Privacy Policy

1. General information

The protection of your personal data is of particular concern to us. We treat the personal data you provide when using our website and offers confidentially and in accordance with the legal data protection regulations and this privacy policy. The following notes inform you in detail about which of your personal data we collect, for which purposes it is used, with whom it is shared and which control and information rights you may have when you visit our website. Personal data is any information relating to an identified or identifiable natural person (Art. 4 No. 1 EU General Data Protection Regulation ("GDPR")).

2. Responsible

Responsible for this website is:

QUIN Technologies GmbH Oranienburger Str. 91 10178 Berlin

E-Mail: [email protected]

Our data protection officer can be reached at [email protected].

3. Data processing for informational use of our website

The data processing on this website includes those personal data that are required to enable the informational use of our website. Further personal data is only processed if you consent to the processing or if another legal basis permits this. If you use our website merely for informational purposes, without providing personal data via registration or in any other way, only personal data that your browser transmits to our server will be processed. The processed data include:

  • Internet browser (browser type and browser version),
  • operating system used,
  • Referrer URL,
  • Host name of the accessing computer,
  • Time of the page request,
  • IP address

This data is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. b) GDPR, as we need the automatically collected data for an effective provision of our website, as well as Art. 6. para. 1 p. 1 lit. f) GDPR, as the storage serves our legitimate interest to ensure the stability and security of the website. For more information on the collection of personal data in the context of visiting our website, please refer to section 4.

4. Data processing when using functions on our website

Below, we inform you about the data processing that we ourselves carry out in connection with the various functions of our website that you use.

4.1 Use of cookies

We use cookies on our website. Cookies are small pieces of text information used in web browsers. Cookies are used to store or maintain identifiers and other information on computers, phones and other devices. Cookies cannot run programs or deliver viruses to your computer. They are used to make the Internet service as a whole more user-friendly and effective. When we refer to "cookies" in the following, we always also mean comparable technologies that are used for similar purposes. On our website, we use both our own cookies and cookies from integrated third-party services.

Technically necessary or required cookies When you visit our website, cookies are set that are absolutely necessary for the operation of the website. These necessary cookies may be, for example, cookies that are used to recognize language settings or that are used to document whether you have consented to the setting of further (non-required) cookies or whether you have rejected them. These are session cookies that are deleted when the browser is closed. The legal basis for the processing of personal data using required cookies is Art. 6 para. 1 p. 1 lit. f) GDPR. Our legitimate interest is to ensure the smooth use and essential basic functions of the website.

Non-Required Cookies We also use non-required cookies, for example, to collect additional information about the interests of visitors to our website or about their usage behavior, in order to analyze and optimize our website and generally our customer interactions on this basis.
Non-required cookies are only set if you have expressly consented to the setting of the non-required cookies. The legal basis for the processing of personal data using such non-required cookies is your explicit consent pursuant to Art. 6 (1) S.1 lit. a) GDPR.

4.2 Request by e-mail, phone or fax

If you contact us by e-mail, telephone, your request including all resulting personal data (e.g. name, request) will be stored and processed by us for the purpose of processing your request. The processing of this data is based on Art. 6 para. 1 p. 1 lit. b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 para. 1 p. 1 lit. f) GDPR) or on your consent (Art. 6 para. 1 p. 1 lit. a) GDPR) if this was requested. The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

4.3 Chatbot: Intercom

We use a chatbot from Intercom, Inc. (55 2nd Street, 4th Floor, San Francisco, CA 94105 USA; "Intercom") a messenger and communication service provider to handle customer inquiries. The chatbot offers you the opportunity to get your questions answered as quickly as possible. When you contact us via chatbot, your conversation including all personal data resulting from it (e.g. name, inquiry, IP address, etc.) will be stored and processed by us for the purpose of processing your request The processing of this data is based on Art. 6 (1) p. 1 lit. b) GDPR, provided that your request is related to the performance of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 para. 1 p. 1 lit. f) GDPR) or on your consent (Art. 6 para. 1 p.1 lit. a) GDPR) if this was requested. If the legal basis for data processing ceases to exist, all personal data entered by you will be deleted. Data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons) remains unaffected. Your data may also be processed in countries outside the European Union when using the chatbot. In the USA, the general level of data protection is not congruent with that which exists in the European Union; it also cannot be ruled out that authorities in the USA or in other countries may be able to access your data. For more information on the safeguards for securing data transfers, please see Section 6 below. For more information about Intercom's data processing, please refer to their privacy policy at https://www.intercom.com/terms-and-policies#privacy.

