Last updated: December, 23 2020
Name and address of the data controller
The data controller responsible for compliance with the General Data Protection Regulation as well as other data protection regulations, including the national data protection laws of the EU Member States, is:
KptnCook GmbH
Mariendorfer Weg 64,
12051 Berlin,
Germany
Phone: +49 176 43655171
Email: support@kptncook.com
Website: https://www.kptncook.com/
represented by the Managing Director Alexander Reeg
We only process personal data of our users to the extent that this is necessary for the provision of a functional website as well as our content and services. We regularly collect and use your personal data, but only with your consent. An exception applies in those cases where prior consent cannot be obtained for legal or factual reasons and the processing of the data is permitted by law.
Insofar as we obtain your consent for the processing of your personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) is the legal basis. When processing personal data that is necessary to fulfill an agreement with you, Art. 6 para. 81) (b) GDPR is the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR is the legal basis.In the event that your vital interests or those of another natural person require the processing of personal data, Art. 6 1 lit. d GDPR is the legal basis. If processing is necessary to safeguard our legitimate interest or that of a third party and if your interests, fundamental rights, and freedoms do not outweigh the former, Art. 6 para. 1 lit. f GDPR is the legal basis.
Your personal data will be deleted or blocked as soon as the purpose for its storage no longer pertains. Your data may, however, continue to be stored if required by EU or national regulations, laws, or other provisions to which we are subject. Data will be blocked or deleted once said retention periods expire, unless its further retention is required to establish or fulfill a contractual relationship.
Every time you visit our website, our system automatically collects data and information from your computer system. The following data is collected:
The data are also stored in the log files of our system. This data is not stored together with any other personal data we may have collected about you.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to your computer. The data is stored in log files in order to ensure the website’s functionality. The data is also used to optimize the website and to ensure the security of our information technology systems. We do not evaluate this data for any marketing purposes. These purposes also encompass our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected for the provision of the website, it will be retained for a maximum of 7 days.
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, you do not have the possibility to object to its collection.
In addition to us, our hosting service provider Heroku, Salesforce, 415 Mission St., 3rd Floor, San Francisco, CA 94105, USA, has access to this data. It supports us in the operation and maintenance of the website. More information on their privacy policy can be found at https://www.salesforce.com/company/privacy/. Our service provider SolarWinds Worldwide, LLC, 7171 Southwest Parkway, Bldg 400, Austin, Texas 78735, USA, also has access to this data. It supports us with log management for website hosting. More information on their privacy policy can be found at https://www.solarwinds.com/legal/privacy. Our cloud monitoring service provider New Relic, Inc., 188 Spear Street, Suite 1200, San Francisco, CA 94105, USA, also has access to this data. More information on their privacy policy can be found at https://newrelic.com/termsandconditions/privacy. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you visit the website, you consent to the transmission of the data and to any access by these authorities.
Our website uses cookies. Cookies are text files that are stored on or by your internet browser. If you visit a website, a cookie may be stored on your operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again.
We use cookies to make our website more user-friendly. The following data is stored in the cookies:
Language settings: Saving the language settings enables the website to be displayed in the previously set language when the page is accessed again.
In addition, we use cookies on our website that enable us to analyze the surfing behavior of the users. The following data can be transmitted in this way:
When accessing our website, the user is informed regarding the use of cookies for analytical purposes and his or her consent to the processing of personal data used in this context is obtained. We will at that time also make reference to this Privacy Policy.
The legal basis for processing personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for processing personal data by using cookies for analytical purposes, if the user’s consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR. The consent is obtained when the website is accessed through a so-called consent / cookie banner.
The purpose of using such technically essential cookies is to simplify your use of the website. Some features of our website cannot be offered without the use of cookies. We use cookies to adopt language settings. The user data collected through technically necessary cookies are not used to create user profiles. The analytics cookies are used to improve the quality of our website and its content. Using analytics cookies, we learn how the website is used and can thereby constantly optimize our service. For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 para. 1 lit. f GDPR.
Cookies are stored on the user’s computer and transmitted to our website. You therefore have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it is possible that you will no longer be able to use all of its features.
In addition to us, our analytics service provider Google Analytics, Google, 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA, has access to this data. It supports us in the operation and maintenance of the website. More information on their privacy policy can be found at https://cloud.google.com/security/privacy. We also refer to our comments on Google Analytics under X.
