We, Spirit X Solutions AG and operators of the website www.spirit-x.ch, take the protection of your data very seriously. In the following, we would like to inform you about the extent and purpose for which we collect and process your personal data on our website www.spirit-x.ch (hereinafter referred to as “website”).
In this privacy policy we use, among others, the following terms:
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of processing personal data.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons authorised to process personal data under the direct responsibility of the controller or processor.
Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her.
The controller responsible for the processing of personal data is:
Spirit X Solutions (hereinafter “Spirit X”, “we”, “us”),
a company under Swiss law with its registered office at
Culmannstrasse 1
8006 Zurich
info@spirit-x.ch
commercial register number CH020.3.054.5686
If you would like to view and update your personal data or have any questions about data protection on our website, please contact us via the email address providedinfo@spirit-x.ch or by post to the address given above at any time.
The scope and type of processing of your personal data differs depending on whether you contact us via our website, use the functions offered on the website or simply use our website for information purposes. With regard to the data processing procedures described below, you can assert your rights as a data subject at any time (see section 8).
We collect and store your personal data in connection with the use of this website if you provide it to us voluntarily, e.g. when registering for our newsletter or when you fill out our contact form. It is always your free decision whether you provide us with your data for the relevant purposes.
3.1.1 Inquiries via email
If you send us an email, your email address and any personal information contained in the message will be stored by us and processed to respond to your request (the legal basis is Art. 6 Para. 1 f) or Art. 6 Para. 1 b) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland). If special categories of personal data are included, the processing is carried out on the basis of your consent in accordance with Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. We do this solely to be able to process your request and to provide the services you have requested.
We would like to point out that data transmission when communicating via email may have security gaps. Complete protection of data against access by third parties is not possible. Please take this into account in particular before sending us health data by email.
If the purpose of the data processing no longer applies, we will delete the data in question. With regard to this data processing, you can also assert your rights as a data subject at any time (see section 9), in particular object to the corresponding data processing.
3.1.2 Inquiries via contact form
If you contact us via the contact form on our website, your information and any personal content contained in the message will also be stored by us and processed to answer your request (the legal basis is Art. 6 Para. 1 f) or Art. 6 Para. 1 b) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland). If special categories of personal data are included, the processing is carried out on the basis of your consent in accordance with Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. We do this solely to be able to process your request and to provide the services you have requested.
We would like to point out that data transmission when communicating via web form may have security gaps. Complete protection of data against access by third parties is not possible. Please take this into account in particular before sending us health data via the form.
If the purpose of the data processing no longer applies, we will delete the data in question. With regard to this data processing, you can also assert your rights as a data subject at any time (see section 9), in particular object to the corresponding data processing.
When you visit our website, our servers temporarily record the IP address of your computer, the client’s file request (file name and URL) and the http status code as well as the website from which you are visiting us in so-called log files. We store your IP address to detect misuse (spam, viruses, etc.) and to recognize and eliminate faults. Your IP address is also processed to provide you with the requested content. The personal data is processed to the extent that the processing is necessary to fulfill a contract with you or to carry out pre-contractual measures in accordance with Art. 6 Para. 1 b) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland and otherwise due to our legitimate interests described above in accordance with Art. 6 Para. 1 f) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. As far as special categories of personal data are concerned, your consent (Art. 6 para. 1 a), Art. 9 para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland) is the legal basis for the processing.
3.2.1 Necessary cookies and necessary similar technologies and related tools
In addition, our website uses “cookies” in several places to make our service more user-friendly and effective. Cookies are small text files that our website would like to place on your computer or other internet-enabled devices such as tablets or smartphones. If your browser settings accept cookies, your browser adds the text in a small file.
Unless otherwise stated in this privacy policy, the cookies we use are necessary for the functionality and performance of our website. These include, for example, cookies that enable you to log in to the secure area of our website. Most cookies are deleted from your device after the end of your browser session (session cookies). We use the information stored in the necessary cookies solely to provide you with the requested services and functions.
In addition to cookies, we also use similar technologies.
The legal basis for the use of cookies and similar technologies as well as further processing is, insofar as this is necessary to fulfil a contract with you or to carry out pre-contractual measures, in accordance with Art. 6 Para. 1 b) GDPR and otherwise due to our interest in the provision of our online offer and due to the other legitimate interests described above in accordance with Art. 6 Para. 1 f) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland.
