In the following, we provide information about the collection of personal data when using our mobile or web app (hereinafter only "App").
Personal data is any data that can be related to a specific natural person, such as their name or IP address.
The controller within the meaning of Art. 4 (7) EU General Data Protection Regulation (GDPR) is Sharpist GmbH, Karl-Marx-Straße 58, 12043 Berlin, Germany. For customers in the United Kingdom, the responsible party is Sharpist Ltd, 102 Puller Road, Barnet, UK. Our e-mail address in each case is mail@sharpist.com. We are legally represented by Hendrik Schriefer, Fabian Niedballa.
Our data protection officer is Martin Bastius, heyData GmbH, Schützenstr. 5, 10117 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.
For data subjects in the United Kingdom, the EU General Data Protection Regulation (hereinafter "GDPR") information in this privacy policy refers to the UK GDPR.
We detail the scope of data processing, processing purposes and legal bases below. In principle, the following come into consideration as the legal basis for data processing:
Insofar as we transfer data to service providers or other third parties outside the EEA (or for data subjects in the UK: outside the EEA or the United Kingdom), the security of the data during the transfer is guaranteed by adequacy decisions of the EU Commission, insofar as they exist (e.g. for Canada and Israel) (Art. 45 para. 3 GDPR).
If no adequacy decision exists (e.g. for the USA), the legal basis for the data transfer are usually, i.e. unless we indicate otherwise, standard contractual clauses. These are a set of rules adopted by the EU Commission and are part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many of the providers have given contractual guarantees that go beyond the standard contractual clauses to protect the data. These include, for example, guarantees regarding the encryption of data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies wish to access the respective data.
Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and no legal obligations to retain data conflict with the deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted, i.e. the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Data subjects have the following rights against us with regard to their personal data:
Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data.
Within the scope of the business or other relationship, customers, prospective customers or third parties need to provide us with personal data that is necessary for the establishment, execution and termination of a business or other relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or to provide a service or will no longer be able to perform an existing contract or other relationship.
Mandatory data are marked as such.
As a matter of principle, we do not use a fully automated decision-making process in accordance with article 22 GDPR to establish and implement the business or other relationship. Should we use these procedures in individual cases, we will inform of this separately if this is required by law.
When contacting us, e.g. by e-mail or telephone, the data provided to us (e.g. names and e-mail addresses) will be stored by us in order to answer questions. The legal basis for the processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) to answer inquiries directed to us. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
Our mobile app is ready for download at Apple's App Store und Google's Play Store (hereinafter "Stores"). When users download the mobile app, the necessary information is transmitted to the stores, i.e. in particular user name, e-mail address and customer number of the account, time of download, payment information and the individual device identification number. We have no influence on this data collection and are not responsible for it. We process the data only insofar as it is necessary for downloading the mobile app to the user's mobile device.
Our App is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen. The provider thereby processes the personal data transmitted via the app, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide an app, so that the legal basis of the data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
When users use our App, we collect the data that is technically necessary for us to offer users the functions of our app and to ensure stability and security. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.
The data processed to this extent are:
The App requests the user's access to functions of the end device or to data of the device in order to be able to execute functions of the App. By allowing access, the user gives consent to the associated data processing, so that the legal basis is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time by terminating access in the settings of their end device. The revocation does not affect the lawfulness of the processing until the revocation.
The functions or data processed to this extent are
In the App, we process data in order to provide the user with functions of the App. The legal basis for the processing is to perform the contract concluded with our customer. For this reason is the legal basis is art. 6 Abs. 1 S. 1 lit. b GDPR.
The data processed to this extent are only the data entered into the App by the user.
We call our customers' employees, who use our Sharpist App "Learners". When we recommend you as a Coach for to a Learner, we share your following information with them via the Sharpist App:
When a learner chooses you for coaching, we will share the following information about the learner:
The above-mentioned data may only be used for the fulfillment of the specific coaching assignment; any processing beyond this is not permitted. After the coaching session has ended, all personal data of the learner must be deleted.
After a coaching session, keywords may be selected that outline the topic of the session. We share these keywords with the learner and may also share them with our client in certain cases. In no case will we share with our client which coach selected which keywords to which learner. The selected list of keywords can be found in the appendix "Keywords related to the session topic".
The data will be forwarded to the clients only if at least 5 learners have completed at least 10 coaching sessions in total. Otherwise, only the number of registered learners is provided.
