Processing of (personal) data by the entity in charge of the online application process
Privacy Policy
1. Name and address of the controller
The controller responsible for the website www.hisharethat.com and the online advertising platform “hi!” offered via it within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU Member States as well as other data protection provisions is:
medialabel network GmbH
Unter den Linden 32-34
10117 Berlin
Email: info@medialabel.com
Website: www.medialabel.com
2. General information on data processing
2.1 Scope of the processing of personal data
We process the personal data of our users only to the extent necessary to provide a functional website as well as the content and services of hi!. The processing of our users’ personal data takes place only with the user’s consent or if the processing is permitted by statutory provisions.
2.2 Legal basis for the processing of personal data
Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations necessary for carrying out pre-contractual measures.
Where processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
If processing is necessary in order to protect the vital interests of the data subject or another natural person, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 para. 1 lit. f GDPR serves as the legal basis.
2.3 Data erasure and storage period
The personal data of the data subject will be deleted or blocked by us as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or performance of a contract.
3. Provision of the website and creation of log files
3.1 Description and scope of data processing
Every time our website is accessed, including when users only use it for information purposes to learn about the platform and our services, our system automatically collects data and information from the computer system of the accessing device.
The following data is collected: information about the browser type and version used, the user’s operating system, the user’s internet service provider, the user’s IP address, date and time of access, websites from which the user’s system reaches our website, websites accessed by the user’s system via our website.
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
3.2 Legal basis for data processing
The legal basis for the temporary storage of data and log files in the case of purely informational use is Art. 6 para. 1 lit. f GDPR. For (potential) customers or users of hi!, the legal basis may be Art. 6 para. 1 lit. b GDPR.
3.3 Purpose of data processing
Temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.
Storage in log files takes place to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this context. These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.
3.4 Storage period
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collected for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after no more than seven days. Storage beyond this period is possible. In this case, the users’ IP addresses are deleted or anonymized so that assignment to the accessing client is no longer possible.
3.5 Right to object and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
3.6 Hosting services by Amazon Web Services
Within the scope of processing on our behalf pursuant to Art. 28 GDPR, Amazon Web Services EMEA SARL, 5 rue Plaetis L-2338, Luxembourg (“Amazon Web Services”) provides hosting services for our website. Data processing as described in sections 3.1 to 3.5 takes place on the servers of Amazon Web Services. If Amazon Web Services transfers personal data outside the EEA, it adheres to its privacy notices and applicable data protection laws. This includes, for example, transfers pursuant to the EU-US Privacy Shield framework agreements concerning transfers to the USA, or under data transfer agreements that incorporate the EU Commission’s approved Standard Contractual Clauses. The Amazon Web Services privacy policy is available at https://aws.amazon.com/privacy/.
4. Use of cookies
4.1 Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that enables unique identification of the browser when the website is visited again.
We use cookies to make our website more user friendly. For some elements of our website it is technically necessary that the accessing browser can also be recognized after a page change.
We also use non-essential cookies on our website that enable analysis of your browsing behavior. The data collected from you in this way is pseudonymized by technical means. Therefore, assignment of the data to the accessing user is no longer possible. The data is not stored together with any of your other personal data.
When our website is accessed, users are informed about the general use of cookies on our website and may consent to the use of non-essential cookies for analysis purposes and to the processing of personal data used in this context. We refer to this privacy policy in that notice.
4.2 Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR where the user has given consent.
4.3 Purpose of data processing
The purpose of using technically necessary cookies is to facilitate the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. These purposes also represent our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 lit. f GDPR. The user data collected by technically necessary cookies is not used to create user profiles.
Analysis cookies are used for the purpose of improving the quality of our website and its content. Through analysis cookies we learn how the website is used and can therefore continuously optimize our offering.
