Data Protection

Fortunica privacy policy, a brand of adviqo GmbH

The following privacy policy applies to the website which can be accessed through the URL www.app-fortunica.com and the Fortunica App.

adviqo highly values the protection of the personal data of its users and customers. The privacy policy of adviqo is compliant with the provisions of the EU’s General Data Protection Regulation (GDPR), as well as other country-specific data protection provisions applicable to adviqo GmbH. This privacy policy explains the type of data stored by adviqo and how the data is used.

Contact Details:

adviqo GmbH
Max-Dohrn-Straße 8-10, 10589 Berlin
Phone +49 (0)30 20044550
Fax +49 (0)30 224455-9100
E-mail: datenschutz@adviqo.com
Website: www.adviqo.com

Purposes for which personal data may be processed
We may process your personal data for the following reasons:

  • Contacting you
  • Advertising
  • Quality assurance
  • Compiling Statistics
  • Contract fulfilment and billing
  • Conducting Surveys

Legal basis for processing personal data
Your personal data is processed based on the following legal frameworks:

  • Your consent, Article 6 (1) (a) of the GDPR
  • Legitimate interests, Article 6 (1) (f) of the GDPR (see below)
  • For contract fulfilment, Article 6 (1) (b) of the GDPR

Legitimate interests
When processing your personal data, we are guided by the following legitimate interests:

  • Improvement of our product offers
  • Protection against misuse
  • Statistics
  • Billing

 

Recipients or categories of recipients of personal data
When processing your data, we work with the following service providers, which have access to your data:

  • Web-hosting-providers
  • Advertising networks (for pop-up advertisements)
  • Providers of web analysis tools
  • When processing your data in order to carry out credit enquiries, we use contractually agreed to service providers who have access to your data.

 

Duration for which the personal data is stored:
We store your data,

  • if you have given your consent for the processing, until you revoke your consent,
  • if we are using your data for a legitimate interest, for as long as your interest in deletion or anonymization does not outweigh ours.

Data sources
We get the data from you (including through the devices you use).

Data transfer to third countries
Data is transferred to third countries outside the European Union, based on legal regulations, which are intended to ensure adequate protection of your data and which you can view on request.

Rights of the data subject to disclosure of information as well as to correction, deletion or restriction of the processing, as well as a right to objection against processing and the right to data transferability:
If your personal data is being processed, then you are a data subject in the meaning of the GDPR. As a data subject, you have the right, partly under certain preconditions

  • To demand information about the processing of your data,
  • To have your data corrected and/or supplemented,
  • To have your data deleted or blocked,
  • To have the processing of your data restricted,
  • To object to the processing of your data,
  • To receive your data in a transferable format and to transfer it to a third party,
  • To revoke your consent for the processing of your data in future, and
  • To complain to the responsible supervisory authority about unauthorised data processing. The responsible supervisory authority is the Berlin-based officer in charge of data protection and information freedom.

Requirement or obligation to provide data

As long as this is not explicitly stated during data collection process, providing your personal data is not necessary or obligatory.

 

Further information on data protection: registration, contact form and e-mail contact.

You can enter your personal data on the app when you create a customer account. Your information is transmitted to us and stored in our data base. It is possible to remove your personal data from our data base at any time, if you request this in written form.

Sending a text message, e-mail or letter with a clear request to delete your personal data is sufficient. In order to prevent unauthorised use by third parties, such requests must be strictly verified before we can take action. When you provide us personal data via e-mail, this information will not be stored or transferred to third parties, your data is only used for processing your request.

 

Specific purpose of the data processing.

Contact via e-mail constitutes a necessary legitimate interest in the processing of data.

 

Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.

Possibility of objection and removal

The user has the possibility to revoke their consent to the processing of personal data at any time. In this case, please contact us using the contact details mentioned above. All your personal data stored until this point will be deleted.

 

Provision of the website and creation of log files

Description and scope of data processing

Each time you access our website and app, our system automatically collects data and information from the computer system or device that you are accessing from. The following data is collected:

 

  • Information about the browser type and the version used
  • The user’s operating system
  • The device type of the user
  • The Internet service provider of the user
  • The IP address of the user
  • Date and time of access
  • Websites from which the user accessed our website
  • Websites to which the user accessed through our website

 

The data is also stored in the log files of our system.