For statistical data analysis and evaluation, we use the following contract processors:
The legal basis for the processing is our legitimate interest in improving our product for our users (Art. 6 para. 1 p. 1 lit. f GDPR).
For receiving, storing and sending emails, we use the following order processors:
The legal basis of the transfer to a country outside the EEA (or for data subjects in the UK: outside the EEA or the UK) is standard contractual clauses. The security of the data transferred to the third country (i.e., a country outside the EEA) is guaranteed by standard data protection clauses adopted in accordance with the review procedure under Article 93 para. 2 GDPR (Article 46 para. 2 lit. c GDPR), which we have agreed with the provider.
We use Intercom for engagement with the users. The provider is R&D Unlimited Company 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Ireland. The provider processes content data (e.g. entries in online forms), contact data (e.g. e-mail addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses), and master data (e.g. names, addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.intercom.com/de/legal/privacy.
We use Firebase for logging events on the app. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses) and log data in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in logging events in our app for accounting and operational purposes.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.
Hereinafter we inform you about the nature, scope and purpose of the processing ofyour personal data when using the Sharpist Mobile App or Web App (herein after referred to as „App“). Personal data is any information that relates to an identified oridentifiable natural person.
In the following, we provide information about the collection of personal data when using our mobile or web app (hereinafter only "App").
Personal data is any data that can be related to a specific natural person, such as their name or IP address.
The controller within the meaning of Art. 4 (7) EU General Data Protection Regulation (GDPR) is Sharpist GmbH, Karl-Marx-Straße 58, 12043 Berlin, Germany. For customers in the United Kingdom, the responsible party is Sharpist Ltd, 102 Puller Road, Barnet, UK. Our e-mail address in each case is mail@sharpist.com. We are legally represented by Hendrik Schriefer, Fabian Niedballa.
Our data protection officer is Martin Bastius, heyData GmbH, Schützenstr. 5, 10117 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.
For data subjects in the United Kingdom, the EU General Data Protection Regulation (hereinafter "GDPR") information in this privacy policy refers to the UK GDPR.
We detail the scope of data processing, processing purposes and legal bases below. In principle, the following come into consideration as the legal basis for data processing:
Insofar as we transfer data to service providers or other third parties outside the EEA (or for data subjects in the UK: outside the EEA or the United Kingdom), the security of the data during the transfer is guaranteed by adequacy decisions of the EU Commission, insofar as they exist (e.g. for Canada and Israel) (Art. 45 para. 3 GDPR).
If no adequacy decision exists (e.g. for the USA), the legal basis for the data transfer are usually, i.e. unless we indicate otherwise, standard contractual clauses. These are a set of rules adopted by the EU Commission and are part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many of the providers have given contractual guarantees that go beyond the standard contractual clauses to protect the data. These include, for example, guarantees regarding the encryption of data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies wish to access the respective data.
Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and no legal obligations to retain data conflict with the deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted, i.e. the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Data subjects have the following rights against us with regard to their personal data:
Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data.
Within the scope of the business or other relationship, customers, prospective customers or third parties need to provide us with personal data that is necessary for the establishment, execution and termination of a business or other relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or to provide a service or will no longer be able to perform an existing contract or other relationship.
Mandatory data are marked as such.
As a matter of principle, we do not use a fully automated decision-making process in accordance with article 22 GDPR to establish and implement the business or other relationship. Should we use these procedures in individual cases, we will inform of this separately if this is required by law.
When contacting us, e.g. by e-mail or telephone, the data provided to us (e.g. names and e-mail addresses) will be stored by us in order to answer questions. The legal basis for the processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) to answer inquiries directed to us. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
Our mobile app is ready for download at Apple's App Store und Google's Play Store (hereinafter "Stores"). When users download the mobile app, the necessary information is transmitted to the stores, i.e. in particular user name, e-mail address and customer number of the account, time of download, payment information and the individual device identification number. We have no influence on this data collection and are not responsible for it. We process the data only insofar as it is necessary for downloading the mobile app to the user's mobile device.
Our App is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen. The provider thereby processes the personal data transmitted via the app, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide an app, so that the legal basis of the data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
When users use our App, we collect the data that is technically necessary for us to offer users the functions of our app and to ensure stability and security. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.
