Privacy Policy

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to briefly as "data") we process for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, as well as within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").

The terms used are not gender-specific.

Status: January 7, 2026

Table of Contents

Controller

First name, last name / company
Street, house number
ZIP code, city, country

E-mail address: firstname.lastname@exampledomain.eu

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the affected persons.

Types of Data Processed

  • Inventory data.
  • Payment data.
  • Contact data.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication and procedural data.
  • Log data.

Categories of Affected Persons

  • Service recipients and clients.
  • Interested parties.
  • Users.
  • Business and contractual partners.

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security measures.
  • Office and organizational procedures.
  • Organizational and administrative procedures.
  • Registration procedures.
  • Provision of our online offer and user-friendliness.
  • IT infrastructure.
  • Business processes and business management procedures.

Relevant Legal Bases

Relevant legal bases according to GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations in your or our country of residence may apply. If more specific legal bases are relevant in individual cases, we will inform you about this in the privacy policy.

  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR) - The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the request of the data subject.
  • Legal obligation (Art. 6 para. 1 s. 1 lit. c) GDPR) - The processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR) - the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains, in particular, special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases including profiling. Furthermore, state data protection laws of the individual federal states may apply.

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood of occurrence and the extent of the threat to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, transmission, security of availability and their separation. Furthermore, we have established procedures that ensure the exercise of data subject rights, data deletion and responses to threats to the data. Furthermore, we take into account the protection of personal data already in the development or selection of hardware, software and procedures in accordance with the principle of data protection through technology design and data protection-friendly default settings.

Securing online connections through TLS/SSL encryption technology (HTTPS): To protect the data of users transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), thereby protecting the data from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website is secured with an SSL/TLS certificate, this is indicated by the display of HTTPS in the URL. This serves as an indicator to users that their data is transmitted securely and encrypted.

Transmission of Personal Data

In the course of our processing of personal data, it may happen that this data is transmitted to or disclosed to other places, companies, legally independent organizational units or persons. Recipients of this data may include, for example, IT service providers commissioned with IT tasks or providers of services and content embedded in a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements that serve the protection of your data with the recipients of your data.

International Data Transfers

Data processing in third countries: If we transfer data to a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or this happens in the context of the use of services from third parties or the disclosure or transmission of data to other persons, places or companies (which becomes apparent, for example, from the postal address of the respective provider or if this is expressly mentioned in the privacy policy), this is always done in accordance with legal requirements.

For data transfers to the USA, we primarily rely on the Data Privacy Framework (DPF), which was recognized as a secure legal framework by an adequacy decision of the EU Commission dated 10.07.2023. In addition, we have concluded standard contractual clauses with the respective providers, which comply with the requirements of the EU Commission and establish contractual obligations to protect your data.

This dual protection ensures comprehensive protection of your data: The DPF forms the primary protection level, while the standard contractual clauses serve as additional security. If changes occur within the DPF, the standard contractual clauses serve as a reliable fallback option. This ensures that your data remains adequately protected even in the event of possible political or legal changes.

For the individual service providers, we inform you whether they are certified under the DPF and whether standard contractual clauses are in place. Further information on the DPF and a list of certified companies can be found on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/ (in English).

For data transfers to other third countries, corresponding security measures apply, in particular standard contractual clauses, express consents or legally required transfers. Information on third country transfers and applicable adequacy decisions can be obtained from the EU Commission's information offer: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=en.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the underlying consents are revoked or other legal grounds for processing cease to apply. This applies to cases where the original processing purpose ceases to apply or the data is no longer required. Exceptions to this rule exist if legal obligations or special interests require longer storage or archiving of the data.

In particular, data that must be stored for commercial or tax reasons or whose storage is necessary for legal prosecution or to protect the rights of other natural or legal persons must be archived accordingly.

Our privacy notices contain additional information on the storage and deletion of data that apply specifically to certain processing processes.

If several details on storage periods or deletion deadlines of a data apply, the longest period is always decisive. Data that is stored beyond the original purpose or for other reasons on the basis of legal provisions is processed exclusively for the reasons justifying their storage.

