PRIVACY NOTICE AND Legal Information  

1. Collection of personal data when using the website for information purposes

(1) When using the website for information purposes only, meaning when you do not register to use our website or transmit any information otherwise, we do not collect personal data except for the data which your browser will transmit to facilitate your visit of the website. These are:

• IP address
• date and time of enquiry
• time-zone difference to Greenwich Mean Time (GMT)
• content of request (specific page)
• access status/http status code
• data volume transferred each time
• website from which the request was made
• browser
• operating system and interface
• language and version of browser software

(2) Also, when using the website, cookies are saved on your computer. Cookies are small text files allocated on your hard drive to the browser that you use which forward specific information to the site that places the cookies (in this case, Layer 2). A cookie will typically contain the name of the domain from which the cookie has come, the "lifetime" of the cookie, and a value, usually a randomly generated unique number. Cookies cannot execute programs or deliver viruses to your computer. They serve the purpose of making the Internet offer a more user-friendly and efficient experience overall.


This website uses cookies to the following extent:

- Transient cookies (temporary use) are deleted automatically when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests by your browser can be assigned to the shared session. As a result, your computer can be recognized when you return to the website. Session cookies are deleted when you log out or close your browser.

- Persistent cookies (use for a limited time) are automatically deleted after a predetermined time, which can vary depending on the cookie. You can delete these cookies any time in the security settings of your browser.

- Cookies in connection with third-party services, as described below.

- Flash cookies used are not recorded by your browser, but by your Flash plugin. These cookies store the necessary data regardless of the browser you are using and have no automatic expiration date. If you do not wish Flash cookies to be processed, you must install an appropriate add-on.

- Web beacons are electronic signs (also called "Clear GIFs" or "Web Bugs") that allow us to count the number of users who have visited the website.

You can configure your browser settings as you wish and, e.g., refuse the acceptance of third-party or all cookies. Information on the management and deletion of cookies as well as corresponding instructions for common browsers are also available at www.meine-cookies.org. Please note, however, that you then may not be able to use all the functions of this website.


(3) This information is stored separately from any other data possibly provided to us. The data of the cookies are not linked to your other data.

2. Collection of personal data during the personalized use of this Website

(1) Next to the use of our website for information purposes only, we offer different services and products that you may use. To benefit from this offer, you must provide additional personal information which we use to render the individual service. Wherever it is possible to provide additional voluntary information, this is marked accordingly. We only collect, process and use such personal data of yours which are necessary for you to register and use this platform or which you yourself provide on the platform. These data consist of the following inventory data and usage data which are necessary for you to enter into an agreement for use of the platform, and for us to provide the platform to you in accordance with such agreement:

• name of company
• name (comprising salutation, title, first name, surname and gender)
• address
• telephone number
• fax number
• email address
• user’s registration and login data
• user’s bank details
• value added tax identification number (optional)

3. Erasure dates

Unless otherwise is stated in this Data Privacy Policy, we will only store your data for as long as is necessary for the purposes for which they were collected or processed, unless longer storage periods are required by law. Your personal data will therefore be deleted after your request has been processed unless otherwise has been agreed or required by law.

Inventory data is deleted two years after the termination of the contractual relationship at the end of the calendar year, unless it needs to be stored for a longer period and this is permitted by law.

4. Statistical anonymized analysis of user data

We are entitled, for the purpose of promotion, market research or tailoring the website to meet your requirements, to create a user profiles using an alias, unless you object. In particular, we analyze the user data for statistical purposes anonymously, to tailor the platform to suit the individual user’s needs. You may object to such use of your personal data by notifying us accordingly.

5. Use of Google Analytics

(1) This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how you as a user, use the site. The information generated by the cookie about your use of this website will usually be transmitted to, and stored by, Google on servers in the United States. If IP anonymization has been activated on this website, Google will truncate your IP address in Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and truncated there. On behalf of this website operator, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage for the website operator.


(2) Google will not associate your IP address with any other data held by Google within the context of Google Analytics.


(3) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.


(4) To opt out of data collected by cookies and the use of website-related data (including your IP address) to Google as well as the processing of data by Google, download and install the add-on for your current browser plug-in available at the following link:


sales@layer2.pro or by using the address mentioned in the imprint.

22. Ongoing privacy policy

From time to time it may be necessary to adjust the content of this privacy statement. We therefore reserve the right to change this statement any time. We will transmit the amended version of this privacy statement by email to registered users prior to such statement coming into effect and will publish the amended version precisely where this privacy statement was previously published.

Privacy policy and data protection for Layer2 Smoove

We value your privacy at Layer2. We comply with the European Union's Global Data Protection Regulation (GDPR). All data will only be processed as documented here and not stored, processed or analyzed for purposes beyond that.

Personally identifiable information

The person which registers for a Layer2 Smoove account maintains ownership of the provided personally identifiable information and is eligible to retrieve it or demand deletion at any time, by contacting us at sales@layer2.pro. Access to the data is restricted to Layer2 employees who work on maintaining, supporting or administrating Layer2 Smoove. All Layer2 personnel with access to personally identifiable information is trained in privacy protection and has signed a confidentiality agreement. We are advised by a data protection supervisor. Processing of the data is performed at European Microsoft Data Centers and at the Layer2 GmbH site in Hamburg, Germany. We commit to report data breaches to the supervisory authority and affected customers, who will be contacted using the email address of their account.

The following personally identifiable information will be stored as long as you have a Layer2 Smoove account:

• Email address
• Surname
• Given name
• Phone number
• Company
• Country

Hosting and Physical Security

To keep your data secure and private, we store all data encrypted using 256-bit AES. We host Layer2 Smoove in the Microsoft Azure cloud, in data centers located in Europe. Microsoft strives to provide the best security and protection in their cloud offerings. The Azure platform provides a lot modern industry standard security measures by default. Microsoft Azure Cloud servers run in secure data centers, and access to them is restricted to authorized personnel only. Microsoft Azure Cloud implements the best security practices and complies with a wide set of national, regional, and industry-specific requirements and security standards. Including, but not limited to SOC 2, ISO 27001.

Network Security

Access to the Layer2 Smoove system is restricted to the Hypertext Transfer Protocol Secure (HTTPS), so the all data transmissions are encrypted by TLS end-to-end encryption with strong encryption keys of 128 bits or more. All interactions between our web-interface and backend Application Programming Interfaces (APIs) are also HTTPS-protected.

Authentication

We allow signing in by creating an account with username and password. Passwords are not stored on Layer2 servers, only the a secure hash is stored.

Third party systems

For authentication on third party systems, we use the secure industry standard Open Authentication 2.0 protocol (OAuth 2.0). This ensures that you do not have to provide any of your third party system credentials to Layer2 Smoove. Access to the third party system is therefore restricted to what you have consented to and is revokable at any time.
By connecting systems from third parties and thus transferring data from and to them, you agree that these are out of the scope of this privacy policy. Layer2 GmbH denies any responsibility for the security of data which is stored in those third party systems.

In order to provide access to Layer2 Smoove, we may collect the following types of information:

Cookies

While you use Layer2 Smoove, we may send a small file to your browser to identify it. This is called a "cookie". We use this identification to improve the quality of our service. We do not link this information with any of your account data, so that it remains anonymous.

Log information

During your interaction with Layer2 Smoove, we collect information about web requests, which includes the time, Internet Protocol adress, browser type and parts of the data wich is transferred. These logs are used to identify and fix failures and provide support. They are stored for maximum period of 30 days and they will be deleted completety afterwards. 

User communications

Emails that you send to us are stored to provide support and enable us to process your inquiries.