The data processed to this extent are:
The App requests the user's access to functions of the end device or to data of the device in order to be able to execute functions of the App. By allowing access, the user gives consent to the associated data processing, so that the legal basis is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time by terminating access in the settings of their end device. The revocation does not affect the lawfulness of the processing until the revocation.
The functions or data processed to this extent are
In the App, we process data in order to provide the user with functions of the App. The legal basis for the processing is to perform the contract concluded with our customer. For this reason is the legal basis is art. 6 Abs. 1 S. 1 lit. b GDPR.
The data processed to this extent are only the data entered into the App by the user.
We call our customers' employees, who use our Sharpist App "Learners". When we recommend you as a Coach for to a Learner, we share your following information with them via the Sharpist App:
When a learner chooses you for coaching, we will share the following information about the learner:
The above-mentioned data may only be used for the fulfillment of the specific coaching assignment; any processing beyond this is not permitted. After the coaching session has ended, all personal data of the learner must be deleted.
After a coaching session, keywords may be selected that outline the topic of the session. We share these keywords with the learner and may also share them with our client in certain cases. In no case will we share with our client which coach selected which keywords to which learner. The selected list of keywords can be found in the appendix "Keywords related to the session topic".
The data will be forwarded to the clients only if at least 5 learners have completed at least 10 coaching sessions in total. Otherwise, only the number of registered learners is provided.
For statistical data analysis and evaluation, we use the following contract processors:
The legal basis for the processing is our legitimate interest in improving our product for our users (Art. 6 para. 1 p. 1 lit. f GDPR).
For receiving, storing and sending emails, we use the following order processors:
The legal basis of the transfer to a country outside the EEA (or for data subjects in the UK: outside the EEA or the UK) is standard contractual clauses. The security of the data transferred to the third country (i.e., a country outside the EEA) is guaranteed by standard data protection clauses adopted in accordance with the review procedure under Article 93 para. 2 GDPR (Article 46 para. 2 lit. c GDPR), which we have agreed with the provider.
We use Intercom for engagement with the users. The provider is R&D Unlimited Company 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Ireland. The provider processes content data (e.g. entries in online forms), contact data (e.g. e-mail addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses), and master data (e.g. names, addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.intercom.com/de/legal/privacy.
We use Google Analytics for analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.
Hereinafter we inform you about the nature, scope and purpose of the processing of your personal data when using the Sharpist Mobile App or Web App (hereinafter referred to as „App“). Personal data is any information that relates to an identified or identifiable natural person.
The person responsible (“Controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controller within the meaning of the GDPR for the personal data processed by us is:
Sharpist GmbH
Karl-Marx-Straße 58
12043 Berlin
phone +49 (0) 30 120 88 76 33
e-mail mail@sharpist.com
(hereinafter “we”).
(1) We have designated Mr.Philipp Nordhus as our internal Data Protection Officer. You can reach him in our office via the above contact details or via datenschutz@sharpist.com.
(2) The data protection authority locally responsible for our company is: Berliner Beauftragte für Datenschutz und Informations freiheit, Friedrich straße 219, 10969 Berlin.
(1) If you would like to work for us as a Coach, we request the following data from you: first and last name, billing address, e-mail address, telephone number, tax number, VAT identification number, bank account details, information about your language skills, education and professional experience.
(2) We collect this data to decide whether and in which areas you can work for us as a coach and to carry out the coaching assignments (contract negotiations and contract implementation according to Article 6 par. 1 letter b GDPR).
(3) If no contractual relationship has been established between you and us, we shall delete your data at the end of the calendar year following the last communication with you.
(4) If a contract has been concluded between you and us, we will delete the data collected about you as soon as a particular information is no longer required for the performance of the contract. Where personal data is contained in contractual documents, commercial letters, invoices or comparable documents or files, we shall delete these as soon as the applicable retention periods under commercial and tax law have expired.
(5) We do not use automated decision making in connection to the conclusion of contracts; nor do we use profiling technology.
(1) Our mobile app is available for download in the Apple App Store (Apple Inc., 1 Apple Park Way, Cupertino, CA 95014, USA) and the Google Play Store (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). When you install our mobile app, Apple or Google will send us the following data about you or your device: Ad-ID, OS version and language. In addition, the terms of contract and privacy information of Apple and Google apply.
(2) As a Coach, you can only use the installed App after a registration. To register, it is necessary to provide your e-mail address and select a password.