Cookies do not cause any damage to your computer per se and do not contain any viruses. You have the option of setting your browser so that these cookies are not saved at all or that the cookies are deleted at the end of your internet session. Please note, however, that in this case you may not be able to use all the functions of our website.
You can find more information about the necessary cookies and similar technologies as well as the tools used behind them in the Cookie Consent Tool Usercentrics under “Essential”. You can open the Cookie Consent Tool Usercentrics via the fingerprint symbol at the bottom left.
3.2.2 Non-necessary cookies and similar technologies and third-party tools
The non-essential cookies and similar technologies and the corresponding services listed in the Usercentrics Cookie Consent Tool under “Analytics” and “Marketing” will be used if you give your consent to this via the Usercentrics Cookie Consent Tool. You can open the Usercentrics Cookie Consent Tool using the fingerprint symbol at the bottom left. You can also use this to revoke any consent you may have given.
The processing of non-essential cookies and similar technologies and the (further) processing of personal data is carried out on the basis of your consent in accordance with Art. 6 Para. 1 a) and, if special categories of personal data are affected, additionally Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. Details on the processing can be found in the following sections.
3.2.2.2 Google tracking and marketing tools
We also use various tracking and marketing tools from Google on our website.
We use various tracking and marketing tools from Google on our website. For users with habitual residence in the European Economic Area or Switzerland, the responsible Google company is Google Ireland Limited, with registered office at Gordon House, Barrow Street, Dublin 4, Ireland; for users with other habitual residences, the responsible Google company is Google LLC, with registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The company responsible for the respective user is hereinafter referred to as “Google”. The latter company is also the parent company of Google Ireland Limited, which is also referred to below.
If you have expressly consented to the respective data processing described under section 3.2.2.2 (Art. 6 para. 1 a), Art. 9 para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland) by agreeing to the processing of the “Google AdServices” and “Google Analytics” services specified in the cookie consent tool, Google generates the information on the use of cookies required for its service. This information is usually transferred to a Google server in the EU and stored there. For all of the services listed below, Google may transfer personal data to countries outside the EU and EEA without an adequacy decision, in particular to Google’s parent company. Google relies on the standard contractual clauses approved by the European Commission as a means of ensuring adequate protection. For further details, please feel free to contact us.
You can prevent the installation of cookies in various ways:
by setting your browser software accordingly, in particular the suppression of third-party cookies will ensure that you do not receive any third-party advertisements;
by installing the plug-in provided by Google under the following link: https://www.google.com/settings/ads/plugin ;
by deactivating interest-based advertising from providers who are part of the “About Ads” self-regulation campaign via the link http://www.aboutads.info/choices , whereby this setting will be deleted if you delete your cookies;
by permanently deactivating it in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin ;
by means of the appropriate cookie settings. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
Further information provided by Google on data protection can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html .
(1) Google Analytics 4 and Google Signals
We use Google Analytics 4 from Google. If you consent to the corresponding processing in the Usercentrics Consent Management System, we will process the data in accordance with the information provided there on the basis of consent. If you also consent to the use of Google Signals in the Usercentrics Consent Management System, we will also use this function on the basis of consent in accordance with the description in the Usercentrics Consent Management System.
If data is transferred from the European Google company specified in the Usercentrics consent management system to unsafe third countries, this is done on the basis of EU standard contractual clauses. Please feel free to contact us for further details.
The legal basis for the corresponding processing is your consent in accordance with Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland.
(2) Google Ads Conversion and Conversion Linker
We use the “Google Ads Conversion” service to draw attention to our attractive offers using advertising materials (so-called Google Ads) on external websites. We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. In doing so, we pursue the interest of showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.
These advertising materials are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as the display of ads or clicks by users, can be measured. If you access our website via a Google ad, Google Ads will store a cookie on your device. These cookies usually expire after 180 days and are not intended to identify you personally. The analysis values for this cookie are usually the
Unique Cookie ID,
Number of ad impressions per placement (frequency),
last impression (relevant for post-view conversions) and
Opt-out information (marking that the user no longer wishes to be contacted)
These cookies allow Google to recognize your Internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked across Ads customers’ websites.
The Conversion Linker stores click data to effectively measure conversions.