4.4 Storage period, right to object and removal
Cookies are stored on your computer and transmitted from it to our site. Therefore, you as a user have full control over the use of cookies. You can find the storage duration in the overview in the cookie settings of your web browser. You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to enable the automatic deletion of cookies when closing the browser. Browsers differ in the way they manage cookie settings. The help menu of your browser explains how to change your cookie settings:
• Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
• Safari: https://support.apple.com/kb/ph21411?locale=de_DE
• Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
• Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
• Opera: http://help.opera.com/Windows/10.20/de/cookies.html
If cookies are disabled for our website, the functionality of our website may be restricted.
4.5 Web analytics by Google Analytics
We use the web analytics tool Google Universal Analytics from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) if you have given us your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.
Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as cookies. The information automatically collected about your use of this website is generally transmitted to a Google server in the USA and stored there. By activating IP anonymization on our website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data as a rule.
Google will process the collected data to evaluate your use of the website, to compile reports on website activity for the website operator, and to provide other services related to website use and internet use. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. After the purpose ceases to apply and after we discontinue the use of Google Analytics, the data collected in this context will be deleted.
We have concluded a data processing agreement with Google. Google LLC is based in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed at https://www.privacyshield.gov/list. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield. You can withdraw your consent at any time with effect for the future by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. This prevents the collection by Google of the data generated by the cookie and related to your use of the website, including your IP address, as well as the processing of this data by Google.
As an alternative to the browser plugin, you can use this link [Disable Google Analytics] to prevent data collection by Google Analytics on our website in the future. An opt-out cookie will then be stored on your device. Your browser must therefore generally allow the storage of cookies for this to work. If you delete your cookies, you will be asked again to grant your consent.
5. Registration
5.1 Description and scope of data processing
Users who wish to use our hi! platform must register.
The user can create an account on our website. For registration we collect the following mandatory information: email address and age, as well as an optional user name and password chosen by the user.
The user can also register for the platform using social media accounts from Facebook or Google and use these for login. In that case, we receive the email address stored there and the user only needs to provide their age. The provisions in section 5.5 apply in addition.
When the user uses the registration function, creates, and uses the account, we process the user’s IP address and the time of the user action.
5.2 Legal basis for data processing
The legal basis for processing the mandatory registration data is Art. 6 para. 1 lit. b GDPR.
The legal basis for storing the IP address and the timestamps of user actions is Art. 6 para. 1 lit. f GDPR.
5.3 Purpose of processing
The mandatory login information is used for the purpose of providing the user account. Age must be provided because registration for the platform is only permitted for adults or for minors with limited legal capacity with the consent of their legal guardian, and measures to verify age or consent pursuant to Art. 8 para. 2 GDPR may be required.
The purpose of processing the IP address and timestamps of user actions is to protect against misuse and unauthorized use. This also constitutes our legitimate interest in processing.
5.4 Storage period
The login data is stored for as long as the user’s account exists. If users have terminated their user account, their data with regard to the user account will be deleted subject to any statutory retention obligations. It is the users’ responsibility to secure their data before the end of the contract after termination has occurred. We are entitled to irretrievably delete all data of the user stored during the contract term.
The user’s IP address will be anonymized or deleted after no later than seven days.
5.5 Registration with a Facebook or Google+ account
Users also have the option to register and log in to hi! using their Facebook or Google+ account. These single sign on procedures (“SSO procedures”) allow users to register for different services without having to use separate login details for each. Instead, login takes place via the account with the provider of the respective SSO procedure, for example Facebook or Google.
If users use the SSO procedure, their data is processed by the respective provider. Integration of the SSO procedure is via a social plugin and our corresponding notices in section 9 (Facebook plugins) and section 10 (Google+ plugins) apply.
6. Provision of services on our hi! platform
6.1 Description and scope of data processing
In connection with the provision of pre-contractual and contractual services, we process the data of (potential) users of our hi! platform (collectively referred to as “contractual partners”).
Depending on the individual case, this concerns, for example, personal data (such as name, address), login and contact data (such as email addresses, phone numbers), as well as contract data (such as completed campaigns, advertising spaces used such as social media accounts or websites, performance data, credits, transaction history, contractual communication) and payment data (such as the email address of the PayPal account, bank details). The specific data we process, its type and scope, as well as the purpose and necessity of its processing, are determined in each individual case by the campaigns in which the respective user participates.