(3) After registration, we ask you to share some additional information with us: your preferred language, Invoice information, type of coach, coaching experience, work experience, degree, coaching focus, introductory text, coach log in sessions and information on Sharpist learners and sessions.
(4) You may voluntarily provide additional personal data, which we process based on your consent (Article 6 par. 1 letter a GDPR).
(1) In order to ensure a high quality of service, we will use your telephone number as described below:
(a) We would like to call you occasionally to ask you about your experience inworking with us. This concerns for example the following topics: Design and usability of the Sharpist App, reliability of the functions of the Sharpist App, your opinion on possible new functions or other changes, suggestions for improvement from your side.
(b) If a technical problem occurs with the Sharpist App installed on your device, we would like to be able to call you so that we can work with you to better identify and resolve the problem.
(c) If a learner has informed us that he/she would like to cancel or postpone a coaching session with you at short notice, we would inform you by telephone if information via another channel would probably not reach you in time or not reliably.
(d) In the event that planned coaching sessions are repeatedly missed for no apparent reason, we would like to clarify the reason by telephone and discuss possible improvements for future scheduling.
(2) The use of your telephone number mentioned in paragraph 1 is based on our legitimate interest in offering the best possible service to all parties involved and in identifying technical and organizational obstacles and eliminating them for the future (Article 6 paragraph 1 letter f DSGVO).
(1) Our Clients’ employees using use our Sharpist App are called „Learners“ by us. When we propose you as Coach for a Learner, we share the following information about you with the Learner via the Sharpist App: first name, last name, your photo, language skills, education and professional experience.
(2) When a Learner decides for you for the coaching, we will share the following information about the Learner with you: first name, last name, gender, academictitle, associated company, the Learner’s role in the company, details of the Learner’ spersonal goals („Goals“), details of topics that should be excluded from coaching(„No-Gos“ ), and preferred language.
(3) You shall use the data referred to in the foregoing paragraph for no other purpose than the fulfilment of the specific coaching assignment; any processing beyond this is prohibited. You must delete any personal data related a Learner upon completion of the coaching.
(4) After a Coaching session, you may choose keywords that outline the session’s topic. We will share these keywords with the Learner, and may, in certain cases, also share them with our Client. In no case we will tell our Client which Coach chose which keywords regarding which Learner. Please see Annex „Session topic keywords“ for the keyword list you may choose from.
(5) We process all the above-mentioned data in order to properly fulfil our contracts concluded with you and with our Clients on coaching our Clients’ employees(Article 6 paragraph 1 letter b GDPR).
(1) During the contractual relationship regarding the use of Sharpist App, we will provide our respective Client with the following information:
(a) the first name and last name of all Coaches who have scheduled or completed a coaching,
(b) the keywords that you have chosen on the topics of the coaching sessions, but without information on which Coach sent which keywords regarding which Learner.
(C) For statistical data analytics and evaluation, we use use services provided by the following processors:Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and y42 (DATOS Intelligence GmbH, Lohmühlenstraße 65, 12435Berlin, Germany).
(2) However, we shall provide the above information only when there are at least 5Learners having completed at least 10 coaching sessions altogether. Otherwise, we shall only disclose the number of registered Learners.
(1) When you contact us by e-mail, we will process your message together with your contact details (your name, your e-mail address and possible further information added by your e-mail client and the servers transferring your e-mail).
(2) This data processing is based on our legitimate interest to answer you request and to handle possible follow-up communication (Article 6 paragraph 1 letter f GDPR). We shall delete the data collected from you at the end of the calendar year following the last communication with you.
(3) Our mail servers work with TLS and SSL, thus the data transfer between your and our mail servers will be encrypted as long as your e-mail provider supports at least one of these features.
(1) Processors according to Article 28 GDPR
(a) For the operation of our website on the Internet, for the Sharpist Mobile App and the Sharpist Web App we use services provided by the following processor: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
(b) To receive, store and dispatch e-mails we use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA94105, USA). When we use Twilio, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46par. 2 letter c GDPR based on the EU Standard Contractual Clauses.
(c) For processing our Clients‘ personal data, we use use services provided by the following processors: HubSpot (HubSpot Germany GmbH, Koppen straße 93, 10243 Berlin), Jot Form (Jot Form Inc., 801 Garden Street, Suite 201, Santa Barbara, CA 93101, USA) and Pipefy (Pipefy, Inc., 1209 N Orange Street, Wilmington, DE 19801, USA).When we use Jot Form or Pipefy, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article46 par. 2 letter c GDPR based on the EU Standard Contractual Clauses.