We do not collect or process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, and in particular we cannot identify users based on this information.
If you have expressly consented to the data processing described (Art. 6 Para. 1 a) GDPR, Art. 9 Para. 2 a) GDPR) or Art. 30 in conjunction with Art. 31 DSG/Switzerland), your browser automatically establishes a direct connection to the Google server due to the marketing tools used. We have no influence on the scope and further use of the data collected through the use of this tool by Google and therefore inform you according to our level of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the corresponding part of our website or clicked on one of our advertisements. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out and save your IP address.
(3) Google Ads Remarketing
Within Google Ads, we also use the remarketing function if you have given your express consent to this (Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland). With the remarketing function, we can present users of our website with advertisements based on their interests on other websites within the Google advertising network (in Google Search or on YouTube, so-called “Google Ads” or on other websites). For this purpose, the interaction of users on our website is analyzed, e.g. which offers the user was interested in, in order to be able to show users targeted advertising on other sites even after they have visited our website. For this purpose, Google stores cookies on the end devices of users who visit certain Google services or websites in the Google Display Network. These cookies usually expire after 30 days (this only applies to cookies that are set via this website). These cookies are used to record the visits of these users. The cookies are used to uniquely identify a web browser on a specific device and not to identify a person.
(4) Google DoubleClick
We use “DoubleClick”, another online marketing tool from Google, on our website. We use DoubleClick for marketing and optimization purposes, in particular to display ads that are relevant and interesting to you, to improve campaign performance reports or to avoid you seeing the same ads multiple times.
If you have given your consent for this (Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland), Google uses a cookie ID to record which ads are displayed in which web browser. This can prevent ads from being displayed multiple times. DoubleClick can also use the cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, if you see a DoubleClick ad and later use the same web browser to access the advertiser’s website and buy something there.
The cookies do not contain any personal data. By using DoubleClick, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected through the use of DoubleClick by Google. Google receives the information that you have accessed the corresponding part of our website or clicked on one of our advertisements. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and save your IP address.
3.2.2.3 Facebook Pixel
For further analysis and optimization and for the economic operation of our offer, we also use “Facebook Pixel” of the social network Facebook, which is operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Facebook”).
Facebook may transfer personal data to countries outside the EU and EEA without an adequacy decision, in particular to the parent company or other group companies in the USA. Facebook relies on the standard contractual clauses approved by the European Commission and the FDPIC as a means of ensuring adequate protection. For further details, please feel free to contact us.
Facebook Pixel is integrated directly into our website by Facebook and can save a cookie on your device if you have given your express consent to this (Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland). If you then log in to Facebook or visit Facebook while logged in, your visit to our online offering will be noted in your profile. The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook for its own market research and advertising purposes. If we should transmit data to Facebook for comparison purposes, it is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of making a comparison with the data that is also encrypted by Facebook.
With the help of the Facebook pixel, Facebook is also able to determine the visitors to our website as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to only display the Facebook ads we place to Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products determined based on the websites visited) that we transmit to Facebook (so-called “custom audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interests of users and do not appear annoying. With the help of the Facebook pixel, we can also track the effectiveness of Facebook advertisements for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook advertisement (so-called “conversion”).
Furthermore, when using the Facebook pixel, we use the additional function “extended matching”. Here, data for the formation of target groups (“custom audiences” or “look-alike audiences”) is transmitted to Facebook in encrypted form.
We only use Facebook Pixel on our website if you consent to this processing of your personal data (Art. 6 Para. 1 a), Art. 9 Para. 2 a) GDPR GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland). You can of course revoke your consent at any time for the future. The revocation does not affect the legality of the processing (up to the revocation).
For more information about the collection and use of data by Facebook as well as your rights and options for protecting your privacy, please see Facebook’s privacy policy at https://www.facebook.com/about/privacy/ .
Alternatively, you can deactivate the “Custom Audiences” remarketing function at https://www.facebook.com/settings/?tab=ads#_=_ . You must be logged in to Facebook to do this.
To set which types of advertisements are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising . The settings are platform-independent, i.e. they are applied to all devices such as desktop computers or mobile devices. You can also object to the use of cookies that are used for reach measurement and advertising purposes via the deactivation page of the Network Advertising Initiative and additionally the US website aboutads.info or the European website youronlinechoices.com .