6.2 Legal basis for data processing
The legal basis for processing the data of our contractual partners is Art. 6 para. 1 lit. b GDPR.
6.3 Purpose of processing
The purpose of processing is to provide our contractual and pre-contractual services in connection with our hi! platform.
6.4 Storage period
This data is deleted when it is no longer required to fulfill our contractual or legal obligations. Statutory retention obligations apply in all cases.
6.5 CRM tool for customer relationship management by Zendesk
For customer relationship management (CRM), in particular for handling customer inquiries quickly and efficiently, we use the CRM system Zendesk from Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, USA (“Zendesk”). We use Zendesk on the basis of a data processing agreement pursuant to Art. 28 para. 3 sentence 1 GDPR. Users’ data is processed by Zendesk only for the technical processing of the inquiry and is not passed on to third parties. The use of Zendesk requires at least the provision of an email address. Pseudonymous use is possible. If the user’s inquiry is processed, further data relating to the inquiry may be collected. Users always have alternative contact options if they do not wish to use Zendesk for their inquiry. Zendesk is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed at https://www.privacyshield.gov/list. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield. Zendesk’s privacy policy is available at www.zendesk.de/company/customers-partners/privacy-policy/.
6.6 Disclosure of data to third parties
We do not disclose your data to third parties unless this is necessary for the processing of the contractual relationship.
For the execution of payouts to the user, the necessary payment data is transmitted to the bank specified by the user or to the specified payment service provider.
7. Contacting us
7.1 Description and scope of data processing
All users can contact us via the email addresses provided on our website. In this case, the user’s email address and the personal data transmitted by the user in the email are processed by us. This data is not passed on to third parties.
In addition, all users can also contact us via social media. We maintain presences on the online services Facebook, Twitter, YouTube, Instagram, and LinkedIn. If you contact us through these, the terms of service and privacy policies of the respective providers apply. Further information can be found in section 8.
We also offer advertisers the option to contact us via a contact form on our website. Our contact form is used to answer advertisers’ questions about our platform, for example on app promotion and content seeding. When used, we process as mandatory information the name, company, email address, and the personal data transmitted in the advertiser’s message, as well as the date and time of the inquiry. A voluntarily provided phone number may be added.
For our registered users we also offer a contact form in their personal account through which they can submit questions to us regarding our hi! platform. In addition to any personal data contained in the message, we collect as mandatory information the email address to which we should reply, any user name for personal addressing, and the subject of the inquiry.
7.2 Legal basis for data processing
The legal basis for processing the data transmitted in the course of contacting and communication is Art. 6 para. 1 lit. f GDPR. If such contact is aimed at entering into a contract or is made via the contact form for registered users, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.
7.3 Purpose of data processing
We process the relevant personal data solely for handling the contact and the related further communication. This processing also constitutes our necessary legitimate interest in processing the data. The other personal data processed during the submission process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
7.4 Storage period
The data is deleted as soon as it is no longer necessary to achieve the purpose of its collection. For the personal data transmitted in the course of contacting us, this is the case when the respective conversation with you has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been conclusively clarified. Any statutory retention obligations, in particular under commercial and tax law, remain unaffected and may lead to longer storage.
7.5 Right to object and removal
Our users can contact us at any time and object to the storage of their personal data. In the event of an objection, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case. Statutory retention obligations remain unaffected.
8. Permanent links to social media presences of third-party providers
We have integrated several permanent links to third-party providers on our websites, which we would like to inform our users about below. If our users wish to reach one of our social media presences on Facebook, Twitter, YouTube, Instagram, or LinkedIn, they can use the links embedded on our website. The user will then be taken directly to the respective service. In that case, once the redirection has succeeded, the user’s data is processed by the provider of the respective service. The user can consult the privacy policies of the specific provider to learn which data is involved and how it is processed. If the user contacts us through these services, our notices in section 7 apply.