(a) For video communication between Coaches and Learners our app uses the services of Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105,USA). Since Twilio does not process data on our behalf, Twilio is not a processor in terms of Article 28 GDPR, but receives data directly from the Coaches and Learner staking part in the video communication.
(b) For online chat communication between Coaches and Learners we use the services of Intercom (Intercom R&D Unlimited Company, 18-21 St. Stephen’s Green, Dublin 2, Ireland).
With regard to your personal data we process, you have the following rights:
You have the right to obtain a confirmation from us as to whether we process personal data concerning you. If this is the case, we will inform you about the personal data stored about you and the further information in accordance with Article 15 par. 1 and 2 GDPR.
You have the right to have your inaccurate personal data rectified without undue delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
You can demand the erasure of your personal data concerning you under the conditions of Article 17 par. 1 GDPR without undue delay, as far as their processing is not necessary according to Article 17 par. 3 GDPR.
You may demand that we restrict the processing of your data if one of there quirements of Article 18 par. 1 GDPR applies. In particular, you can request there striction instead of an erasure.
We will communicate any rectification or erasure of your personal data and are striction of processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.
You have the right to receive the personal data which you provide to us in a structured, commonly used and machine-readable format. You may also request that we transmit the data to another controller without hindrance, where technically feasible.
As far as a data processing is based on your given consent, you have the right to, with draw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal.
RIGHT TO OBJECT: ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA; this right applies to a processing, according to Article 6 par. 1 f GDPR, necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. If you exercise your right to object, we will no longer process the personal data in question unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims.
IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES (E.G. NEWSLETTER), YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES..
If you believe that the processing of your personal data is in breach of the GDPR, you may lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. This does not exclude other administrative or judicial remedies.
Hereinafter we inform you about the nature, scope and purpose of the processing of your personal data in connection with services offered or provided by us. Personal data is any information that relates to an identified or identifiable natural person
The person responsible (“Controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controller within the meaning of the GDPR for the personal data processed by us is:
Sharpist GmbH
Karl-Marx-Straße 58
12043 Berlin
phone +49 (0) 30 120 88 76 33
e-mail mail@sharpist.com
(hereinafter “we”)
(1) We have designated Mr.Philipp Nordhus as our internal Data Protection Officer. You can reach him in our office via the above contact details or via datenschutz@sharpist.com.
(2) The data protection authority locally responsible for our company is: Berliner Beauftragte für Datenschutz und Informations freiheit, Friedrich straße 219, 10969 Berlin.
(1) When you contact us to find out more about us or to request a quotation, we will process your name, academic title, name and address of the company you represent, your function in this company, your e-mail address, your telephone number and any other information you may have provided for your request.
(2) This data processing is based on Article 6 paragraph 1 letter b GDPR (processing for the purpose of initiating a contract). If no contractual relationship is established between you and us, the data collected from you shall be deleted at the end of the calendar year following the last communication with you.
(1) If you conclude a contract with us concerning the use of the Sharpist App(whether as a Web App, Mobile App or in any other form), we shall retain the data collected for the offer for the duration of the contractual relationship.
(2) During the ongoing cooperation, contact data of further representatives of your company may be added, e.g. for technical or content-related questions; § 3 par. 1applies to these accordingly.
(3) The purpose of processing is the fulfilment of the contract (Article 6 paragraph 1 letter b GDPR).
(4) We shall delete the data collected in accordance with paragraphs 1-2 as soon as they are no longer required for the fulfilment of the contract in the specific case. Insofar as personal data are contained in contractual documents, commercial letters, invoices or comparable documents or files, we shall delete them as soon as the retention periods under commercial and tax law applicable to them have expired.
(5) We do not take automated decisions on the conclusion of contracts; nor do we use profiling technology.
(1) Employees of your company who use our Sharpist App are called „Learners“ by us. Learners can only use the Sharpist App after registration. To register, it is necessary that the Learner provides the following information about himself in the App: first name, last name, gender, and e-mail address. It is not possible to register the Sharpist App without providing these data.
(2) After registration, we collect the following additional data from the Learner: hisp referred language, the Learner‘s role in the company, details of his personal goals(„Goals“) and details of topics that should be excluded from coaching („No-Gos“).