3.2.2.4 Hotjar
We may use Hotjar, which is provided by Hotjar Limited, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experiences (e.g. how much time they spend on which pages, which links they click, what users like and don’t like, etc.) and enables us to build and maintain our service based on user feedback. Hotjar uses cookies and other technologies to collect data about the behavior of our users and their devices. This includes a device’s IP address (which is processed during your session and stored in an anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language in which our website is displayed. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.
For more details, see the ‘About Hotjar’ section on the Hotjar support page .
Processing only takes place if consent is given. The legal basis in such cases is Art. 6 Para. 1 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. You declare such consent by agreeing to the “Hotjar” service in the cookie consent tool.
3.2.2.5 Microsoft Advertising
We may use Microsoft Advertising, provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (Microsoft), on our websites. Microsoft will store a cookie on your computer if you have accessed our website via a Microsoft ad. In this way, Microsoft and we can recognize that someone has clicked on an ad, been redirected to our website and reached a previously determined landing page (conversion page). We only learn the total number of users who clicked on a Microsoft ad and were then redirected to the conversion page.
Processing only takes place if consent is given. The legal basis in such cases is Art. 6 Para. 1 1 a), Art. 9 Para. 2 a) GDPR or Art. 30 in conjunction with Art. 31 DSG/Switzerland. You declare such consent by agreeing to the “Microsoft Advertising” service in the cookie consent tool.
Further information on data protection and the cookies used by Microsoft can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement
We must share some data with external third parties in strict compliance with applicable data protection law. This sharing of data is in addition to the transfers already explained in other sections, particularly in connection with the tools and features used.
When it comes to the technical content and design of our online presence, it may be necessary for external service providers to have access to personal data on our website (e.g. IT service providers). In this case, your personal data will only be handled in accordance with our express instructions and on the basis of an agreement on order processing in accordance with Art. 28 GDPR or Art. 9 DSG/Switzerland.
In this context, we forward your data to the following service providers:
4.1.1 To send emails
We use the services of IONOS to send emails generated from our website.
IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Germany
For order processing, the following data is collected and transmitted to IONOS:
your email address,
Your full name,
Your Address.
4.1.2 External hosting of the website
We use the website builder Wix from the
Israeli company Wix.com Ltd., 40 Hanamal Tel Aviv St., Tel Aviv 6350671, Israel for our website. In addition to the headquarters in Tel Aviv, there are other
company offices such as in Berlin, Dublin, Vancouver and New York. By using Wix, your personal data may also be collected, stored and processed. With this privacy policy, we want to explain to you why we use Wix, which data is stored where and how you can prevent this data storage.
Wix is a website builder that makes it very easy to create HTML5 websites and mobile websites. This online platform is based on the cloud principle and you can use it to easily integrate various functions from Wix or third-party providers into your own website.
Why do we use Wix on our website?
To work on our website, we need an easy-to-use system that allows us to present you with a beautiful design and interesting content quickly and easily. With Wix, we have found the right system for this. Thanks to Wix’s ease of use and comprehensive functions, we can design our web presence according to our wishes and offer you good user-friendliness.
What data does Wix store?
Non-personal data includes technical usage information such as browser activity, clickstream activity, session heatmaps and data about your computer, operating system, browser, screen resolution, language and keyboard settings, Internet service provider and the date of the page visit.
Personal data is also collected. This is primarily contact information (email address or telephone number, if you provide it), IP address or your geographical location.
Tracking systems such as cookies are used to collect data about your behavior on our website. For example, it records which subpages you particularly like, how long you spend on individual pages, when you leave a page again (bounce rate) or which preferences (e.g. language selection) you have made. Based on this data, Wix.com can also better adapt its marketing measures to your interests and user behavior. The next time you visit our website, our website will be displayed to you as you configured it beforehand. Wix.com may also pass on personal data to third parties (such as service providers).
Below we show you example cookies used by Wix:
Name: XSRF-TOKEN
Value: 15916280081P01ovn-JtsrK
Purpose: This cookie is a security cookie and prevents so-called cross-site request forgery. This is an
attack on a computer system. Expiry date: after the end of the session
Name: _wixCIDX
Value: b2474394-b64f-4c7a-a598-16b9043a8938132959658-9 Purpose: This cookie enables you to log in to our website with the corresponding data storage in order to shorten the login process the next time.
