Terms & policies
Legal Notice (Impressum)
Information according to § 5 TMG :
Veyllo GmbH
Aroser Allee 66
13407 Berlin
Germany
Managing Director :
Mr. Mert Can Elsner
Contact :
Phone: +49
Fax: +49
Email: info@veyllo.io
VAT Identification Number :
According to § 27 a of the German Value Added Tax Act (UStG): VAT ID No. : DE 00 00 00 000
Registered in the commercial register of the local court Berlin-Charlottenburg
Welcome to Veyllo.io
By accessing our website, you agree to these Terms and Policies, so please read them carefully.
Terms of Use
1. Scope:
These Terms of Use govern access to and use of the Veyllo.io website. By accessing or using Veyllo.io, you agree to abide by these terms. If you do not agree with any part of the terms, you are not permitted access to the website.
2. Use License:
Subject to your compliance with these Terms of Use, Veyllo.io grants you a limited, non-exclusive, non-transferable, revocable license to use the website exclusively for your personal, non-commercial purposes.
3. Changes to the Website:
Veyllo.io reserves the right to make changes to the website or to the services offered at any time and without prior notice.
4. Limitation of Liability:
Veyllo.io and its suppliers will not be liable for any damages arising from the use or the inability to use the website, to the extent permitted by law.
5. Newsletter Subscription:
Users may voluntarily subscribe to our newsletter to receive updates and news about Veyllo.io. Subscribers have the right to cancel their subscription at any time by sending an email to info@veyllo.io requesting to unsubscribe.
6. Modifications to These Terms:
We may make changes to these terms. We amend these terms from time to time. Each time you wish to use our website, please check these terms to ensure you understand the conditions that apply at that time.
7. Modifications to Our Website:
We may update and change our website from time to time to reflect changes to our products, our users' needs, and our business priorities. In particular, the products and services advertised on our website may be withdrawn or altered at any time without notice.
8. Our Trademarks Are Registered:
"Veyllo" is a trademark of Veyllo GmbH. You are not permitted to use it without our approval.
9. Changes to the Terms of Use:
These Terms of Use may be updated from time to time. We will notify you of any material changes by posting the new version on our website.
10. Governing Law and Jurisdiction:
These Terms of Use are governed by the laws of the country where the company is registered and shall be construed accordingly. Disputes arising from these Terms of Use are subject to the exclusive jurisdiction of the courts of that country.
11. Limitation of Liability:
Veyllo.io will not be liable for any loss or damage arising from or in connection with the use of our website beyond the extent permitted by law.
12. Intellectual Property:
The website and its original content, features, and functionality are owned by Veyllo GmbH and are protected by international copyright, trademark, patent, trade secret, and other intellectual property or proprietary rights laws.
13. Contact:
If you have any questions regarding these Terms of Use, please contact us at info@veyllo.io.
Remember, it's essential to have this document reviewed by a legal professional to ensure compliance with applicable laws and accurate representation of your website's operations and policies.
Privacy Policy
Preamble
With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes, and to what extent. The privacy policy applies to all personal data processing activities carried out by us, both within the scope of providing our services and particularly on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").
The terms used are not gender-specific.
Last Updated: August 29, 2024
Table of Contents
-
Preamble
-
Data Controller
-
Overview of Processing Activities
-
Relevant Legal Bases
-
Security Measures
-
Transfer of Personal Data
-
International Data Transfers
-
General Information on Data Storage and Deletion
-
Rights of Data Subjects
-
Business Services
-
Provision of the Online Offer and Web Hosting
-
Use of Cookies
-
Registration, Login, and User Account
-
Community Features
-
Contact and Inquiry Management
-
Presence in Social Networks (Social Media)
-
Plug-ins and Embedded Functions and Content
Data Controller
Mert Can Elsner
Postfach 47 03 15
12312 Berlin
Email Address: legal@veyllo.io
Overview of Processing Activities
The following overview summarizes the types of data processed and the purposes for which they are processed, as well as the data subjects involved.