(3) The Learner may voluntarily provide additional personal data, e.g. his telephone number to facilitate contact with us in the event of technical or content-related questions from the Learner.
(4) In order to offer the Learner suitable coaching, we will forward the following data of the Learner to one or more Coaches: first name, last name, gender, academic title, associated company, the Learner‘s role in the company, Goals, No-goes and preferred language. The Coaches shall process this data for no other purpose than the fulfilment of the specific coaching assignment; any processing beyond this is prohibited. Coaches shall delete any personal data of the Learner upon completion of the coaching.
(5) We collect all the above-mentioned data in order to be able to properly fulfil the contract concluded with you for coaching your employees (Article 6 paragraph 1 letter b GDPR).
(6) We delete the personal data collected from the Learner when the contractual relationship with you ends or when the Learner declares that he no longer wishes to use the Sharpist App.
(7) Insofar as we have included the name or pseudonym of a Learner in an invoice for accounting purposes following your instruction, this invoice component can not be deleted before the end of the tax retention period.
(1) During the contractual relationship regarding the use of Sharpist App, we provide you as our Client with the following information:
(a) the first name and last name of all Learners who have registered the Sharpist App in connection with the contract between you and us,
(b) the first name and last name of all Coaches assigned to Learners as defined in (a), and
(c) the keywords that the Coaches have sent us on the topics of their coaching sessions, but without information on which Coach sent which keywords regarding which Learner.
(2) However, we shall provide the above information only when there are at least 5Learners having completed at least 10 coaching sessions altogether. Otherwise, we shall only disclose the number of registered Learners.
(1) Processors according to Article 28 GDPR
(a) For the operation of our website on the Internet, for the Sharpist Mobile App and the Sharpist Web App we use services provided by the following processor: Hetzner Online GmbH, Industries. 25, 91710 Gunzenhausen, Germany.
(b) To receive, store and dispatch e-mails we use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA94105, USA). When we use Twilio, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46 par. 2 lit. c GDPR based on the EU Standard Contractual Clauses.
(c) For processing our Clients‘ personal data, we use use services provided by the following processors: HubSpot (HubSpot Germany GmbH, Koppen straße 93, 10243 Berlin), Jot Form (Jot Form Inc., 801 Garden Street, Suite 201, Santa Barbara, CA 93101, USA) and Pipefy ( Pipefy, Inc., 1209 N Orange Street, Wilmington, DE 19801, USA). When we use Jot Form or Pipefy, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46 par. 2 lit. c GDPR based on the EU Standard Contractual Clauses.
(d) For statistical data analytics and evaluation, we use use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and y42 (DATOS Intelligence GmbH, Lohmühlenstraße 65, 12435 Berlin, Germany).
(2) Further recipients
(a) For video communication between Coaches and Learners our app uses the services of Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA). Since Twilio does not process data on our behalf, Twilio is not a processor in terms of Article 28 GDPR, but receives data directly from the Coaches and Learner staking part in the video communication.
(b) For online chat communication between Coaches and Learners we use the services of Intercom (Intercom R&D Unlimited Company, 18-21 St. Stephen’s Green, Dublin 2, Ireland).
With regard to your personal data we process, you have the following rights:
You have the right to obtain a confirmation from us as to whether we process personal data concerning you. If this is the case, we will inform you about the personal data stored about you and the further information in accordance with Article 15 par. 1 and 2 GDPR.
You have the right to have your inaccurate personal data rectified without undue delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
You can demand the erasure of your personal data concerning you under the conditions of Article 17 par. 1 GDPR without undue delay, as far as their processing is not necessary according to Article 17 par. 3 GDPR.
You may demand that we restrict the processing of your data if one of there quirements of Article 18 par. 1 GDPR applies. In particular, you can request the restriction instead of an erasure.
We will communicate any rectification or erasure of your personal data and are striction of processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.
You have the right to receive the personal data which you provide to us in a structured, commonly used and machine-readable format. You may also request that we transmit the data to another controller without hindrance, where technically feasible.
As far as a data processing is based on your given consent, you have the right to, withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal.
RIGHT TO OBJECT: ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION,YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA; this right applies to a processing, according to Article 6 par. 1 f GDPR, necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. If you exercise your right to object, we will no longer process the personal data in question unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims.
IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES(E.G. NEWSLETTER), YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES.
If you believe that the processing of your personal data is in breach of the GDPR, you may lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. This does not exclude other administrative or judicial remedies.