Storage and deletion of data: The following general periods apply for storage and archiving under German law:

  • 10 years - Retention period for books and records, annual financial statements, inventories, management reports, opening balance sheet and the working instructions and other organizational documents required for their understanding (§ 147 para. 1 no. 1 in conjunction with para. 3 AO, § 14b para. 1 VAT Act, § 257 para. 1 no. 1 in conjunction with para. 4 HGB).
  • 8 years - Booking vouchers, such as invoices and expense receipts (§ 147 para. 1 no. 4 and 4a in conjunction with para. 3 sentence 1 AO as well as § 257 para. 1 no. 4 in conjunction with para. 4 HGB).
  • 6 years - Other business documents: received commercial or business letters, copies of sent commercial or business letters, other documents, if they are relevant for taxation, e.g. hourly wage slips, operating calculation sheets, price markings, but also wage calculation documents, if they are not already booking vouchers and cash register strips (§ 147 para. 1 no. 2, 3, 5 in conjunction with para. 3 AO, § 257 para. 1 no. 2 and 3 in conjunction with para. 4 HGB).
  • 3 years - Data necessary to consider potential warranty and liability claims or similar contractual claims and rights, based on previous business experience and common industry practices, are stored for the duration of the regular statutory limitation period of three years (§§ 195, 199 BGB).

Start of period at the end of the year: If a period does not start expressly on a specific date and is at least one year, it starts automatically at the end of the calendar year in which the triggering event occurred. In the case of ongoing contractual relationships in which data is stored, the triggering event is the time of the effectiveness of the termination or other termination of the legal relationship.

Rights of Data Subjects

Rights of data subjects under the GDPR: You are granted various rights under the GDPR as data subjects, which arise in particular from Art. 15 to 21 GDPR:

  • Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is connected with such direct marketing.
  • Right to withdraw consents: You have the right to withdraw consents given at any time.
  • Right to information: You have the right to request confirmation as to whether data concerning you is being processed and to information about this data as well as further information and a copy of the data in accordance with legal requirements.
  • Right to rectification: You have the right, in accordance with legal requirements, to request the completion of data concerning you or the rectification of incorrect data concerning you.
  • Right to erasure and restriction of processing: You have the right, in accordance with legal requirements, to demand that data concerning you be erased immediately or, alternatively, in accordance with legal requirements, to demand a restriction of the processing of the data.
  • Right to data portability: You have the right to receive data concerning you that you have provided to us in accordance with legal requirements in a structured, common and machine-readable format or to request that it be transmitted to another controller.
  • Complaint to supervisory authority: You have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the provisions of the GDPR.

Business Services

We process data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners"), in the context of contractual and comparable legal relationships as well as associated measures and in relation to the communication with the contractual partners (or pre-contractual), e.g. to answer inquiries.

We use this data to fulfill our contractual obligations. This includes in particular the obligations to provide the agreed services, any update obligations and remedy for warranty and other service disruptions. Furthermore, we use the data to safeguard our rights and for the purposes of administrative tasks associated with these obligations as well as corporate organization. Furthermore, we process the data on the basis of our legitimate interests in proper and business-like business management as well as security measures to protect our contractual partners and our business operations from misuse, endangerment of their data, secrets, information and rights (e.g. for the involvement of telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent necessary for the aforementioned purposes or to fulfill legal obligations. We inform contractual partners about further forms of processing, e.g. for marketing purposes, in the context of this privacy policy.

We inform contractual partners before or in the context of data collection, e.g. in online forms, through special marking (e.g. colors) or symbols (e.g. asterisks), or in person, which data is necessary for the aforementioned purposes.

We delete the data after expiry of statutory warranty and comparable obligations, i.e. generally after four years, unless the data is stored in a customer account, e.g. as long as it must be kept for legal reasons for archiving (e.g. for tax purposes usually ten years). Data disclosed to us in the context of an order from the contractual partner is deleted in accordance with the specifications and generally after the end of the order.