Types of Processed Data
-
Inventory data
-
Payment data
-
Contact data
-
Content data
-
Contract data
-
Usage data
-
Meta/communication and procedural data
-
Log data
Categories of Data Subjects
-
Service recipients and clients
-
Interested parties
-
Communication partners
-
Users
-
Business and contractual partners
-
Educational and course participants
Purposes of Processing
-
Provision of contractual services and fulfillment of contractual obligations
-
Communication
-
Security measures
-
Office and organizational procedures
-
Organizational and administrative procedures
-
Feedback
-
Provision of our online offer and user-friendliness
-
Information technology infrastructure
-
Public relations
-
Business processes and economic procedures
Relevant Legal Bases
The following provides an overview of the legal bases under the GDPR on which we process personal data. Please note that in addition to the GDPR regulations, national data protection provisions may apply in your or our country of residence. If other legal bases are applicable in individual cases, we will inform you accordingly in the privacy policy.
-
Consent (Art. 6(1) sentence 1(a) GDPR): The data subject has given consent to the processing of their personal data for one or more specific purposes.
-
Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
-
Legal obligation (Art. 6(1) sentence 1(c) GDPR): Processing is necessary for compliance with a legal obligation to which the controller is subject.
-
Legitimate interests (Art. 6(1) sentence 1(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
National Data Protection Regulations in Germany:
In addition to the data protection regulations of the GDPR, national data protection regulations in Germany apply. These include, in particular, the Federal Data Protection Act (BDSG), which contains specific provisions on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and the transfer and automated decision-making in individual cases including profiling. Furthermore, state data protection laws of individual federal states may apply.
Note on the Application of the GDPR and Swiss DPA:
These data protection notices serve both as information under the Swiss Data Protection Act (DPA) and under the General Data Protection Regulation (GDPR). Therefore, please note that due to the broader territorial scope and comprehensibility, the terms of the GDPR are used. Specifically, instead of the terms "processing" of "personal data", "overriding interest", and "special categories of personal data" used in the Swiss DPA, the terms "processing" of "personal data" as well as "legitimate interest" and "special categories of data" used in the GDPR are employed. However, the legal meaning of the terms remains determined by the Swiss DPA where applicable.
Security Measures
We take appropriate technical and organizational measures, in accordance with legal requirements, taking into account the state of the art, the implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.
These measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as the access, input, transmission, securing of availability, and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data, and responses to data breaches. Additionally, we consider the protection of personal data already during the development or selection of hardware, software, and procedures, according to the principle of data protection by design and by default.
Securing Online Connections Using TLS/SSL Encryption Technology (HTTPS):
To protect user data transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the internet. These technologies encrypt the information transmitted between the website or app and the user’s browser (or between two servers), thereby protecting the data from unauthorized access. TLS, as the advanced and more secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website is secured by an SSL/TLS certificate, this is indicated by the display of HTTPS in the URL. This serves as an indicator to users that their data is securely and encryptedly transmitted.
Transfer of Personal Data
In the course of our processing of personal data, it may happen that this data is transmitted to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. The recipients of this data may include service providers contracted with IT tasks or providers of services and content that are embedded in a website. In such cases, we comply with legal requirements and conclude appropriate contracts or agreements with the recipients of your data to protect your data.
Data Transfers Within the Organization:
We may transfer personal data to other companies within our group or grant them access to it. If data is shared for administrative purposes, this is based on our legitimate business and economic interests or is done insofar as it is necessary to fulfill our contractual obligations or if the consent of the data subjects or a legal permission exists.
International Data Transfers
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place within the scope of using third-party services or disclosure or transfer of data to other persons, entities, or companies, this will only happen in compliance with legal requirements. If the data protection level in the third country has been recognized by an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Otherwise, data transfers will only take place if the data protection level is secured by other means, in particular through standard contractual clauses (Art. 46(2)(c) GDPR), express consent, or in the case of contractual or legally required transfer (Art. 49(1) GDPR). Otherwise, we will inform you of the legal basis for third-country transfer in the individual cases of providers from third countries, whereby adequacy decisions are primarily considered. Information on third-country transfers and existing adequacy decisions can be found in the information provided by the European Commission: EU Commission – International Data Protection.