You can subscribe to a free newsletter on our website, on our blog and in our app (as a registered user). The following data is collected when you register:
A double opt-in procedure is used to process the data, i.e. the newsletter subscription must first be activated by the user in a confirmation email.
If the user’s consent has been obtained, the legal basis for processing your data you sign up for our newsletter is Art. 6 para. 1 lit. a GDPR
The user’s email address is collected in order to deliver the newsletter.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Therefore, the user’s email address will be stored for as long as the newsletter subscription is active
You may cancel your subscription to the newsletter at any time. A relevant link can be found in every newsletter for this purpose. This also allows for withdrawal of consent to the storage of personal data collected during the subscription process.
In addition to us, our newsletter service provider Iterable, Inc., 71 Stevenson St, #300 San Francisco, CA 94105, USA, has access to this data. It supports us in sending and tracking the newsletter. More information on their privacy policy can be found at https://iterable.com/trust/privacy-policy/. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you visit the website, you consent to the transmission of the data and to any access by these authorities.
The newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic which is embedded into emails sent in HTML format to allow log data to be recorded and analysed. This is used for the statistical evaluation of online marketing campaigns, i.e. to evaluate whether and when an e-mail was opened by a data subject and which links in the e-mail were called up by the data subject.
If you have given your consent when subscribing to our newsletter, the legal basis for processing your data is Art. 6 para. 1 lit. a GDPR.
The purpose of this processing is to improve the quality of the newsletter and to optimize our offers.
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Therefore, the user’s email address will be stored for as long as the newsletter subscription is active.
The user can prevent tracking by setting his email program so that it does not load any images in an email. The user can revoke the consent given to this at any time. If the user unsubscribes from the newsletter, this is also considered a revocation of the newsletter tracking.
In addition to us, our newsletter service provider Iterable, Inc., 71 Stevenson St, #300 San Francisco, CA 94105, USA, has access to this data. It supports us in sending and tracking the newsletter. More information on their privacy policy can be found at https://iterable.com/trust/privacy-policy/. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you visit the website, you consent to the transmission of the data and to any access by these authorities.
It is possible to contact us by email. In this case, the user’s personal data that is transmitted along with the email will be stored. This data includes:
The data provided in this connection will not be disclosed to third parties. The data will be used exclusively to carry out the conversation.
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If you send us an e-mail with the intention of entering into an agreement with us, this creates an additional legal basis for its processing as per Art. 6 1 lit. b GDPR.
The purpose of the processing is to initiate and establish a contact. In the event that a contact request is sent by email, this also constitutes the necessary legitimate interest in processing the data.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.
If you contact us by email, you may object to the storage of your personal data at any time. If you exercise this right, it will not be possible to continue our conversation.
Our email service provider Google, 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA, has access to this data. We use the Google product Gmail to send and receive emails. More information on their privacy policy can be found at https://cloud.google.com/security/privacy. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you visit the website, you consent to the transmission of the data and to any access by these authorities.
You have the opportunity to comment on posts on our blog. In this context, you will be asked to provide the following data:
Your comment will be published on our website. Please note that we may check this manually before publication and that comments may therefore appear with a delay. If you give a name (this can also be a pseudonym) and/or your email address, this will be published next to your comment. If not, your comment will be published anonymously. If you would like to object to the processing of your data transmitted via the comment function, please contact the email address given in the legal notice.
The legal basis of processing is Art. 6 para. 1 lit. f GDPR. Our interest is to enable an exchange of views. Please note that we manually approve comments before they are published, which can mean that your comments are only published with some delay, especially on weekends.
The purpose of the comment function and thus the processing of your data is to exchange views.
The publication of your comment - as well as your name and e-mail address - are generally unlimited.
You can object to the publication and processing of your data at any time. In this case we will delete your data, especially your comment.
We use Wordpress to host our blog. In addition to us, our hosting service provider DigitalOcean, LLC, 485 Massachusetts Ave, Cambridge, MA 02139, USA has access to this data. It supports us in providing the blog. More information on their privacy policy can be found at https://www.digitalocean.com/legal/privacy-policy/. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you visit the website, you consent to the transmission of the data and to any access by these authorities.
You can take part in competitions via our website or through the newsletter. In order to enable you to participate in the competition, we collect personal data:
According to Art. 6 para. 1 (a), we are entitled to collect, store and transmit personal data if the data subject has consented to the data processing.
Your data will only be used to carry out the competition and not for any other purpose.