 

Specific purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website and the app to the user. For this purpose, the IP address of the user must remain stored for the duration of the session.

 

The data is stored in log files to ensure the functionality of the app. The data is also used to optimize the website and the app and to ensure the security of our information technology systems.

 

These purposes also include our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.

 

Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data to provide the website, this is the case when the session in question has ended.

 

If the data is stored in log files, this is the case after 30 days at the latest. A storage going beyond this is possible. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

 

Possibility of objection and removal

The collection of data for the provision of the website and the app and the storage of data in log files is mandatory for the operation of the website and the app. Consequently, there is no possibility for the user to object.

 

Participation in surveys

For individual surveys we use SurveyMonkey (SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland), a web service for creating and evaluating online surveys. Participation is voluntary and the respondents thereby declare their consent to the processing of their personal data in accordance with Art. 6 para. 1 lit. A of the GDPR. The data will be stored for the duration of the survey and evaluation.

 

Please note that SurveyMonkey will store the data on your servers and reserves the right to collect, process, use, and disclose information for its own purposes. In particular, cookies, ad tracking, and IP addresses are used or collected for this purpose. SurveyMonkey also reserves the right to share this information with third parties, including in other countries. Because the information collected also ends up on U.S. servers, where it is collected, used, and stored, SurveyMonkey is certified under the Privacy Shield Agreement, thereby ensuring compliance with European data protection laws.

 

For more information, please see the appropriate sections of SurveyMonkey’s Privacy Policy: https://de.surveymonkey.com/mp/legal/privacy-policy/

 

When the evaluation of a survey is complete, the survey data is deleted from the SurveyMonkey account. Within 90 days, the data will also be permanently removed from SurveyMonkey’s system.

 

Survey participants can contact us at any time to request that their survey data, including personal information if collected, be deleted.  No subsequent correction of individual responses is possible after the survey has been submitted.

 

Use of Cookies
Description and scope of data processing
Our website uses Cookies. Cookies are text files which are stored in the Internet browser or downloaded from the Internet browser onto the computer system of the user. If a user accesses a website, a Cookie can be deposited and stored on his operating system. This Cookie contains a characteristic string which makes it possible to identify the browser when the user revisits the website.
We use Cookies to make the design of our website more user-friendly. Some elements of our Internet site require that the browser accessing it be identifiable even after moving on to another page.
In the process, the following data is stored and transmitted in the Cookies:

  • Language settings
  • Items in a shopping cart / selected advisors
  • Log-in information

We also use Cookies on our website, which make it possible to analyse the surfing behaviour of users.
Caution: If you delete your Cookies in the browser, this will result in even the Opt-Out-Cookie stored in your browser being deleted and the revocation must, if necessary, be carried out once again in the same way outlined earlier.

Amazon Web Services
We use the product “S3” from Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA, (“AWS”) to host and distribute the content of our web pages. AWS processes our data on our behalf. The hosting exclusively takes place in the AWS computer centre in Frankfurt a. M. Moreover, AWS is Privacy Shield certified and thus guarantees that personal data outside the European Economic Area is processed in accordance with European data protection laws https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.

heroku
For the processing and storage of your data we use a hosting server of Heroku, Inc., 650 7th St, San Francisco, CA 94103. Heroku is a subsidiary of salesforce.com, inc or one of its affiliates (“salesforce.com”). The servers and databases provided by Heroku are located in Ireland/Europe and are subject to European data protection regulations. For more information about Heroku’s privacy policy, please visit https://www.heroku.com/policy/privacy/.

MongoDB
We use Atlas from MongoDB as our central database, Inc. 3 Shelbourne Building, Crampton Avenue Ballsbridge, Dublin 4, Ireland. Data processing is based on our legitimate interests (Art.6 para.1 lit. f DSGVO) in the technically error-free and optimised provision of our services.