4.4 Registration on this website

You can register on our website by providing personal data in order to use additional functions on the website. The data is entered in an input mask and transmitted to us and stored. Registration is required for the provision of certain content and services on our website. Registration provides you with the opportunity to access the mobile app and web app. You can use the various functions of getquin, e.g. portfolio aggregation, view key figures on various stocks and read the various posts from the community, comment on them and write posts yourself.

The following data is collected during the registration process:

  • Username
  • Email address

The following data is also stored at the time of registration:

  • Email address
  • IP address
  • First name
  • Last name
  • Username
  • Profile picture
  • Language
  • Country
  • Currency
  • Broker name
  • Transactions from broker
  • IP address
  • User behavior
  • Additional context may include IP, device information, etc.

The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if necessary, for initiating further contracts (Art. 6 para. 1 p. 1 lit. b) GDPR). The data collected during registration will be stored by us as long as you are registered on our website and will then be deleted. Mandatory legal provisions - in particular legal retention periods - remain unaffected.

4.5 Registration with Facebook Connect

Instead of registering directly on this website, you can also register with Facebook Connect. The provider of this service is Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland; "Facebook").
If you decide to register with Facebook Connect and click on the "Login with Facebook"/"Connect with Facebook" button, you will automatically be redirected to the Facebook platform. There you can log in with your usage data. This links your Facebook profile to this website or our services. This link gives us access to your data stored on Facebook. These are mainly:

  • Facebook name
  • Facebook profile and cover picture
  • Facebook cover picture
  • Email address on file with Facebook
  • Facebook ID
  • Facebook friends lists
  • Facebook Likes ("Like" votes)
  • Birthday
  • Gender
  • Country
  • Language

This data is used to set up, provide, and personalize your account. We use Facebook Connect to facilitate the registration process for you and to shorten it. The registration with Facebook Connect and the associated data processing operations are based on your consent (Art. 6 para. 1 p.1 lit. a) GDPR). You can revoke this consent at any time with effect for the future. All data will be stored for as long as it is required to fulfill the stated purpose and then deleted, unless there is a legal obligation to retain it. With regard to the data processed by Facebook, we also refer to the Facebook privacy policy. Your data may also be processed in countries outside the European Union when using Facebook Connect. In the USA, the general level of data protection is not congruent with that which exists in the European Union; it also cannot be ruled out that authorities in the USA or in other countries may be able to access your data. Further information on the protective measures for safeguarding data transfer can be found below under item 7. For more information on data protection at Facebook, please refer to the Facebook privacy policy at https://de-de.facebook.com/about/privacy/.

4.6 Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. For registration we use the so-called double-opt-in procedure. In this process, after you have registered on our website, you will receive an e-mail with a link that you can use to confirm that you are the owner of the e-mail address and wish to create a user account on our website. If your confirmation is not received within 12 hours, your registration and your personal data provided in the process will be automatically deleted. The processing of the data entered in the newsletter registration form is based on your consent (Art. 6 para. 1 p.1 lit. a) GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this. After your unsubscription from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future newsletter e-mails. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f) GDPR). The storage in the blacklist is limited to a maximum of 2 years. You can object to the storage if your interests outweigh our legitimate interest.