We process your data to the extent and duration it is necessary for the implementation and processing of the competition and for the fulfillment of statutory retention requirements.
You can object to the processing of your data at any time and request that your data be deleted. However, further participation in the competition is then no longer possible.
Your data will only be passed on to third parties if this is necessary for the implementation of the competition. The data will not be transmitted to other third parties.
This website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable the analysis of your use of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on a server located in the United States. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, for compiling reports on website activity, and for providing other services relating to the website activity and internet activity to the website operator. The IP address transmitted by your browser within Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. We would like to point out that your IP address will be sent to Google servers, which may be in the USA, i.e. a third country outside the EU. The USA currently does offer the same level of data protection that is provided within the EU. In particular, there are insufficient legal protection options. In addition, US laws allow US secret services and authorities such as CIA, NSA access to servers such as Google and "telephone and internet lines" from the USA, so that your IP address could potentially be accessed by the secret services. The previous agreements between the USA and the EU, Safe Harbor and Privacy Shield, which were supposed to ensure an adequate level of data protection between the USA and the EU, have been declared invalid by the European Court of Justice, so that they no longer apply. The EU and the US have to renegotiate the agreements. You can find the Google privacy policy under the following link: https://policies.google.com/privacy?hl=de. The following cookies are set by Google:
We obtain your consent to the use of Google Analytics and the setting of a cookie by Google on your computer with the help of a so-called cookie consent banner when you access the website. By ticking the box, the user actively consents to the data processing described here under VIII. For the purposes described here. In particular, you also consent to US secret services being able to access the server, the “telephone and internet lines”, and thus your IP address, when your IP address is transmitted to Google servers in the USA. You expressly agree to this. The legal basis is Art. 6 para. 1 lit. a, 7, 49 para. 1 lit. a GDPR.
We use Google Analytics to analyze your surfing behavior so that we can better tailor the offers on our website and our products to your needs.
The cookies are stored by Google on your device and transmitted to our site. You therefore have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it is possible that you will no longer be able to use all of its features. In addition, the storage period of the cookies used and managed by Google results from the above list.
In addition to us, our analytics service provider Google Analytics, Google, 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA, has access to this data. It supports us in the operation and maintenance of the website. More information on their privacy policy can be found at https://cloud.google.com/security/privacy
We provide you with a mobile app that you can download onto your mobile device if you are at least 16 years old. The consent of your parents is required if you are not 16 years old, according to Art. 8 para. 1 sentence 2 GDPR. Below we inform you about the collection of personal data when using our mobile app. When using our app, our system collects data and information from the user’s mobile device. The following data is collected:
If the user’s consent has been obtained, the legal basis for processing the data is Art. 6 para. 1 lit. a GDPR.
With information about the user’s device, developers can address specific problems. Information on diet and user events improve the delivery of relevant content and help to continuously optimize the app. Device tokens are necessary to deliver push notifications and in-app messages. Here, information such as the location supports the targeted alignment of the messages. Further personal data is used to optimize the app and marketing.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or to fulfill the statutory retention obligations.
As an unregistered user, you have the option to delete the app at any time and thus prevent further future data processing. If you wish to delete or change the data, you can request this by email.
In our app, we offer users the opportunity to register by providing personal data. Registration is required to use an extended range of functions or to take out a subscription. The data is entered in input masks and transmitted to us and stored. In addition to the data that is collected when using the app, the following data is collected as part of the registration process:
The user’s consent to processing this data is obtained during the registration process.
If the user’s consent has been obtained, the legal basis for processing the data is Art. 6 para. 1 lit. a GDPR.
User registration is required for the provision of certain content and services on our website. With the registration it is possible to favorite more than 25 recipes, to create collections of recipes, to share shopping lists with other users and to log in on several devices at any time.
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case for the data collected during the registration process if the registration is canceled or changed.
As a user, you have the option of canceling the registration at any time. You may at any time change the data we have stored about you. The account can be deleted at any time via the settings in the KptnCook app.
You can take part in competitions via our website or through the newsletter. In order to enable you to participate in the competition, we collect personal data:
According to Art. 6 para. 1 (a), we are entitled to collect, store and transmit personal data if the data subject has consented to the data processing.
Your data will only be used to carry out the competition and not for any other purpose.
We process your data to the extent and duration it is necessary for the implementation and processing of the competition and for the fulfillment of statutory retention requirements.