Further information on data processing by MongoDB can be found in the privacy policy of MongoDB: https://www.mongodb.com/legal/privacy-policyMongoDB observes the data protection regulations of the “US-Privacy-Shield”, is registered with the “US-Privacy Shield” program of the US Department of Commerce and thus offers suitable guarantees for an adequate level of data protection.

logentries
We use the log management tool “LogEntries” from RAPID7, Inc., The One Building, 2nd Floor, 1 Grand Canal Street Lower, Dublin 2, Dublin, Ireland (“LogEntries”), to evaluate the log files. Log files (such as your IP address, operating system used, name of the internet service provider) are transmitted to LogEntries in order to evaluate them in anonymous form. The evaluation is carried out to ensure the functionality of the website. The data is also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Further information on this can be found at: https://www.rapid7.com/privacy-policy/. Data processing also takes place in the United States. An adequate level of data protection is ensured by RAPID7, Inc.’s participation in the EU-US Privacy Shield.

Use of Facebook Custom Audiences
We also use retargeting technologies. This technology makes it possible to address Internet users who have already shown interest in our products and services, as well as Internet users who are also likely to be interested, on the websites of our partners (e.g. Facebook) with advertisements. This advertising is displayed on the pages of our partners on the basis of cookie technology and an analysis of previous usage patterns. This form of advertising is pseudonymous. Retargeting technology is used in compliance with the applicable statutory data protection regulations.
Specifically, we use Facebook Custom Audiences on this website. So-called Facebook pixels are integrated on our websites for this purpose, which mark you as a visitor to our website in a pseudonymised form. If you are later logged in to Facebook, a non-reversible and thus non-personal checksum (profile) from your usage data is transmitted to Facebook for analysis and marketing purposes. We also provide Facebook with hashed, i.e. pseudonymized, e-mail addresses of our users. For more information about the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your privacy settings, please refer to Facebook’s Privacy Policy, which can be found at https://www.facebook.com/privacy/explanation. If you wish to opt out of using Facebook’s Custom Audiences website, you can do so as a Facebook user at https://www.facebook.com/ads/website_custom_audiences/, otherwise please contact us as indicated above.

Pinterest Conversion Tracking:
Our app uses the conversion tracking technology of the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), which enables us to show our visitors who have already taken an interest in our app and our content/offerings and are Pinterest members, advertisements and offers relevant to them on Pinterest. For this purpose, a conversion tracking pixel from Pinterest is integrated into our app, which tells Pinterest when you visit our app that you have called up our app and which parts of our offer you are interested in. For example, if you are interested in

You can opt-out of the collection of data for the display of interest-based advertising on Pinterest at any time in your Pinterest account settings at https://www.pinterest.de/settings (where you can disable the “Use information from our partners to better tailor recommendations and ads on Pinterest to you” button under “Customization”) or at https://help.pinterest.com/de/article/personalization-and-data#info-ad (where you can disable the checkbox under “Disable customization”).

Google Ads tracking
adviqo GmbH uses the Conversion-Tracking system of Google Ireland Limited (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), being the latter’s advertising customer (“Google Ads customer”), for purposes of marketing performance measurement. For this purpose, a Google Ads pixel is integrated on each of the registration pages of adviqo, and this pixel transmits the registration event to Google without any details of the customer concerned – besides the common technical features of every web page visit (e.g. browser, IP-address). For purposes of recognition and assignment of the users, a Cookie will be installed by Google, provided you accessed the web pages through a Google advert. These Cookies will lose their validity after 30 days. Each Google Ads user receives a different Cookie. Cookies cannot therefore be tracked via the websites of Ads users. For further information on data protection at Google, visit  https://policies.google.com/. Besides, users can also deactivate or revoke Google adverts as a whole or in parts at https://privacy.google.com/?hl=de#google-experience (Opt-Out).

 

Google Tag Manager
This website uses the Google Tag Manager by Google Ireland Ltd, , Gordon House, Barrow Street, Dublin 4, Irland. This service allows website tags to be managed through an interface. Google Tool Manager only implements tags. This means that no cookies are used and no personal information is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.