4.7 Application: by e-mail, by post or via online application form

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Section 26 (1) of the German Federal Data Protection Act (initiation of an employment relationship), Article 6 (1) sentence 1 lit. b) of the General Data Protection Regulation (GDPR) (general contract initiation) and - if you have given your consent - Article 6 (1) sentence 1 lit. a) of the GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to store the data you have provided with us for up to 6 months from the end of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests (Art. 6 para. 1 p.1 lit. f) GDPR). The data will then be deleted and the physical application documents destroyed. This storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies. Longer storage may also take place if you have given your corresponding consent (Art. 6 para. 1 p.1 lit. a) GDPR) or if legal storage obligations prevent deletion. If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies. Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1 p.1 lit. a) GDPR). The provision of consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal reasons for retention. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

5. Integrated third party services

In order to offer the functions of our website, we integrate third-party services. In the following, we distinguish between functional services and analysis services.

5.1 Functional services

Functional services enable you to use our website smoothly and are mandatory to use our website.

5.1.1 Cloudflare

We use functions of the company Cloudflare, Inc. 101 Townsend St., San Francisco, CA 94107, USA (hereinafter "Cloudflare"). Cloudflare offers a globally distributed content delivery network. This technically routes the transfer of information between your browser and our website through Cloudflare's network. This enables Cloudflare to analyze traffic between your browser and our website and to serve as a filter between our servers and potentially malicious traffic from the Internet. In doing so, Cloudflare may also use cookies or other technologies to recognize Internet users, but these are used solely for the purpose described herein. The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 p.1 lit. f) GDPR). All data is stored for as long as it is required to fulfill the aforementioned purpose and then deleted, unless there is a legal obligation to retain it. You can find more information about security and data protection at Cloudflare here: https://www.cloudflare.com/privacypolicy/

5.1.2 Stripe

On this website, we offer, among other things, payment using the services of Stripe Payments Europe, Ltd,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe"). When you make a payment via Stripe, your payment data is forwarded to Stripe via an interface on our site in order to make the payment. You can read details about this in Stripe's privacy policy at the following link: https://stripe.com/de/privacy. The transfer of your data to Stripe is based on Art. 6 para. 1 p.1 lit. b) GDPR as well as on our legitimate interest in using reliable and secure payment processes (Art. 6 para. 1 p.1 lit. f) GDPR). All data is stored for as long as it is required to fulfill the aforementioned purpose and then deleted, unless there is a legal obligation to retain it.

5.2 Analytics services

Analytics services help us better understand how our website is used.

5.2.1 Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, dwell time, operating systems used and the origin of the user. This data may be summarized by Google in a profile that is assigned to the respective user or their end device. Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is transferred to a Google server in the USA and stored there. In the USA, however, the general level of data protection is not the same as that which exists in the European Union; it also cannot be ruled out that authorities in the USA or other countries may be able to access your data. We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
The storage of the data is based on your consent, Art. 6 para. 1 p.1 lit. a) GDPR. You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Demographic characteristics in Google Analytics This website uses the "demographic characteristics" function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection". Data stored by Google at user and event level that is linked to cookies, user IDs (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. For details, please see the following link: https://support.google.com/analytics/answer/7667196?hl=de

5.2.2 Google Ads

The website operator uses the online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads enables us to play out advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms have led to the display of our advertisements and how many ads have resulted in corresponding clicks. The use of Google Ads only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future.

5.2.3 Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of Google conversion tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification. The use of Google conversion tracking only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. More information on Google conversion tracking can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de.

5.2.4 Facebook Pixel

This website uses the services of Meta Platforms Ireland Limited ("Facebook"), 4 Grand Canal Square, Dublin 2, Ireland for conversion measurement of the visitor action pixel.
This makes it possible to track the behavior of page visitors after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized. The collected data is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. This use of the data cannot be influenced by us as the site operator. The use of Facebook Pixel only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. You can also deactivate the remarketing function "Custom Audiences" in the settings for advertisements section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/. You can find more information about protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