You can object to the processing of your data at any time and request that your data be deleted. However, further participation in the competition is then no longer possible.
Your data will only be passed on to third parties if this is necessary for the implementation of the competition. The data will not be transmitted to other third parties.
In addition to using the app for free, you have the option of signing up for a paid subscription or taking advantage of a subscription trial. This gives you access to an extended range of functions of the KptnCook app. If you wish to take advantage of a free trial period for a subscription or a paid subscription via an in-app purchase, information on the payment method, including credit card data and other information on the financial service provider, is collected and stored via the corresponding platform provider (Apple or Google). KptnCook itself does not process any information on credit or bank card details. We do not receive any personal data for the payment data processed by the platform providers, only:
If the user’s consent has been obtained, the legal basis for processing the data is Art. 6 para. 1 lit. a GDPR. When processing personal data that is necessary to fulfill an agreement with you, Art. 6 para. 1 lit. b GDPR is the legal basis.
By providing information about users’ attitudes towards individual diets, we can improve the delivery of relevant content and continuously optimize the service for our users; both within the app and in our marketing channels. Information on the method of payment, which was transmitted via the service providers Apple or Google, is necessary in order to use a trial subscription or a paid subscription.
We save your data to the extent and as long as this is necessary to achieve the aforementioned purposes and due to statutory retention requirements.
As a user, you have the possibility to object to data processing at any time and have your personal data deleted.
As far as this is necessary for the provision of the contractual service owed by us or legal obligations, your data will also be passed on to service providers. A list of all service providers can be found here.
Your personal data will only be passed on within the relevant requirements, in particular those relating to data protection and competition law. According to Art. 6 para. 1 (a), we are entitled to collect, store and transmit personal data if the data subject has consented to the data processing.
The transfer of personal data to third parties serves to provide the service in the name of or on our behalf (e.g. technical processing of email dispatch, payment processing, dispatch of push notifications). The transfer of personal data to third parties enables us to offer the services related to KptnCook.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or to fulfill the statutory retention requirements. In addition, we refer to the data protection provisions of the respective service provider. A list of all service providers and their respective privacy policies can be found here.
As a user, you have the possibility to object to data processing at any time and have your personal data deleted.
In order to provide the services related to KptnCook, data is also transmitted to third countries. If processing by third party services takes place outside the European Union or the European Economic Area, these must meet the special requirements of Art. 44 et seq. GDPR.
The processing takes place on the basis of special guarantees, such as compliance with officially recognized contractual obligations, the so-called "standard contractual clauses".
The transfer of personal data to third parties serves to provide the service in the name of or on our behalf (e.g. technical processing of email dispatch, payment processing, dispatch of push notifications). The transfer of personal data to third parties enables us to offer the services related to KptnCook.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or to fulfill the statutory retention requirements. In addition, we refer to the privacy notices of the respective service providers. A list of all service providers and their respective privacy policies can be found here.
As a user, you have the possibility to object to data processing at any time and have your personal data deleted.
KptnCook works together with service providers to offer services related to KptnCook. A service provider receives personal data from KptnCook and is commissioned to process this data for certain purposes. Below is a list of all KptnCook service providers with the purpose and location of the data processing. Further details on data processing can be found in the respective privacy notices of the service providers. For more information contact support@kptncook.com. We would like to point out that these service providers are based in the USA, i.e. outside the EU. As the ECJ has established, there is currently no level of data protection in the USA comparable to that in the EU, as US authorities and secret services could access this data. If we obtain your consent when you access the app, you consent to the transmission of the data and any access by these authorities.