Expiry date: after 3 months
Name: AWSELB
Value: EB626B5A40C8OCEFDOEB26286F9684716FECD023880992D31DEC38132959658- 1
Purpose: This cookie is used to distribute the load on the website across multiple servers. This increases the loading speed of the page.
Expiry date: after one hour
Name: AWSELBCORS
Value: 85FDC7C91873988D19D2D53305AA8CAB73AFO2FCEAEB626B5A40C Purpose: We have not yet been able to find out any further information about this cookie. As soon as we know more, you will be informed.
Expiry date: after one hour
Note: Please note that the cookies shown above are examples and this list is not exhaustive.
How long and where is the data stored?
The data can be stored on various servers located around the world. For example, the data can be stored in the USA, Ireland, South Korea, Taiwan or Israel.
Wix always stores data until it is no longer required for the service provided. We have not yet been able to find out more information about the length of time data is stored.
How can I delete my data or prevent data storage?
You have the option of updating, correcting or deleting your personal data at any time. You can also contact the Wix Data Protection Department directly at privacy@wix.com.
To deactivate, delete or manage cookies, all you have to do is select the appropriate settings in your browser. This works slightly differently depending on the browser. Under the “Cookies” section
you will find the relevant links to the respective instructions for the most popular browsers.
Wix.com Ltd. has its headquarters in Israel. Israel is considered by the European Commission to be a country that
offers adequate protection for the personal data of EU citizens.
Legal basis
If you have consented to Wix being used, the legal basis for the corresponding data processing is this consent. According to Art. 6 Para. 1 lit. a GDPR (consent), this consent represents the legal basis for the processing of personal data as it may occur when Wix is collected.
We also have a legitimate interest in using Wix to optimize our online service and present it beautifully for you. The corresponding legal basis for this is Art. 6 Para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Wix if you have given your consent.
Wix uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway) or for data transfer there. These clauses oblige Wix to comply with the EU data protection level when processing relevant data outside the EU. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the clauses here, among other places: https://eurlex.europa.eu/eli/dec imp1/2021/914/oj?locale=de
The applicable data protection law grants you the right to object to the processing of your data under certain circumstances, in particular for the purposes of direct marketing, profiling for direct marketing purposes and other legitimate interests in the processing. To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:
The right to request information from us as to whether and which data we process about you;
the right to have us correct data if it is inaccurate;
the right to request the erasure of data;
the right to request that we provide you with certain personal data in a common electronic format or to transmit them to another controller;
the right to withdraw consent where our processing is based on your consent;
the right to obtain, upon request, further information necessary to exercise these rights;
the right to express your point of view in the case of automated individual decisions and to request that the decision be reviewed by a natural person.
If you wish to exercise the above rights against us (or against one of our group companies), please contact us in writing, at our premises or, unless otherwise stated or agreed, by email; our contact details can be found in section 2. In order to rule out misuse, we must identify you (e.g. with a copy of your ID card, if this is not possible otherwise).
The easiest way to request deletion of data is via the app.
You also have these rights in relation to other bodies that work with us independently – please contact them directly if you wish to exercise rights in connection with their processing. Information on our important cooperation partners and service providers can be found in section 4.
Please note that these rights are subject to conditions, exceptions or restrictions under applicable data protection law (e.g. to protect third parties or trade secrets). We will inform you accordingly if necessary.
In particular, we may need to further process and store your personal data in order to fulfil a contract with you, to protect our own legitimate interests, such as the assertion, exercise or defence of legal claims, or to comply with legal obligations. To the extent legally permissible, in particular to protect the rights and freedoms of other data subjects and to safeguard legitimate interests, we may therefore also reject a data subject’s request in whole or in part (e.g. by blacking out certain content that concerns third parties or our business secrets).
If you do not agree with the way we handle your rights or data protection, please let us or our data protection officer (Section 2) know. In particular, if you are in the EEA, the United Kingdom or Switzerland, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de. You can contact the supervisory authority in the United Kingdom here: https://ico.org.uk/global/contact-us/. You can contact the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/de/home/adresse.html .
We may change or update parts of this privacy policy without prior notice. Please check the privacy policy before using our services to be aware of any changes or updates.