 

Mailchimp (E-mail-marketing)
We use the list provider MailChimp for sending out our newsletter. MailChimp is a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318 (“Rocket”). Rocket signed the so-called “Safe Harbor Agreement” on 22/07/2008. This is a data protection agreement between the European Union and United States.
The data collected during registration is transmitted to Rocket and stored by them. Data submitted during registration will not be sent to other third parties. After registration, MailChimp will send you an e-mail message confirming your registration. Furthermore, MailChimp offers various possibilities of analysing how the despatched newsletters are opened and used, e.g. to how many users was an e-mail sent, whether the e-mails were rejected, and whether the users unsubscribed after receiving the e-mail. These analyses are, however, only group-related and we do not use them to evaluate individuals. MailChimp also uses the Google Analytics analysis tool from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, and they sometimes integrate it into their newsletters. You can find more details on Google Analytics in the section about “Google Analytics” in this privacy policy.
For further information on data protection at MailChimp, visit http://mailchimp.com/legal/privacy/.

Emarsys (E-mail-marketing)
Emarsys eMarketing Systems AG (Stralauer Platz 34, 10243 Berlin; www.emarsys.com/de) is also used in the technical processing of newsletter mailings and is an Austrian enterprise with headquarters in Berlin, which provides the software and infrastructure for sending consent-based electronic messages. Emarsys is aware of its obligation towards recipients of such messages and has a zero-tolerance policy for spam.
Furthermore, Emarsys offers various possibilities of analysing how the despatched newsletters are opened and used, e.g. to how many users was an e-mail sent, whether the e-mails were rejected, and whether the users unsubscribed after receiving the e-mail. These analyses are, however, only group-related and we do not use them to evaluate individuals. If you don’t wish to continue receiving our newsletter, you can unsubscribe any time by clicking on the relevant link contained in every mailing. For further information on data protection at Emarsys, visit https://www.emarsys.com/en/privacy-policy/.

Adjust
We use the services of Adjust, an App analysis service, for analysing the App usage (adjust GmbH, Saarbrücker Str. 38a, 10405 Berlin). The Adjust service has been tested and certified according to ePrivacyseal (European Seal for your Privacy) – see http://www.eprivacy.eu/vergebene-siegel/). Adjust uses the IP and Mac-addresses of the UserApp-users, but these are used exclusively in an anonymised form. It is therefore not possible to trace this data back to a natural person. The information collected through the use of Adjust is used merely to analyse the function and use of the App by creating anonymous evaluations and graphics of the number of visits, number of web pages accessed per user, etc. The analyses are used exclusively for personal market research as well as for the optimisation and a needs-oriented design of the App. There is a possibility of revocation. You can stop any tracking associated with the App in future by selecting the “Data protection” item on the menu and adjusting the sliding switch accordingly (“Turn off Tracking”).

Youtube
We use the service provider YouTube for the integration of videos, among other things, in our website. YouTube is operated by YouTube LLC with headquarters in 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. with headquarters in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you visit pages of our website equipped with a Plugin – for example, our media library – a connection is established with the YouTube servers, and the Plugin is displayed in the process. Through this, a message will be sent to the YouTube server indicating which of our web pages you visited. If you are logged into YouTube as a member, YouTube will assign this information to your personal user account. If the Plugin is used, e.g. when the start button of a video is clicked, this information will also be assigned to your user account. You can prevent this assignment by logging out of your YouTube user account as well as other user accounts belonging to YouTube LLC and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. and deleting the relevant Cookies of those companies before using our website. You can find further information on data processing and data protection by YouTube (Google) at www.google.de/intl/de/policies/privacy/.

Facebook visitor action pixel
With your consent, we use the “visitor action pixel” from Facebook Inc. within our websites. With the help of these pixels, we can track the actions of users after they have seen or clicked on an advert. This will enable us to gauge the effectiveness of adverts on the mentioned platforms for market research purposes. The data collected in this way is anonymous to us; that is, we do not see the personal data of individual users. This data is, however, stored and processed by the respective platform providers – something we shall inform you of to the best of our knowledge. For more information, we refer you to the respective privacy policies: https://www.facebook.com/about/privacy/.