This concerns the following services:
• “Facebook”, in Europe a service of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Privacy policy: https://www.facebook.com/policy.php
• “Twitter”, in Europe a service of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Privacy policy: https://twitter.com/privacy
• “YouTube”, a service of YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Privacy policy: https://policies.google.com/privacy?hl=de&gl=de
• “Instagram”, a service of Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA. Privacy policy: https://help.instagram.com/155833707900388
• “LinkedIn”, in Europe a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Privacy policy: https://www.linkedin.com/legal/privacy-policy
9. Social plugins from Facebook
Our website uses social plugins (“plugins”) of the social network Facebook operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the addition “Social plugin from Facebook” or “Facebook Social Plugin”. If the user registers or logs in to hi! with their Facebook account, this is also done via a social plugin (see section 5.5). An overview of Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins.
When you access a page of our website that contains such a plugin, your browser establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information, including your IP address, is transmitted by your browser directly to a server of Facebook in the USA and stored there.
If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook profile. If you interact with the plugins, for example by clicking the “Like” button or leaving a comment, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and shown to your Facebook friends.
For information on the purpose and scope of data collection and the further processing and use of data by Facebook as well as your rights in this respect and settings options for protecting your privacy, please refer to Facebook’s privacy policy: http://www.facebook.com/policy.php
If you do not want Facebook to associate the data collected via our website directly with your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent Facebook plugins from loading with add-ons for your browser, for example:
• Firefox: https://addons.mozilla.org/de/firefox/addon/facebook-blocker/
• Opera: https://addons.opera.com/de/extensions/details/facebook-blocker/?display=en
• Chrome: https://chrome.google.com/webstore/detail/facebook-blocker/chlhacbfddknadmnmjmkdobipdpjakmc?hl=de
10. Social plugins from Google+
Our website uses social plugins (“plugins”) of the Google+ social network operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The plugins can be recognized, for example, by buttons with the “+1” sign on a white or colored background. If the user registers or logs in to hi! with their Google+ account, this is also done via a social plugin (see section 5.5). An overview of Google plugins and their appearance can be found here: https://developers.google.com/+/plugins.
When users access a page of our website that contains such a plugin, the user’s browser establishes a direct connection to Google’s servers. The content of the plugin is transmitted by Google directly to the user’s browser and integrated into the page. Through this integration Google receives the information that the user’s browser has accessed the corresponding page of our website, even if the user does not have a Google+ profile or is not currently logged in to Google+. This information, including the user’s IP address, is transmitted directly from the user’s browser to a Google server in the USA and stored there.
If the user is logged in to Google+, Google can directly associate the visit to our website with the user’s Google+ profile. If the user interacts with the plugins, for example by pressing the “+1” button, the corresponding information is also transmitted directly to a Google server and stored there. The information is also published on Google+ and shown to the user’s contacts there.
For information on the purpose and scope of data collection and the further processing and use of data by Google as well as the user’s rights and settings options to protect their privacy, the user can refer to Google’s privacy notices: http://www.google.com/intl/de/+/policy/+1button.html. If the user does not want Google to associate the data collected via our website directly with their Google+ profile, the user must log out of Google+ before visiting our website. The user can also completely prevent Google plugins from loading with add-ons for their browser, for example with the script blocker “NoScript” (http://noscript.net/).
11. Newsletter
11.1 Description and scope of data processing
Users have the option to subscribe to the free hi! newsletter. By subscribing to our newsletter, users agree to receive it as well as to the procedures described below for dispatch and evaluation. We refer to this privacy policy during the registration process.
We verify and log users’ consent using the double opt in procedure to prevent registrations with third-party email addresses. For this purpose, users receive an email with a confirmation link after registering. Only after clicking this link is registration successfully completed. We log users’ registrations in order to be able to prove them.
When registering for the newsletter, the email address entered by the user in the input mask is transmitted to us. In addition, the date and time of registration are collected. Through our newsletter, users receive information on current topics and events in the field of online marketing as well as on our services and offers.
We also conduct an evaluation of our newsletter dispatch. For this purpose, our newsletters contain a so-called web beacon. When users open the newsletter, this pixel-sized file is retrieved from the server of our dispatch service provider.