  • Types of data processed: Inventory data (e.g. full name, residential address, contact information, customer number, etc.); Payment data (e.g. bank details, invoices, payment history); Contact data (e.g. postal and e-mail addresses or telephone numbers). Contract data (e.g. subject matter of the contract, term, customer category).
  • Affected persons: Service recipients and clients; Interested parties. Business and contractual partners.
  • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations; Communication; Office and organizational procedures; Organizational and administrative procedures. Business processes and business management procedures.
  • Storage and deletion: Deletion in accordance with the information in the section "General Information on Data Storage and Deletion".
  • Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR); Legal obligation (Art. 6 para. 1 s. 1 lit. c) GDPR). Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Provision of software and platform services: We process the data of our users, registered and any test users (hereinafter uniformly referred to as "users"), in order to be able to provide them with our contractual services and on the basis of legitimate interests to ensure the security of our offer and to further develop it. The required details are marked as such in the context of the order, offer or comparable contract conclusion and include the details required for service provision and billing as well as contact information in order to be able to hold any consultations; Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR).

Payment Procedures

In the context of contractual and other legal relationships, on the basis of legal obligations or otherwise on the basis of our legitimate interests, we offer the data subjects efficient and secure payment options and use other service providers in addition to banks and credit institutions (collectively "payment service providers"). The payment transaction is carried out in accordance with the state of the art exclusively via encrypted connections, so that the data entered is protected from unauthorized access during transmission.

The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums as well as contract, sum and recipient-related details. The details are required to carry out the transactions. However, the entered data is only processed by the payment service providers and stored with them. I.e., we do not receive any account or credit card related information, but only information with confirmation or negative information about the payment. Under certain circumstances, the data is transmitted by the payment service providers to credit agencies. This transmission aims at identity and credit checks. For this, we refer to the terms and conditions and data protection notices of the payment service providers.

The business conditions and data protection notices of the respective payment service providers apply to payment transactions, which can be accessed within the respective websites or transaction applications. We also refer to these for further information and assertion of revocation, information and other data subject rights.

  • Types of data processed: Inventory data (e.g. full name, residential address, contact information, customer number, etc.); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category); Usage data (e.g. websites visited and length of stay, click paths, intensity and frequency of use, types of devices and operating systems used, interactions with content and functions); Meta, communication and procedural data (e.g. IP addresses, time information, identification numbers, persons involved). Contact data (e.g. postal and e-mail addresses or telephone numbers).
  • Affected persons: Service recipients and clients. Business and contractual partners.
  • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations. Business processes and business management procedures.
  • Storage and deletion: Deletion in accordance with the information in the section "General Information on Data Storage and Deletion".
  • Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR). Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

Provision of the Online Offer and Web Hosting

We process the data of users in order to be able to provide them with our online services. To this end, we process the IP address of the user, which is necessary to transmit the content and functions of our online services to the browser or end device of the users.

  • Types of data processed: Usage data (e.g. websites visited and length of stay, click paths, intensity and frequency of use, types of devices and operating systems used, interactions with content and functions); Meta, communication and procedural data (e.g. IP addresses, time information, identification numbers, persons involved). Log data (e.g. logfiles concerning logins or the retrieval of data or access times.).
  • Affected persons: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Provision of our online offer and user-friendliness; IT infrastructure (operation and provision of information systems and technical devices (computers, servers etc.)). Security measures.
  • Storage and deletion: Deletion in accordance with the information in the section "General Information on Data Storage and Deletion".
  • Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Provision of online offer on rented storage space: For the provision of our online offer, we rent storage space, computing capacity and software from a corresponding server provider (also called "web hoster") or otherwise obtain it; Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).
  • Collection of access data and log files: Access to our online offer is logged in the form of so-called "server log files". The server log files may include the address and name of the web pages and files accessed, date and time of access, data volumes transmitted, message about successful access, browser type along with version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider. The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks), and on the other hand, to ensure the utilization of the servers and their stability; Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR). Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is necessary for evidentiary purposes are excluded from deletion until the final clarification of the respective incident.