Facebook Plugins
Plugins of the social network provider, Facebook, are integrated on our website. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognise the Facebook Plugins by the Facebook logo or the “Like-Button” on our web page. You can find an overview of the Facebook Plugins here: http://developers.facebook.com/docs/plugins/.

If you go to our web pages, a direct connection will be established between your browser and the Facebook server via the Plugin. Facebook will then receive the information that you have visited our website with your IP-address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can interlink the contents of our web pages onto your Facebook profile. Facebook can then use this information to associate your visit to our web pages with your Facebook account. We would like to point out that we as the providers of the web pages do not have any knowledge of the contents of the transmitted data, nor do we receive any information of how it is used by Facebook. You can find more information about this in the privacy policy of Facebook at: http://de-de.facebook.com/policy.php.

Facebook Connect (Social Network Connect)
You can also register with your respective Social Network Login (Facebook Inc.) on our website by disclosing the data stored in your respective Social Network profile. Your registration will then be done automatically using your profile information at Facebook. This includes, among other things, your name and e-mail address. The use of this function is subject to the data protection conditions and terms of use of the respective Social Network provider. You can find more information about this in the privacy policy of Facebook at: http://de-de.facebook.com/policy.php.

Zendesk
On this website we use the Customer Relationship Management (CRM) service of Zendesk Inc. 989 Market Street #300, San Francisco, CA 94102, USA.

The legal basis for the use of this service is Art. 6 I f DS-GVO – legitimate interest. Our legitimate interest in using this service is to be able to answer user inquiries quickly and efficiently. Zendesk uses your data only to forward your inquiries to us. In order to use Zendesk, you must provide at least one correct e-mail address. The service can also be used pseudonymously. In the course of processing service requests, it may be necessary to collect additional data (e.g. first name, last name, address, etc.) The use of Zendesk is optional. If you do not agree to Zendesk collecting your data, we offer you alternative ways to contact us to submit service requests by phone or mail. For more information, please refer to the Zendesk Privacy Policy: https://www.zendesk.de/company/customers-partners/privacy-policy/

Braze
To send push messages in the Android and iOS apps, the service Braze is used, a program of Braze Inc. NYC, 318 West 39th Street, 5th Floor, New York, NY 10018, USA. Braze stores data about the use of the app under an anonymized ID, but no personal data. For more information on Braze’s privacy practices, please go to https://www.braze.com/privacy.

Nexmo
Verification of a mobile number
In order to ensure that all relevant information on a rental and leasing by SMS is received, the mobile number is verified by the provider NEXMO (https://www.nexmo.com/) by means of an opt-in procedure. The verification is done on our site under “Contact details”.

Contact by mobile number
As soon as the mobile number is verified, we store it in our database. It will be disclosed to the contracting party in the event of a successful rental or lease in order to establish contact. It is not publicly accessible.

Sending voice messages
When you send voice messages via CloudMatic, the data you provide will be sent to Nexmo Inc, 217 Second Street, 4th Floor, San Fran-cisco, CA 94105 as part of the delivery. The data is passed on in accordance with Art. 6 para. 1 lit. b DSGVO and only to the extent necessary for sending the message:

  • The mobile telephone number(s) to which the message(s) is/are to be sent
  • The message to be sent

Nexmo’s privacy policy can be read here: https://www.nexmo.com/privacy-policy

Crashlytics
For our smartphone app we use the Crashlytics tool, which is part of the Twitter Fabric platform, to log application crashes. No personal data will be transmitted. Only real-time crash reports with detailed information on code positions and device information are sent to simplify maintenance and improve the resulting stability of the app. The privacy policy of Crashlytics can be viewed here: http://try.crashlytics.com/terms/privacy-policy.pdf.