Service Provider |
Purpose of Data Processing |
Address |
Data Processing Details |
App Analytics |
1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA |
https://cloud.google.com/security/privacy |
|
FB Login, Analytics |
1601 Willow Rd Menlo Park, CA 94025, USA |
https://www.facebook.com/about/privacy/ |
|
Mixpanel |
Advanced Analytics |
1 Front St, San Francisco, CA 94111, USA |
https://mixpanel.com/legal/privacy-policy/ |
AppsFlyer |
Attribution Tracking |
100 1st St 25th floor, San Francisco, CA 94105, USA |
https://www.appsflyer.com/services-privacy-policy/ |
Iterable |
CRM, Analytics |
71 Stevenson St #300, San Francisco, CA 94105, USA |
https://iterable.com/trust/privacy-policy/ |
Branch |
Deep Linking, Analytics |
1400B Seaport Blvd floor 2, Redwood City, CA 94063, USA |
https://www.branchapp.com/privacy |
Salesforce |
Cloud Application Platform |
415 Mission St., 3rd Floor, San Francisco, CA 94105, USA |
https://www.salesforce.com/company/privacy/ |
Twilio |
E-Mail-Versand |
375 Beale St #300, San Francisco, CA 94105, USA |
https://www.twilio.com/legal/privacy |
Awin |
Affiliate Marketing Platform |
Eichhornstraße 3 10785 Berlin, Deutschland |
https://www.awin.com/gb/legal/privacy-policy |
Typeform |
User Survey Platform |
Carrer de Bac de Roda, 163, 08018 Barcelona, Spanien |
https://admin.typeform.com/to/dwk6gt |
New Relic |
Cloud Application Monitoring |
188 Spear Street, Suite 1200, San Francisco, CA 94105, USA |
https://newrelic.com/termsandconditions/privacy |
solarwinds |
Log Management Tool |
7171 Southwest Parkway, Bldg 400, Austin, Texas 78735, USA |
https://www.solarwinds.com/legal/privacy |
InterActiveCorp |
Video Hosting Platform |
555 West 18th Street New York, NY 10011, USA |
https://vimeo.com/privacy |
Amazon |
Voice Assistant, Hosting |
410 Terry Ave N, Seattle, WA 98109, USA |
https://aws.amazon.com/de/privacy/ |
Rackspace US |
Database Platform |
1 Fanatical Pl. City of Windcrest San Antonio, TX 78218, USA
|
https://www.objectrocket.com/privacy/ |
RevenueCat |
Subscription Management Tool |
633 Taraval St. Suite 101, San Francisco, CA, 94116 |
https://www.revenuecat.com/privacy |
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller. You can assert these rights by sending an email to support@kptncook.com:
You can request that we confirm whether we are processing or have processed personal data that concerns you. If such processing is taking place, you can request the following information:
You have a right to correct and/or add to the personal data we have on file about you if it is incorrect or incomplete. We must make the correction immediately.
Under the following conditions, you may request that the further processing of your personal data be restricted if:
If the processing of personal data concerning you has been restricted, such data may be processed - with the exception of their storage - only with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the data processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
a) Obligation to erase
You may request that we delete your personal data immediately and we must comply with this request if one of the following reasons applies:
b) Information to third parties
If we have published your personal data and are required to erase it under Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you have requested the deletion of all links to the same as well as any copies thereof.
c) Exceptions
The right to erasure does not apply insofar as the processing is necessary
If you have asserted the right to have your data corrected or deleted or have restricted its further processing, we are obliged to notify all recipients to whom your personal data has been disclosed of the same unless this proves to be impossible or involves disproportionate effort. You have the right to be informed about who these recipients are.
You have the right to obtain a copy of the personal data we have on file about you in a structured, commonly used, machine-readable format. Moreover, you have the right to transmit this data to another data controller without any obstruction from the data controller to whom the personal data has been given, if
In exercising this right, you also have the right to have us transfer the personal data we have on file about you directly to another party if this is technically feasible. This action must not affect the freedoms and rights of other persons. The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on us.
You have the right, for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time, which is carried out in accordance with Art. 6 para. 1 lit. e or f GDPR; the same applies to profiling based on these provisions. We will no longer process the personal data relating to you unless we can prove a compelling legitimate reason for the same which outweighs your interests, rights, and freedoms, or unless the processing serves to assert, exercise, or defend our legal claims. If the personal data that concerns you is being processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concerns you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object to processing that is for direct marketing purposes, the personal data that concerns you will no longer be processed for these purposes. In the context of the use of information company services, and Directive 2002/58/EC notwithstanding, you may exercise your right to object using an automated process.
You have the right to revoke your consent to this Privacy policy or the processing of your data at any time. This revocation will not affect the lawfulness of any processing done beforehand.
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner.
This shall not apply if the decision:
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR apply and appropriate measures have been taken to protect your rights and freedom as well as your legitimate interests. In the cases referred to in (1) and (3), we shall take reasonable measures to safeguard your rights, freedoms, and legitimate interests, including, at a minimum, the right to obtain the intervention of a person on our part to state our position and to challenge the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
The text of this Privacy Policy is translated. In case of inconsistency or discrepancy between the German version and any other language versions of the Privacy Policy, the German language version shall prevail.