11.2 Legal basis for data processing
The legal basis for processing the user’s data for newsletter registration with their consent is Art. 6 para. 1 lit. a GDPR.
Logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is in using a user friendly and secure newsletter system that serves our business interests and meets users’ expectations while also allowing us to prove consent.
11.3 Purpose of data processing
The collection of the user’s email address serves to deliver the newsletter. The collection of the date and time of registration serves to log the consent given by you and to prevent misuse of the services or the email address used.
The collection of data for evaluating dispatch serves the statistical measurement of the success of our newsletter offering, for example how many subscribers read our newsletters and which links are followed.
11.4 Storage period
The data is deleted as soon as it is no longer necessary to achieve the purpose of its collection. The user’s email address is therefore stored as long as the newsletter subscription is active.
The other personal data collected during the registration process is usually deleted after a period of seven days.
We may process the data relating to logged consent for up to three years before we delete it in order to be able to prove the user’s consent if required. This processing serves exclusively to defend against claims.
11.5 Right to object and removal
Users can cancel the newsletter at any time. For this purpose, each of our newsletters contains a corresponding link. This also enables the withdrawal of consent to the storage of personal data collected during the registration process. Users can also request deletion of the data relating to their logged consent at any time by contacting us individually and confirming their prior consent.
11.6 Dispatch service provider MailChimp
We use MailChimp, a service provided by The Rocket Science Group LLC, Ponce De Leon Ave NE ‘5000, Atlanta, GA 30308, USA (“MailChimp”), to send our newsletter and to evaluate it. We use this dispatch service provider on the basis of a data processing agreement pursuant to Art. 28 para. 3 sentence 1 GDPR. MailChimp is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed at https://www.privacyshield.gov/list. Based on this agreement between the USA and the European Commission, the latter has determined an adequate level of data protection for companies certified under the Privacy Shield. MailChimp also provides the analysis tools that enable statements to be made about the success of the newsletter dispatch. MailChimp’s privacy policy is available at https://mailchimp.com/legal/privacy/.
12. Rights of data subjects
Our users have the right:
• pursuant to Art. 7 para. 3 GDPR to withdraw consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent for the future
• pursuant to Art. 15 GDPR to obtain information about their personal data processed by us. In particular, they can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom their data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the source of their data if it was not collected by us, and the existence of automated decision making including profiling and, where applicable, meaningful information about its details
• pursuant to Art. 16 GDPR to obtain without undue delay the rectification of inaccurate personal data or completion of their personal data stored by us
• pursuant to Art. 17 GDPR to obtain the erasure of their personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims
• pursuant to Art. 18 GDPR to obtain restriction of processing of their personal data where the accuracy of the data is contested by them, the processing is unlawful and they oppose the erasure of the data, we no longer need the data but they require it for the establishment, exercise, or defense of legal claims, or they have objected to processing pursuant to Art. 21 GDPR
• pursuant to Art. 20 GDPR to receive the personal data concerning them that they have provided to us in a structured, commonly used, and machine readable format or to request the transmission of those data to another controller
• pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. As a rule, users can contact the supervisory authority at their usual place of residence or workplace or at our registered office.
13. Right to object
Where we process users’ personal data on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, the data subject has the right pursuant to Art. 21 GDPR to object to the processing of their personal data on grounds relating to their particular situation or if the objection is directed against direct marketing. In the latter case, the user has a general right to object which will be implemented by us without specification of a particular situation.
Users who wish to exercise their right of withdrawal or objection can contact us by email at info@hisharethat.com.
14. Data security
We provide appropriate administrative, technical, and physical security controls to protect your personal data. To safeguard your data during transmission, we use encryption methods corresponding to the current state of the art, such as SSL or TLS, via HTTPS. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
15. Updates and changes to this privacy policy
We reserve the right to amend this privacy policy from time to time, in particular if we further develop our website and change our services or if this becomes necessary due to changes in statutory or regulatory requirements. Users can always access the current privacy policy on our website.
Berlin, January 1, 2025