EU-US Trans-Atlantic Data Privacy Framework:
Within the framework of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the data protection level as secure for certain companies in the USA as part of the adequacy decision of 10.07.2023. The list of certified companies as well as further information on the DPF can be found on the website of the US Department of Commerce under Data Privacy Framework. We inform you in our privacy notices which service providers used by us are certified under the Data Privacy Framework.
General Information on Data Storage and Deletion
We delete personal data that we process in accordance with legal requirements as soon as the underlying consent is revoked or no further legal basis for processing exists. This concerns cases where the original processing purpose ceases or the data is no longer needed. Exceptions to this rule exist if legal obligations or special interests require longer storage or archiving of the data.
In particular, data that must be retained for commercial or tax reasons, or whose storage is necessary for legal prosecution or to protect the rights of other natural or legal persons, must be archived accordingly.
Our privacy notices contain additional information on data retention and deletion that specifically apply to certain processing activities.
When there are multiple specifications for a data retention period or deletion deadlines, the longest period always applies.
If a deadline does not explicitly begin on a certain date and is at least one year, it automatically starts at the end of the calendar year in which the event triggering the deadline occurred. In the case of ongoing contractual relationships, in which data is stored, the event triggering the deadline is the date on which the termination becomes effective or the relationship ends.
Data that is no longer required for the original purpose but is retained due to legal requirements or other reasons, is processed exclusively for the reasons justifying its retention.
Further information on processing activities, procedures, and services:
Data Retention and Deletion:
The following general deadlines apply for retention and archiving under German law:
-
10 years: Retention period for books and records, annual financial statements, inventories, management reports, opening balances, as well as the working instructions and other organizational documents required for their understanding, booking receipts, and invoices (§ 147(3) in conjunction with (1) No. 1, 4, and 4a AO, § 14b(1) UStG, § 257(1) No. 1 and 4, (4) HGB).
-
6 years: Other business documents: received commercial or business letters, reproductions of sent commercial or business letters, other documents relevant to taxation, such as time sheets, operating accounting sheets, calculation documents, price labels, but also payroll documents, insofar as they are not already booking receipts and cash receipts (§ 147(3) in conjunction with (1) No. 2, 3, 5 AO, § 257(1) No. 2 and 3, (4) HGB).
-
3 years: Data required to consider potential warranty and compensation claims or similar contractual claims and rights, as well as associated inquiries, based on past business experiences and usual industry practices, are stored for the duration of the regular statutory limitation period of three years (§§ 195, 199 BGB).
Rights of Data Subjects
Rights of Data Subjects Under the GDPR:
As a data subject, you have various rights under the GDPR, particularly arising from Articles 15 to 21 GDPR:
-
Right to Object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data that is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, including profiling to the extent that it is related to such direct marketing.
-
Right to Withdraw Consent: You have the right to withdraw your consent at any time.
-
Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, to request access to the personal data and certain other information, including a copy of the data, in accordance with legal requirements.
-
Right to Rectification: You have the right, in accordance with legal requirements, to request the rectification of inaccurate data concerning you and, where applicable, to have incomplete data completed.
-
Right to Erasure and Restriction of Processing: You have the right, under certain conditions, to request the erasure of personal data concerning you without undue delay, or alternatively to request the restriction of processing of your data.
-
Right to Data Portability: You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit those data to another controller, where legally applicable.
-
Right to Lodge a Complaint with a Supervisory Authority: You have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.
Business Services
We process data from our contractual and business partners, such as customers and interested parties (collectively referred to as "contractual partners"), in the context of contractual and similar legal relationships, as well as related measures and in relation to communication with the contractual partners (or pre-contractual).
We use this data to fulfill our contractual obligations. These include, in particular, obligations to provide the agreed services, any updating obligations, and remedying warranty and other performance disruptions. Furthermore, we use the data to protect our rights and for administrative tasks associated with these obligations as well as for business organization. Additionally, we process the data based on our legitimate interests in the proper and economic management of our business and in taking security measures to protect our contractual partners and our business operations from misuse, threats to their data, secrets, information, and rights (e.g., involving telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Within the limits of applicable law, we only disclose the data of contractual partners to third parties to the extent necessary for the aforementioned purposes or to fulfill legal obligations. Further forms of processing, such as for marketing purposes, are communicated to the contractual partners within this privacy policy.
We inform the contractual partners about the data required for the aforementioned purposes before or during the data collection process, e.g., in online forms, by special labeling (e.g., colors) or symbols (e.g., asterisks or similar), or in person.
We delete the data after the expiration of legal warranty and comparable obligations, i.e., generally after four years, unless the data is stored in a customer account, e.g., as long as it must be retained for legal archiving reasons (e.g., for tax purposes usually ten years). Data disclosed to us by the contractual partner in the context of an order will be deleted in accordance with the instructions and generally after the end of the order.
Types of Data Processed:
Inventory data (e.g., full name, residential address, contact information, customer number, etc.); payment data (e.g., bank details, invoices, payment history); contact data (e.g., postal and email addresses or phone numbers); contract data (e.g., subject of the contract, term, customer category).
Data Subjects:
Service recipients and clients; interested parties; business and contractual partners; educational and course participants.
Purposes of Processing:
Provision of contractual services and fulfillment of contractual obligations; communication; office and organizational procedures; organizational and administrative procedures; business processes and economic procedures.
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion."
Legal Bases:
Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR); legal obligation (Art. 6(1) sentence 1(c) GDPR); legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
Agency Services:
We process our clients' data in the context of our contractual services, which may include conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, campaign and process implementation, handling, server administration, data analysis/consulting services, and training services; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Educational and Training Services:
We process the data of participants in our educational and training offers (collectively referred to as "trainees") to provide them with our training services. The type, scope, purpose, and necessity of processing are determined by the underlying contractual and training relationship. The processing forms include the assessment of performance and the evaluation of our services and those of the trainers. In the course of our activities, we may also process special categories of data, in particular information about the health of the trainees and data from which ethnic origin, political opinions, religious or philosophical beliefs can be derived. Where necessary, we obtain explicit consent from the trainees and otherwise process special categories of data only if it is necessary for the provision of the training services, for purposes of health care, social protection, or the protection of vital interests of the trainees; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Project and Development Services:
We process the data of our clients and customers (collectively referred to as "clients") to enable them to select, acquire, or commission the chosen services or works, as well as related activities, including payment and provision or execution or performance.
The necessary information is indicated in the course of the order, purchase, or similar contract conclusion and includes the information required for the provision of services and billing, as well as contact information to allow for any necessary follow-up. To the extent that we have access to information about end customers, employees, or other persons, we process it in accordance with legal and contractual requirements; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Offering of Software and Platform Services:
We process the data of our users, registered and any test users (collectively referred to as "users"), to provide them with our contractual services, as well as based on legitimate interests, to ensure the security of our offer and to further develop it. The necessary information is indicated in the course of the order, purchase, or similar contract conclusion and includes the information required for the provision of services and billing, as well as contact information to allow for any necessary follow-up; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Provision of the Online Offer and Web Hosting
We process the data of our users, registered and any test users (collectively referred to as "users"), to provide them with our contractual services, as well as based on legitimate interests, to ensure the security of our offer and to further develop it. The necessary information is indicated in the course of the order, purchase, or similar contract conclusion and includes the information required for the provision of services and billing, as well as contact information to allow for any necessary follow-up;
legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Provision of the Online Offer and Web Hosting
We process users' data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.
-
Types of Data Processed:
Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions); meta/communication and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals); log data (e.g., log files concerning logins or data retrievals or access times).
-
Data Subjects:
Users (e.g., website visitors, users of online services).
-
Purposes of Processing:
Provision of our online offer and user-friendliness; information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)); security measures.
-
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion."
-
Legal Bases:
Legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
Collection of Access Data and Log Files:
Access to our online offer is logged in the form of so-called "server log files." The server log files may include the address and name of the accessed websites and files, date and time of access, transferred data volumes, notification of successful access, browser type and version, the operating system of the user, referrer URL (the previously visited page), and typically IP addresses and the requesting provider. The server log files may be used for security purposes, e.g., to avoid server overload (especially in the case of abusive attacks, such as DDoS attacks), and to ensure server stability and their load; legal bases: legitimate interests (Art. 6(1) sentence 1(f) GDPR). Data Deletion: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that must be retained for evidentiary purposes is exempt from deletion until the respective incident is definitively resolved.
Use of Cookies
Cookies are small text files or other storage marks that store information on end devices and read from them. For example, to store the login status in a user account, a shopping cart content in an e-shop, the accessed content, or used functions of an online offer. Cookies can also be used for various purposes, such as to ensure the functionality, security, and comfort of online offers, as well as to create analyses of visitor flows.
Notes on Consent:
We use cookies in compliance with legal regulations. Therefore, we obtain prior consent from users unless it is not required by law. Consent is particularly not necessary if storing and reading the information, including cookies, is strictly necessary to provide the user with a specifically requested telemedia service (i.e., our online offer). The revocable consent is clearly communicated to the user and includes information on the respective use of cookies.
Notes on Legal Bases:
The legal basis on which we process personal data using cookies depends on whether we ask users for consent. If users agree, the legal basis for processing their data is the declared consent. Otherwise, the data processed with the help of cookies is based on our legitimate interests (e.g., in a business-like operation of our online offer and its improvement) or, if necessary, to fulfill our contractual obligations, when the use of cookies is necessary to meet our contractual obligations. We clarify for which purposes the cookies are used within this privacy policy or within the framework of our consent and processing procedures.
Storage Duration:
The following types of cookies are distinguished concerning storage duration:
-
Temporary Cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their device (e.g., browser or mobile application).
-
Permanent Cookies: Permanent cookies remain stored even after the device is closed. For example, the login status can be stored, and preferred content can be displayed directly when the user revisits a website. Likewise, the user data collected with the help of cookies can be used for reach measurement. Unless we provide explicit information on the type and storage duration of cookies (e.g., in the context of obtaining consent), users should assume that these are permanent and the storage duration can be up to two years.
General Information on Revocation and Objection (Opt-Out):
Users can revoke the consents they have given at any time and also object to the processing according to legal requirements, including through the privacy settings of their browser.
Types of Data Processed:
Meta/communication and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals).
Data Subjects:
Users (e.g., website visitors, users of online services).
Legal Bases:
Legitimate interests (Art. 6(1) sentence 1(f) GDPR); consent (Art. 6(1) sentence 1(a) GDPR).
Further information on processing activities, procedures, and services:
Processing of Cookie Data Based on Consent:
We use a consent management solution, where users' consent to the use of cookies or the procedures and providers mentioned within the consent management solution is obtained. This procedure serves to obtain, log, manage, and revoke consent, particularly regarding the use of cookies and comparable technologies used to store, read, and process information on users' devices. Within this procedure, users' consent for the use of cookies and the associated processing of information, including the specific processing and providers named in the consent management procedure, is obtained. Users also have the option to manage and revoke their consent. The consent declarations are stored to avoid repeated inquiries and to provide proof of consent as required by law. The storage is server-side and/or in a cookie (so-called opt-in cookie) or by comparable technologies to assign the consent to a specific user or their device. Unless specific information is provided about the providers of consent management services, the following general information applies: the consent storage duration is up to two years. A pseudonymous user identifier is created, stored along with the time of consent, information about the scope of consent (e.g., relevant categories of cookies and/or service providers), and information about the browser, system, and the device used; legal bases: consent (Art. 6(1) sentence 1(a) GDPR).
Registration, Login, and User Account
Users can create a user account. In the context of registration, users are informed of the necessary mandatory information and processed for the purpose of providing the user account based on contractual obligation fulfillment. The processed data includes, in particular, login information (username, password, and email address).
In the context of using our registration and login functions, as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorized use. This data is generally not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation.
Users can be informed by email about processes relevant to their user account, such as technical changes.
-
Types of Data Processed:
Inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts as well as the information relating to them, such as details on authorship or the time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions); log data (e.g., log files concerning logins or data retrievals or access times).
-
Data Subjects:
Users (e.g., website visitors, users of online services).
-
Purposes of Processing:
Provision of contractual services and fulfillment of contractual obligations; security measures; organizational and administrative procedures; provision of our online offer and user-friendliness.
-
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion." Deletion after termination.