Google Cloud Platform (GCP)
We use the Google Cloud for hosting. For the hosting in the Google Cloud (Google Cloud Platform, GCP) we use the region Frankfurt, Germany (europe-west3) However, the Google Cloud works according to the principle of a multi-tenant environment, so that data is replicated between several geographically distributed data centres (fail-safe of the data centres). Personal data is transferred to countries outside the EU as part of the hosting.   The legal basis for this are the corresponding EU standard contract clauses, see GCP sample contract clauses and further information on data protection in the Google Cloud at https://cloud.google.com/security/gdpr/resource-center/contracts-and-terms?hl=en

 

Google Firebase
We use the tool Firebase in our app. This is a real-time database that we use for real-time data exchange and storage in our app to improve and develop our app. The user data is transmitted to Firebase anonymously. Firebase is a Google subsidiary and is based in San Francisco (CA), USA.
Find the Firebase pirvacy polic here: https://www.firebase.com/terms/privacy-policy.html and the Google privacy policxy here: https://www.google.de/intl/de/policies/privacy/.

Use of the analysis tool “Google Analytics”
We use the services of Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. This service makes it possible to analyse the use of our web pages and uses Cookies for this. To this end, the information generated by the Cookie, such as your anonymised IP-address, is transmitted on our behalf to a server of Google Ireland Ltd, stored and evaluated there. This is so because Google Analytics was given the extension code “gat._anonymizeIp();” on this website. This ensures anonymised collection of IP-addresses. Anonymisation of your IP-address is generally done through the truncating of the IP-address by Google Ireland Ltd,. within the European Union or in other member states of the European Economic Area (EEA). In exceptional cases your IP-address will be transmitted to a server of Google Ireland Ltd, and then anonymised there. Your IP-address transmitted in this way will not be merged with other data from Google Ireland Ltd,. In the context of the Google Analytics-advertising function, remarketing and the reports are used to provide services according to demographic features and interests. These procedures help align advertising measures more closely with the interests of the respective users, with the help of the information about user behaviour. In the context of remarketing, personalised advertising measures can be displayed on other websites based on the surfing behaviour of the user on the apo-rot website. In this process, advertising materials can contain products which the user has looked at before on the website of apo-rot. Provided you have agreed that your web and App browser history be connected to your Google account and that your Google account be used to personalise advertisements, Google will use this data for remarketing purposes across multiple devices. Any products which allow inferences to be made on the state of health of the user are excluded from these procedures on the part of apo-rot. You can revoke the collection of your data by Google Analytics any time. For this, you have the following possibilities at your disposal:
Most browsers accept Cookies automatically. You can prevent the use of Cookies by adjusting the aforementioned settings of your browser software; in this case, however, it may probably not be possible to use all functions of the Internet page. You have to make the adjustments separately for each browser you use.
Furthermore, you can prevent the collection and processing of this data by Google Ireland Ltd,. by downloading and installing the browser add-on available through the following link: https://tools.google.com/dlpage/gaoptout
As an alternative, or within browsers on mobile devices, you can click on the following link: Deactivating Google Analytics An Opt-Out-Cookie will be stored in your device for our web pages and effective for the browser you are currently using. If you delete your Cookies in this browser, you must click on the following link afresh.
You can find detailed information about the terms of use and data protection at  http://www.google.com/analytics/terms/de.html or under https://www.google.de/intl/de/policies/.

Google Fonts
We use Google Fonts, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (“Google”). The integration of these web fonts is done by accessing a server, usually a server of Google in the USA. Through this, a message will be sent to the server indicating which of our web pages you visited. The IP-address of the browser of the user whose terminal accessed these Internet pages is also stored by Google. You can find more information in Google’s privacy policy, which you can access through www.google.com/fonts#AboutPlace:about www.google.com/policies/privacy/.

Native Google & Apple Store
If you download our app, the necessary information will be transferred to the respective app store. This includes in particular user name, e-mail address, time of download and the individual device identification number. However, we have no influence on this data collection, as this is based on the respective app store operator. We process the data provided as far as this is necessary for downloading the app to your mobile device (e.g. smartphone or tablet). Furthermore, they are not stored with us. In this context, please also note the data protection information of the app store operators:

  • for the iOS App Store: Apple Inc, 1 Infinite Loop, Cupertino, CA 95014, USA, available at https://www.apple.com/de/privacy/privacy-policy/, and
  • for the Google Play Store: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, available at https://www.google.de/intl/de/policies/privacy/.