5.2.5 Segment

The getquin application uses the Segment analytics service. The provider is Segment.io, Inc. 100 California Street, Suite 700 San Francisco, CA 94111. Segment is used to analyze user data in mobile devices and the Internet. The data is stored on Segment servers in the USA. However, the general level of data protection in the USA is not the same as that which exists in the European Union; it also cannot be ruled out that authorities in the USA or in other countries may be able to access your data. Further information on the protective measures for safeguarding data transfer can be found below under section 6. The use of Segment only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. You can also find more information about Segment's data protection here: https://segment.com/legal/privacy/Mixpanel

5.2.6 Customer.io

The getquin application uses Customer.io. Provider is Peaberry Software, Inc. 921 SW Washington Street, Suite 820, Portland, Oregon 97205. Customer.io is used to send contextual messages (e.g. newsletters). Your personal data is stored on servers operated by Peaberry Software, Inc. in the USA. However, the general level of data protection in the USA is not the same as that which exists in the European Union; it also cannot be ruled out that authorities in the USA or in other countries may be able to access your data. Further information on the protective measures for safeguarding the transfer of data can be found below under point 6. The use of customer.io only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. For further information, please refer to the privacy policy of Peaberry Software, Inc.:https://customer.io/legal/privacy-policy/.

5.2.7 AppsFlyer

The getquin application uses the mobile analytics service "AppsFlyer". AppsFlyer is a service provided by AppsFlyer Ltd, Maskit St. 14, Hertsliya, Israel. The AppsFlyer service makes the success of mobile advertising campaigns measurable by measuring the effectiveness of app install campaigns.
AppsFlyer is only used after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. If you do not want AppsFlyer to collect and process data, you can download an opt-out cookie via the following link: https://www.appsflyer.com/optout. Once you delete your cookies, you will also need to download the opt-out cookie again. For more information about data protection at AppsFlyer, please refer to the privacy policy at: https://www.appsflyer.com/privacy-policy/.

5.2.8 FinanceAds

We use the services of financeAds GmbH & Co. KG, Karlstraße 9, 90403 Nuremberg ("financeAds"). Our ads are shown on partner websites of the networks (third-party providers). Cookies are used for this purpose, which assign a pseudonymized user ID to the user when calling up an ad based on, among other things, the type as well as the time of the clicked ad. We can then use the stored data to determine whether the user has registered in our application. The use of financeAds only takes place after explicit consent according to Art. 6 para. 1 p. 1 lit. a) GDPR. This can be revoked at any time with effect for the future. Further information can also be found in the privacy policy of financeAds: https://www.financeads.net/aboutus/datenschutz/.

5.2.9 Smartlook

This website utilizes Smartlook, a product analytics tool provided by Smartsupp.com, s.r.o., with its registered office at Milady Horákové 13, 602 00 Brno, Czech Republic (website: https://www.smartlook.com/) to analyze user behavior on this website and record mobile app sessions to improve the user experience of our visitors. It enables us to record mouse movements, clicks, and scrolling activity of the users. Smartlook may also collect information about the length of time the cursor stays in a specific position. With this data, Smartlook generates Heatmaps, which help us understand the parts of the website that the visitors find most interesting. We exclude all sensitive information, such as login credentials, payment information, or personally identifiable information, from these recordings to protect the privacy of our users. Additionally, Smartlook helps us identify the pages that visitors spend the most time on, and when they exit. We may also use Smartlook to track conversion funnels and obtain direct feedback from website visitors to improve our offerings. Smartlook uses technologies like cookies or device fingerprinting to recognize the user and analyze user behavior patterns. The use of this analysis tool is based on Art. 6 Sect. 1 lit. f) GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator's web offerings and advertising. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a) GDPR; the agreement can be revoked at any time. If you would like to deactivate the recording of data by Smartlook, please click on the link below and follow the instructions provided under the link: https://www.smartlook.com/opt-out/. Please note that you will have to separately deactivate Smartlook for every browser and every device. For more detailed information about Smartlook and the data to be recorded, please consult the Data Privacy Declaration of Smartlook under the following link: https://www.smartlook.com/help/privacy-statement/.

5.3.0 Plaid

The getquin application uses Plaid Inc. and its affiliates and subsidiaries, including Plaid Financial Ltd. and Plaid, B.V. (collectively, “Plaid”), registered at PO Box 7775 #35278, San Francisco, California 94120-7775. Plaid enables among others users to provide access to a point-in-time consolidated summary of their financial account data—like account balances, transaction histories, and account holder identity information—to Plaid and the apps and services they choose. Plaid collect identifiers, financial information, commercial data, location data, electronic network activity data, and derives inferences from this data. For further information, please refer to the privacy policy of Plaid: https://plaid.com/legal/#end-user-services-agreement-us.

6. Disclosure of personal data to third parties

6.1 External hosting

Our website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 p. 1 lit. b) GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 p.1 lit. f) GDPR). Our hoster will only process your data to the extent necessary to fulfill its service obligations.

6.2 Other cases

Except in the cases mentioned in this Privacy Policy, your personal data will not be disclosed to third parties or processors within the meaning of Article 28 of the GDPR. If we are legally entitled or obliged to do so (e.g. due to applicable law or a court order), we may disclose your personal data.

7. Transfer of personal data to third countries

Please note that data processed in other countries may be subject to foreign laws and may be accessible to local governments, courts, law enforcement and regulatory authorities. However, when transferring your personal data to third countries, we will take appropriate measures to adequately secure your data. Unless an adequacy decision of the EU Commission exists for the recipient country, the transfer of your data to a third country is protected by the fact that EU standard contractual clauses have been concluded with the recipient or binding internal data protection guidelines are in place. Otherwise, a transfer will only take place if an exception according to Art. 49 GDPR is fulfilled.

8. Storage periods

Our aim is to process your personal data only to the minimum extent possible. We will therefore only store your personal data for as long as it is necessary to fulfill the purpose for which it was originally collected or - if applicable - for as long as longer storage (for example, to fulfill commercial and tax retention obligations) is required or justified by law.

9. Your data protection rights

Depending on the circumstances of the specific case, you have the following data protection rights:

  • Information: you have the right to request information about and access to your personal data and/or copies of this data. This includes information about the purpose of the use, the category of data used, its recipients and authorized persons and, if possible, the planned duration of data storage or, if this is not possible, the criteria for determining this duration.
  • Correction, blocking, deletion: you have the right to demand the correction, deletion or restriction of the processing of your personal data, insofar as their use is inadmissible under data protection law. This is the case in particular if (i) the data is incomplete or inaccurate, (ii) it is no longer necessary for the purposes for which it was collected, (iii) the consent on which the processing was based has been revoked, or (iv) you have successfully exercised a right to object to data processing; in cases where the data is processed by third parties, we will forward your requests for rectification, erasure or restriction of processing to those third parties, unless this proves impossible or involves a disproportionate effort;
  • Refusal/revocation of your consent: many data processing operations are only possible with your explicit consent. You have the right to refuse your consent or to revoke consent you have already given - without affecting the lawfulness of the data processing operations carried out prior to revocation - at any time.
  • Automated decision-making, including profiling: you have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you;
  • Data portability: you have the right to have data that you have provided to us handed over to you or to a third party in a commonly used structured, machine-readable format. However, the right to request direct transfer to another controller only exists to the extent that this is technically feasible.
  • Right of complaint to the competent supervisory authority: if you believe that your rights have been violated as a result of processing of your personal data that is not in compliance with data protection law, you have the right to lodge a complaint with the competent supervisory authority.
  • Right to object: you have the right to object to the processing of your personal data at any time, insofar as we process your personal data for purposes of direct advertising or insofar as we process your personal data for the pursuit of our legitimate interests and there are reasons arising from your particular situation.

You may (i) exercise the above rights or (ii) ask questions or (iii) lodge a complaint against the processing of your personal data carried out by us by contacting us - as indicated in section 2 above.

10. Privacy policy update

We reserve the right to change this privacy policy as our website is updated. Please visit this website regularly to review the most current Privacy Policy. This Privacy Policy was last updated on 30th March 2023.