-
Legal Bases:
Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR); legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
-
Registration with Real Names:
Due to the nature of our community, we ask users to use our offer only under their real names. This means that the use of pseudonyms is not allowed; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
-
User Profiles Are Not Public:
User profiles are not publicly visible and accessible.
-
User Profiles Are Public:
User profiles are publicly visible and accessible.
-
Two-Factor Authentication:
Two-factor authentication provides an additional layer of security for your user account, ensuring that only you can access your account, even if someone else knows your password. To this end, you must perform an additional authentication step (e.g., entering a code sent to a mobile device) in addition to your password. We will inform you about the procedure we use; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Community Features
The community features we provide allow users to engage in conversations or otherwise exchange with each other. Please note that the use of community features is only permitted in compliance with applicable law, our terms and conditions, and guidelines, as well as the rights of other users and third parties.
Types of Data Processed:
Inventory data (e.g., full name, residential address, contact information, customer number, etc.); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions).
Data Subjects:
Users (e.g., website visitors, users of online services).
Purposes of Processing:
Provision of contractual services and fulfillment of contractual obligations; security measures; provision of our online offer and user-friendliness.
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion."
Legal Bases:
Performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR); legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
Setting the Visibility of Posts:
Users can determine through settings to what extent the posts and content they create are visible or accessible to the public or only to certain persons or groups; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Right to Delete Content and Information:
The deletion of posts, content, or user information is permissible to the necessary extent after a proper weighing of interests if there are concrete indications that they violate legal rules, our guidelines, or the rights of third parties; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Protecting Personal Data:
Users decide for themselves what data they disclose about themselves within our online offer. For example, when users provide information about themselves or participate in conversations. We ask users to protect their data and only disclose personal information with caution and only to the necessary extent. In particular, we ask users to pay special attention to safeguarding their access data and using secure passwords (i.e., primarily long and random character combinations); legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Contact and Inquiry Management:
When contacting us (e.g., by post, contact form, email, phone, or via social media) and in the context of existing user and business relationships, the information provided by the inquiring persons is processed to the extent necessary to respond to the contact requests and any requested actions.
-
Types of Data Processed:
Inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts as well as the information relating to them, such as details on authorship or the time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions); meta/communication and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals).
-
Data Subjects:
Communication partners.
-
Purposes of Processing:
Communication; organizational and administrative procedures; feedback (e.g., collecting feedback via online form); provision of our online offer and user-friendliness.
-
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion."
-
Legal Bases:
Legitimate interests (Art. 6(1) sentence 1(f) GDPR); performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR).
Further information on processing activities, procedures, and services:
Contact Form:
When contacting us via our contact form, email, or other communication channels, we process the personal data provided to respond and handle the respective request. This usually includes information such as name, contact information, and possibly other information provided and necessary for appropriate processing. We use this data exclusively for the stated purpose of contact and communication; legal bases: performance of a contract and pre-contractual inquiries (Art. 6(1) sentence 1(b) GDPR), legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Presence in Social Networks (Social Media)
We maintain online presences within social networks and process user data to communicate with the users active there or to offer information about us.
We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it may be more difficult to enforce users' rights.
Furthermore, user data is generally processed within social networks for market research and advertising purposes. For example, user profiles can be created based on user behavior and the resulting interests of users. These profiles may be used, for example, to place advertisements within and outside the networks that are presumably aligned with users' interests. For these purposes, cookies are usually stored on the users' computers, in which the user behavior and interests of the users are stored. Additionally, data may be stored in the user profiles regardless of the devices used by the users (especially if they are members of the respective platforms and are logged in there).
For a detailed description of the respective processing forms and the options to object (opt-out), we refer to the privacy policies and information provided by the operators of the respective networks.
In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be most effectively asserted with the providers. Only they have access to the user data and can take appropriate measures and provide information. If you still need assistance, you can contact us.
Types of Data Processed:
Contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts as well as the information relating to them, such as details on authorship or the time of creation); usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions).
Data Subjects:
Users (e.g., website visitors, users of online services).
Purposes of Processing:
Communication; feedback (e.g., collecting feedback via online form); public relations.
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion."
Legal Bases:
Legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
Instagram:
Social network enabling the sharing of photos and videos, commenting and favoriting posts, sending messages, subscribing to profiles and pages; service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; legal bases: legitimate interests (Art. 6(1) sentence 1(f) GDPR); website: Instagram; privacy policy: Instagram Privacy Policy. Basis for third-country transfers: Data Privacy Framework (DPF).
LinkedIn:
Social network - We are jointly responsible with LinkedIn Ireland Unlimited Company for collecting (but not further processing) data from visitors, which is used to create "Page Insights" (statistics) of our LinkedIn profiles. This data includes information about the types of content users view or interact with, actions taken, as well as information about the devices used by users (e.g., IP addresses, operating system, browser type, language settings, cookie data) and information from the user's profile, such as job function, country, industry, seniority level, company size, and employment status. Privacy information on user data processing by LinkedIn can be found in LinkedIn's privacy notices: LinkedIn Privacy Policy We have entered into a special agreement with LinkedIn Ireland ("Page Insights Joint Controller Addendum (the 'Addendum')", LinkedIn Pages Joint Controller Addendum), which regulates, among other things, the security measures LinkedIn must observe and in which LinkedIn has agreed to fulfill the data subject rights (i.e., users can, for example, directly contact LinkedIn with access or deletion requests). The rights of users (especially the right to access, deletion, objection, and complaint to the responsible supervisory authority) are not limited by the agreements with LinkedIn. Joint responsibility is limited to the collection of data by and the transmission to Ireland Unlimited Company, a company based in the EU. The further processing of data is the sole responsibility of Ireland Unlimited Company, which particularly concerns the transfer of data to the parent company LinkedIn Corporation in the USA; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; legal bases: legitimate interests (Art. 6(1) sentence 1(f) GDPR); website: LinkedIn; privacy policy: LinkedIn Privacy Policy; basis for third-country transfers: Data Privacy Framework (DPF). Opt-out options: LinkedIn Retargeting Opt-out.
X:
Social network; service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; legal bases: legitimate interests (Art. 6(1) sentence 1(f) GDPR); website: X; privacy policy: X Privacy Policy.
Plug-ins and Embedded Functions and Content
We integrate functional and content elements into our online offer, which are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may include, for example, graphics, videos, or city maps (collectively referred to as "content").
The integration always requires that the third-party providers of this content process the users' IP addresses, as they would not be able to send the content to their browsers without the IP address. The IP address is therefore necessary for the display of this content or functions. We strive to use only content whose respective providers only use the IP address for content delivery. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Through the "pixel tags," information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on the users' devices and include technical information about the browser and operating system, referring websites, visit times, and other information about the use of our online offer, as well as be combined with such information from other sources.
Legal Basis Information:
If we ask users for their consent to use third-party providers, the legal basis for processing the data is the consent given. Otherwise, the users' data is processed based on our legitimate interests (i.e., interest in efficient, economic, and recipient-friendly services). In this context, we also refer you to the information on the use of cookies in this privacy policy.
Types of Data Processed:
Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types used and operating systems, interactions with content and functions); meta/communication and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals); inventory data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and posts as well as the information relating to them, such as details on authorship or the time of creation).
Data Subjects:
Users (e.g., website visitors, users of online services).
Purposes of Processing:
Provision of our online offer and user-friendliness.
Data Retention and Deletion:
Deletion in accordance with the section "General Information on Data Storage and Deletion." Storage of cookies for up to 2 years (unless otherwise specified, cookies and similar storage methods may be stored on users' devices for a period of up to two years).
Legal Bases:
Consent (Art. 6(1) sentence 1(a) GDPR); legitimate interests (Art. 6(1) sentence 1(f) GDPR).
Further information on processing activities, procedures, and services:
YouTube Videos:
Video content; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; legal bases: consent (Art. 6(1) sentence 1(a) GDPR); website: YouTube; privacy policy: YouTube Privacy Policy; basis for third-country transfers: Data Privacy Framework (DPF). Opt-out option: Opt-Out Plugin: Google Opt-out Plugin, Settings for displaying ads: Google My Ad Center.
Erstellt mit kostenlosem Datenschutz-Generator.de von Dr. Thomas Schwenke