With this data protection declaration, we would like to inform you in accordance with Art. 13 and 14 of the General Data Protection Regulation (GDPR) about how our company processes personal data, as well as inform you about your rights. The processing of your personal data by us is carried out in compliance with the GDPR, as well as all other applicable data protection regulations. The terms used, such as "user", are to be understood as gender-neutral.
Pink Internet GmbH
Boxhagener Strasse 71E
Contact details of the data protection officer: email@example.com
We collect and process the following personal data about you: (i) inventory data and contact information (e.g. names and contact addresses), if you provide us with your contact information, (ii) contract data (e.g. services used or tariffs), if a contract exists, (iii) usage data (e.g. the web pages visited on our online offer, interest in our products), (iv) content data (e.g. entries in the contact form or user profile), if you provide us with content, (v) payment information, (vi) as well as personal data on education and professional experience for application procedures, (vii) date of birth and marital status.
We process your data for one or more of the following purposes:
Your data is processed in accordance with the following legal bases: your consent in accordance with Art. 6 Para. 1 lit. a) GDPR or, if applicable, Art. 9 Para. 2 lit. a) GDPR, for the performance of a contract with you in accordance with Art. 6 Para. 1 lit. b) GDPR, for the fulfilment of legal obligations in accordance with Art. 6 Para. 1 lit. c) GDPR or for a legitimate interest in accordance with Art. 6 Para. 1 lit. f) GDPR.
The legal basis for processing your data in accordance with the stated processing purposes is:
We obtain the data from you (including via the devices you use). If we do not collect the personal data directly from you, we will also tell you the source of the personal data and, if applicable, whether it is from publicly available sources.
When processing your data, we work together with service providers who have access to your data. Possible recipients of your personal data are: (i) software companies that enable us to provide our services, help us to improve them and/or serve us for marketing purposes (for example, to send newsletters, emails, manage customer contacts or applications); (ii) public bodies and administrations, insofar as we are legally obliged to do so; (iii) payment service providers; (iv) hosting providers; (v) social media platforms; (vi) service companies, such as tax advisors or lawyers.
For the purpose of fulfilling the contract, we may also transfer your personal data to anyone to whom we assign rights arising from the contractual relationship with you.
Some of the recipients of your personal data are:
We use Algolia to optimize our internal search function. Personal data may be disclosed in the process. We use the aforementioned services to optimize our search results.
We use Chargebee to process payments. Personal data may be passed on in the process. We use the above services to sell our services online.
We integrate content from Facebook on our website. Personal data may be passed on in the process. The integration of content serves us for analysis, optimisation and advertising purposes. We also operate a profile on Facebook and Instagram.
We include Google services on our website to (i) analyse the use of our website, (ii) manage tags, (iii) and for other analysis, optimisation and advertising purposes. In doing so, personal data may be passed on to Google. We use the aforementioned services to (i) understand the use of our website and (ii) to manage analysis tools (Google Tag Manager).
We integrate services from Hotjar on our website. In doing so, personal data may be passed on to Hotjar. We use these services to analyse the use of our website.
We use technology from insic GmbH, Bei der Doppeleiche 3, 22926 Ahrensburg ("insic") to carry out the age verification. The integration of insic takes place via a server call within the EU.
We integrate services from Klaviyo on our website. Personal data may be passed on in the process. The integration of Klaviyo is used for analysis, optimisation and advertising purposes.
We use the services of Linkster GmbH. Personal data may be passed on in the process. We use the aforementioned services to measure and visualise insights into partnerships and advertising channels. This is a function to measure the efficiency of the corresponding advertising measures.
We use the services of Matomo (InnoCraft Ltd). Personal data may be passed on in the process. We use these services to analyse the use of our website.
We use PayPal to process payments. Personal data may be passed on in the process. We use the above services to sell our services online.
We integrate content from Pinterest on our website in order to display personalised advertisements on this platform and to carry out a corresponding measurement of success. Personal data may be passed on in the process.
We integrate services from Segment on our website. Personal data may be passed on in the process. The integration of Segment is used for analysis, optimisation and advertising purposes.
We integrate content from Snapchat on our website. Personal data may be passed on in the process. The integration of content is used for analysis, optimisation and advertising purposes.
We use Stripe to process payments. Personal data may be passed on in the process. We use the above services to sell our services online.
We include content from Taboola on our website. Personal data may be passed on in the process. The integration of content is used for analysis, optimisation and advertising purposes.
We use services from Typeform to manage forms. Personal data may be passed on in the process. We use these services to provide complete and user-friendly products and processes.
There is a transfer of data to third countries outside the European Union or the European Economic Area. Information we collect from you could be processed in the United States or other third countries. Some third countries, such as the United States, have not currently received an adequacy decision from the European Union under Article 45 of the GDPR, which means that your data may not receive the same level of protection there as it does under the GDPR.
We store your personal data only as long as it is necessary to achieve the purpose of processing. We store your data if you have consented to the processing at most until you revoke your consent, if we need the data to perform a contract at most as long as the contractual relationship with you exists, if we use the data on the basis of a legitimate interest at most as long as your interest in deletion or anonymisation does not prevail.
In addition, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. In these cases, the data is deleted when a storage or retention period prescribed by the aforementioned standards expires. Among others, the provisions of the HGB and the AO apply.
We store applicant documents for a period of six months if the application does not lead to an employment relationship and no further storage has been agreed. This period results from possible lawsuits against the responsible person according to the General Equal Treatment Act (AGG).
We store server log files for a maximum of seven days.
As a data subject, you may have the right under applicable data protection law to:
Information, in accordance with Art. 15 of the GDPR,
Rectification, in accordance with Art. 16 of the GDPR,
Data erasure ("right to be forgotten"), in accordance with Art. 17 of the GDPR,
Limitation of processing, pursuant to Art. 18 GDPR,
Data portability, in accordance with Art. 20 GDPR and/or
Objection to the processing, pursuant to Article 21 of the GDPR.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
You also have the right to withdraw consent to the processing of personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR or other data protection provisions.
Unless expressly stated at the time of collection, the provision of data is not required or obligatory. Such an obligation may result from legal requirements or contractual regulations. Failure to provide required personal data generally results in a contract not being able to be concluded and/or in us not being able to provide a requested service. Our employees will clarify on a case-by-case basis whether the provision of personal data is required by law or contract or necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.
We do not use automated decision-making mechanisms, including profiling, that have legal effect on the data subject or similarly significantly affect the data subject.
We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. The security measures include in particular the encrypted transmission of data between your browser and our server.
Technically necessary cookies and technologies are those without which our website cannot function and be used. This category only includes cookies and technologies that ensure basic functions and security features of the website. Technically necessary cookies and technologies can be set without the user's consent.
Non-essential cookies are all cookies and technologies that are not particularly necessary for the functioning of the website and are used specifically to collect personal data from the user via analytics, ads and other embedded content. Non-essential cookies and technologies (for example, cookies for marketing, advertising or customer analysis purposes) require the consent of the website visitor.
Please refer to our cookie banner to see which cookies and technologies we use and for what purpose.
By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for the website, it may no longer be possible to use all the functions of the website to their full extent.
We use the services of CookieHub. Personal data may be disclosed in the process. We use these services to allow you to refuse or accept our cookies.
Status: 26 April 2021