Registration, Login and User Account

Users can create a user account. In the context of registration, users are informed of the required mandatory information and processed for the purpose of providing the user account on the basis of contractual obligation fulfillment. The data processed includes in particular the login information (username, password as well as an e-mail address).

In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorized use. A transmission of this data to third parties does not take place in principle, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so.

The users can be informed about events relevant to their user account, e.g. technical changes, by e-mail.

  • Types of data processed: Inventory data (e.g. full name, residential address, contact information, customer number, etc.); Contact data (e.g. postal and e-mail addresses or telephone numbers); Content data (e.g. textual or pictorial messages and contributions as well as information relating to them, e.g. details of authorship or time of creation); Usage data (e.g. websites visited and length of stay, click paths, intensity and frequency of use, types of devices and operating systems used, interactions with content and functions). Log data (e.g. logfiles concerning logins or the retrieval of data or access times.).
  • Affected persons: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations; Security measures; Organizational and administrative procedures. Provision of our online offer and user-friendliness.
  • Storage and deletion: Deletion in accordance with the information in the section "General Information on Data Storage and Deletion". Deletion after termination.
  • Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR). Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Registration with real names: Due to the nature of our community, we ask users to use our offer only with real names. I.e. the use of pseudonyms is not permitted; Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR).
  • User profiles are not public: The profiles of users are not publicly visible and not accessible.
  • Deletion of data after termination: If users have terminated their user account, their data will be deleted in relation to the user account, subject to a statutory permission, obligation or consent of the users; Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR).
  • No retention obligation for data: It is up to the users to secure their data upon termination before the end of the contract. We are entitled to irrevocably delete all data of the user stored during the term of the contract; Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR).

Single Sign-On Login

As "single sign-on" or "single sign-on login" or "-authentication" are referred to procedures that allow users to log in to our online offer using a user account with a single sign-on provider (e.g. a social network), also at our online offer. The prerequisite for single sign-on authentication is that users are registered with the respective single sign-on provider and enter the required access data in the online form provided for this purpose, or are already logged in with the single sign-on provider and confirm the single sign-on login via button.

The authentication takes place directly with the respective single sign-on provider. In the context of such authentication, we receive a user ID with the information that the user is logged in under this user ID with the respective single sign-on provider and a non-usable ID for other purposes (so-called "user handle"). Whether additional data is transmitted to us depends solely on the single sign-on procedure used, the data releases selected in the context of authentication and also on which data users have released in the privacy or other settings of the user account with the single sign-on provider. Depending on the single sign-on provider and the choice of users, it can be different data, usually it is the e-mail address and the username. The password entered in the context of the single sign-on procedure with the single sign-on provider is neither visible to us nor stored by us.

Users are asked to note that their information stored with us can be automatically matched with their user account with the single sign-on provider, but this does not always happen or is possible. If, for example, the e-mail addresses of users change, they must change them manually in their user account with us.

The single sign-on login can be used by us, if agreed with the users, in the context of or before contract performance, insofar as users have been asked to do so, processed on the basis of consent and otherwise used on the basis of our legitimate interests and the interests of users in an effective and secure login system.

If users decide at some point not to use the link of their user account with the single sign-on provider for the single sign-on procedure anymore, they must remove this link within their user account with the single sign-on provider. If users want their data deleted by us, they must terminate their registration with us.

  • Types of data processed: Inventory data (e.g. full name, residential address, contact information, customer number, etc.); Contact data (e.g. postal and e-mail addresses or telephone numbers); Usage data (e.g. websites visited and length of stay, click paths, intensity and frequency of use, types of devices and operating systems used, interactions with content and functions). Meta, communication and procedural data (e.g. IP addresses, time information, identification numbers, persons involved).
  • Affected persons: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations; Security measures; Registration procedures. Provision of our online offer and user-friendliness.
  • Storage and deletion: Deletion in accordance with the information in the section "General Information on Data Storage and Deletion". Deletion after termination.
  • Legal bases: Contract performance and pre-contractual inquiries (Art. 6 para. 1 s. 1 lit. b) GDPR). Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further information on processing processes, procedures and services:

