are integrated on this website. You can recognize the LinkedIn plugins by the LinkedIn logo or the "Recommend" button on our site. When you visit our website, a direct connection is established between your browser and the LinkedIn server via the plugin. LinkedIn receives the information that you have visited our site with your IP address. If you click on the LinkedIn "Recommend button" while you are logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This allows LinkedIn to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. Details on data collection (purpose, scope, further processing, use) as well as your rights and settings options can be found in LinkedIn's privacy policy. You can find this information at LinkedIn privacy policy




2.4 Use of Bing Universal Event Tracking (UET)
Data is collected and stored on our website using Bing Ads technologies, from which usage profiles are created using pseudonyms. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website if they have reached our website via ads from Bing Ads. If you reach our website via such an ad, a cookie is placed on your computer. A Bing UET tag is integrated on our website. This is a code that is used in conjunction with the cookie to store some non-personal data about the use of the website. This includes, among other things, the time spent on the website, which areas of the website were accessed and which ad the user used to access the website. Information about your identity is not recorded.The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website under certain circumstances. In addition, Microsoft may be able to track your usage behavior across several of your electronic devices through so-called cross-device tracking and is therefore able to display personalized advertising on or in Microsoft websites and apps. You can deactivate this behavior at http://choice.microsoft.com/de-de/opt-out.

You can find more information about Bing's analytics services on the Bing Ads website ( Link ). You can find more information on data protection at Microsoft and Bing in Microsoft's privacy policy

2.5 Collection of data when contacting us
You have the option of contacting us or our service providers by post, telephone or e-mail or via the forms provided on our website. This includes the following information in particularFirst name, surname,
e-mail address, Subject or product or industry or
Content of the conversation or contact request,
company, message.

When the online contact form is sent, mandatory information is collected (first and last name, e-mail address, subject and message). The following data is also stored:Your IP address, date and time of sending.

In addition, you can add further data as voluntary information (e.g. telephone number).The purpose of processing the personal data within the scope of the mandatory information and the voluntary information is to process the contact request and to be able to contact you for the purpose of your request. The other personal data processed during the sending process (IP address, date and time of sending) serve to prevent misuse of our contact form.The legal basis for the processing of the personal data you provide when using our contact form is Art. 6 para. 1 lit. b (contract initiation, contract conclusion) GDPR and our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in preventing or being able to prove misuse of our contact form.Right to object: You have the right to object to data processing in accordance with Art. 6 para. 1 lit. f GDPR. You can send or inform us of your objection at any time (e.g. by email to info@pyliot.com).The personal data collected in the course of your contact request will only be stored for as long as is necessary to process your request. In all other cases, we will delete your personal data, provided the deletion does not conflict with any statutory retention/storage obligations.

2.6 Legal bases and storage duration
The legal basis for data processing in accordance with the above paragraphs is Article 6(1)(f) GDPR. Our interests in data processing are, in particular, to ensure the operation and security of the website, to investigate how visitors use the website and to simplify the use of the website.

Unless specifically stated, we only store personal data for as long as is necessary to fulfill the purposes pursued.

2.7 Webflow
We use Webflow, a website construction kit system, for our website. The service provider is the American company Webflow, Inc. 398 11th St., Floor 2, San Francisco, CA94103, USA.Webflow uses so-called standard contractual clauses as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer to these countries (= Art. 46. para. 2 and 3 GDPR). Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Webflow undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the lex.europa.eu/eli/dec impl/2021/914/oj?locale=en.The Webflow CDN makes duplicates of website data available on various Webflow servers distributed around the world. This results in faster website loading times, greater reliability, protection against brute force attacks and increased protection against data loss. Most of the elements and the source code of this website are retrieved from the Webflow CDN when the page is called up. Through this retrieval, your IP address is transmitted anonymously to Webflow servers in other EU countries and stored there for 24 hours. This anonymized storage for 24 hours serves to protect against brute force attacks. There is no tracking or other further processing of this data. The Webflow CDN is used in the interests of greater website reliability, increased protection against data loss, protection against brute force attacks and improved loading speed of this website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Webflow Inc., based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. You can find Webflow's current privacy policy at Link

2.8 Cloudflare
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of [globally] distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by Cloudflare. Please refer to the explanations under "Hosting".Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves.You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described.Further information on objection and removal options vis-à-vis Cloudflare can be found at Cloudflare DPACloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: Link

2.9 Weglot
Functions of the Weglot translation service are integrated on this website. The provider is Weglot SAS, 138, rue Pierre Joigneaux in Bois-Colombes 92270 France. Weglot is loaded when you access the website so that you can change the language to a language other than German using the language icon in the header of the website. This allows a direct connection to be established between your browser and the Weglot server when you visit this website. Weglot then receives the information that you have visited this website with your IP address. The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. A corresponding consent is requested via the cookie and data protection settings of the website. The processing is then carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time via the data protection settings at the bottom of each subpage. Further information on this can be found in Weglot's privacy policy

2.10 Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Inc ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: Link.
The lawfulness of the processing results for the collection of statistics from Art. 6 para. 1 sentence 1 lit. f) GDPR.
The anonymization function of Google Analytics is used.
An order processing contract has been concluded with Google Inc.


3. Your rights as a data subject affected by data processing
Under the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by e-mail or by post, clearly identifying yourself, to the address given in section 1.Below you will find an overview of your rights.

3.1 Right to confirmation and information
You have the right to obtain confirmation from us at any time as to whether personal data concerning you is being processed. If this is the case, you have the right to obtain information from us free of charge about the personal data stored about you, together with a copy of this data. You also have the right to the following information

- the purposes of processing;
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
- the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the controller or a right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
if the personal data is not collected from you, all available information about the origin of the data
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

If personal data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.

3.2 Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the , you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

3.3 Right to erasure ("right to be forgotten")
You have the right to obtain from us the erasure of personal data concerning you without undue delay and we are obliged to erase personal data without undue delay where one of the following grounds applies:

- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing.
- You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
- The personal data was processed unlawfully.
- The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which we are subject.
- The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

If we have made the personal data public and we are obliged to delete it in accordance with Art. 17 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you have requested them to delete all links to this personal data or copies or replications of this personal data.

3.4 Right to restriction of processing
You have the right to obtain from us restriction of processing where one of the following applies:

- the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data,
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use
- instead we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims
- or you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of our company override yours.

3.5 Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, where

- the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
- the processing is carried out by automated means.

In exercising your right to data portability pursuant to paragraph 1, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

3.6 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.You have the right to object, on grounds relating to your particular situation, to processing of personal data concerning you for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

3.7 Automated decisions including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

3.8 Right to withdraw consent under data protection law
You have the right to withdraw your consent to the processing of personal data at any time.

3.9 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you is unlawful.


4. Data security
We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.Your personal data is transmitted to us in encrypted form. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.To protect your data, we maintain technical and organizational security measures that we continually adapt to the state of the art.Furthermore, we cannot guarantee that our service will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are carefully backed up on a regular basis.


5. Automated decision-making
Automated decision-making based on the personal data collected does not take place.


6. Disclosure of data to third parties, no data transfer to non-EU countries
In principle, we only use your personal data within our company.If and insofar as we involve third parties in the fulfillment of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the corresponding service.In the event that we outsource certain parts of data processing ("order processing"), we contractually oblige order processors to use personal data only in accordance with the requirements of data protection laws and to guarantee the protection of the rights of the data subject.There is no data transfer to bodies or persons outside the EU outside the cases mentioned in this declaration in point 2.2 and there are no plans to do so.


7. Data protection officer
If you have any questions or concerns about data protection, please contact our data protection officer: Christian Geis
E-mail: beratung@carsten-geis.de