 

 

Updated: November 12, 2019

 

Privacy Policy for our Facebook and Instagram Pages

 

When you visit our Facebook Fanpage or Instagram Page (hereinafter “Facebook”), we are jointly responsible with Facebook for the processing of your personal data. Instagram is part of the Facebook group of companies and shares infrastructure, systems and technology with Facebook and other Facebook companies (https://www.facebook.com/help/111814505650678?ref=dp).

 

Below we inform you about the associated data processing:

 

Information about the collection of personal data and contact details of the person responsible

 

Data Purpose of Use Legal Basis
1 User interactions (postings, likes etc.) User communication via social media Art. 6 para. 1 lit. f) GDPR
2 Cookies Target group advertising Art. 6 para. 1 lit. f) GDPR
3 Demographic data (e.g. based on age, location, language or gender) Target group advertising Art. 6 para. 1 lit. f) GDPR
4 Aggregated data without personal reference (e.g. page activities, page views, page previews, likes, recommendations, articles, videos, page subscriptions including origin, times of day) Target group advertising Art. 6 para. 1 lit. f) GDPR

 

The promotional use of your personal data is particularly important for Facebook. We use the statistics function to learn more about the visitors of our fan page.  Using this function enables us to adapt our content to the respective target group, by using demographic information about the users, such as age and locations.

 

To provide the social media service in the form of our Facebook fan page and to use the Insight function, Facebook usually stores cookies on the user’s device. These include session cookies that are deleted when the browser is closed and persistent cookies that remain on the device until they expire or are deleted by the user.

 

A cookie is a tiny text file that allows a website to recognize a browser.  When a website is called up, cookies are stored in a text file on the computer and are called up and read the next time the web server is called up. As a user, you can decide yourself via your browser settings whether and which cookies you wish to allow, block or delete.

 

According to Facebook, the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurements, website functions and services, performance, and analysis and research. Details of the cookies used by Facebook (e.g., cookie names, duration of function, content collected and purpose) can be found at on the following links: https://www.facebook.com/policies/cookies/ and https://help.instagram.com/1896641480634370?ref=ig There you will also find the option to deactivate the cookies used by Facebook. The collection and storage of data through the use of the above-mentioned Facebook cookies can also be refused at any time with effect for the future by clicking on the following opt-out link: http://www.youronlinechoices.com/de/praferenzmanagement/.

 

 

Note about Facebook Insights:

For statistical evaluation purposes we use the Facebook Insights function.  In this context, we receive anonymous data on the users of our Facebook fan page.  A conclusion to your person is not possible for us.  For further information, please refer to Facebook’s cookie policy.

 

Pursued legitimate interests, provided that the legal basis is Art. 6 para. 1 lit. f) GDPR

We see our legitimate interest in data processing in the presentation of our company and our products and services for your information.

 

Transmission and use of personal data

Recipients or categories of recipients: Facebook and Instagram
If you interact within Facebook and Instagram directly, Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA, also has access to your data. Facebook is located here in a third country where the level of data protection is lower. Facebook is subject to the EU-U.S. Privacy-Shield in order to guarantee an adequate level of data protection according to European standards.

Rights

We cannot fulfil our information obligations according to Art. 13 EU-DSGVO, as only Facebook has full access to the user data.   If you wish to exercise your rights as a data subject, please contact Facebook directly here. You are entitled to the following rights:

 

  • Right of access by the data subject: Art. 15 EU-GDPR
  • Right to rectification: Art. 16 EU-GDPR
  • Right to erasure (‘right to be forgotten’): Art. 17 EU-GDPR
  • Right of restriction of processing: Art. 18 EU-GDPR
  • Right to object: Art. 21 EU-GDPR
  • Right to data portability: Art. 20 EU-GDPR
  • Right to lodge a complaint with a supervisory authority: Art. 77 EU-GDPR
  • Right of withdrawal consent at any time: Art. 7 Para. 3 EU-GDPR

 

According to Art. 21 EU-GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. if personal data are processed for the purpose of direct marketing, you also have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is necessary to ensure that the data are not processed for the purpose of direct marketing.

 

Data protection officer

You can contact the data protection officer of Facebook via the online contact form provided by Facebook at https://www.facebook.com/help/contact/540977946302970

contact.

 

Updated: November 12, 2019