  • Apple Single Sign-On: Authentication services for user logins, provision of single sign-on functions, management of identity information and application integrations; Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR); Website: https://www.apple.com/us/. Privacy Policy: https://www.apple.com/legal/privacy/en-ww/.
  • Google Single Sign-On: Authentication services for user logins, provision of single sign-on functions, management of identity information and application integrations; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR); Website: https://www.google.com; Privacy Policy: https://policies.google.com/privacy; Basis for third country transfers: Data Privacy Framework (DPF). Opt-out option: Settings for the display of advertising: https://myadcenter.google.com/.

Changes and Updates

We ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as changes require an action on your part (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that addresses may change over time and please check the information before contacting.

Definitions

In this section, you will find an overview of the terms used in this privacy policy. Insofar as the terms are legally defined, their legal definitions apply. The following explanations are intended above all to serve understanding.

  • Inventory data: Inventory data comprise essential information necessary for the identification and management of contractual partners, user accounts, profiles and similar assignments. This data may include personal and demographic details such as names, contact information (addresses, telephone numbers, e-mail addresses), dates of birth and specific identifiers (user IDs). Inventory data form the basis for any formal interaction between persons and services, institutions or systems, enabling unique assignment and communication.
  • Content data: Content data comprise information generated in the course of creating, editing and publishing content of all kinds. This category of data may include texts, images, videos, audio files and other multimedia content published on various platforms and media. Content data are not limited to the actual content, but also include metadata that provide information about the content itself, such as tags, descriptions, author information and publication dates
  • Contact data: Contact data are essential information that enable communication with persons or organizations. They include, among others, telephone numbers, postal addresses and e-mail addresses, as well as communication means such as social media handles and instant messaging identifiers.
  • Meta, communication and procedural data: Meta, communication and procedural data are categories that contain information about how data is processed, transmitted and managed. Meta-data, also known as data about data, comprise information that describe the context, origin and structure of other data. They may include details such as file size, creation date, author of a document and change histories. Communication data capture the exchange of information between users via various channels, such as e-mail traffic, call logs, messages on social networks and chat histories, including the parties involved, timestamps and transmission routes. Procedural data describe the processes and procedures within systems or organizations, including workflow documentation, transaction logs and activities, as well as audit logs used to track and verify operations.
  • Usage data: Usage data refer to information that captures how users interact with digital products, services or platforms. This data includes a wide range of information that shows how users use applications, which functions they prefer, how long they stay on certain pages and through which paths they navigate an application. Usage data may also include frequency of use, timestamps of activities, IP addresses, device information and location data. They are particularly valuable for analyzing user behavior, optimizing user experiences, personalizing content and improving products or services. Furthermore, usage data play a crucial role in identifying trends, preferences and potential problem areas within digital offerings
  • Personal data: "Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Log data: Log data are information about events or activities logged in a system or network. This data typically includes details such as timestamps, IP addresses, user actions, error messages and other details about the use or operation of a system. Log data are often used for system problem analysis, security monitoring or performance reporting.
  • Controller: "Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Processing: "Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Contract data: Contract data are specific information relating to the formalization of an agreement between two or more parties. They document the conditions under which services or products are provided, exchanged or sold. This data category is essential for the management and fulfillment of contractual obligations and includes both the identification of the contracting parties and the specific terms and conditions of the agreement. Contract data may include start and end dates of the contract, the type of services or products agreed, price agreements, payment terms, termination rights, extension options and special conditions or clauses. They serve as the legal basis for the relationship between the parties and are crucial for clarifying rights and obligations, enforcing claims and resolving disputes.
  • Payment data: Payment data comprise all information required for the processing of payment transactions between buyers and sellers. This data is of decisive importance for electronic commerce, online banking and any other form of financial transaction. It includes details such as credit card numbers, bank details, payment amounts, transaction data, verification numbers and invoice information. Payment data may also include information about payment status, chargebacks, authorizations and fees.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke