In the following, we provide information about the collection of personal data when using
Personal data is any data that can be related to a specific natural person, such as their name or IP address.
The controller within the meaning of Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is Sharpist GmbH, Karl-Marx-Straße 58, 12043 Berlin, Germany, email: mail@sharpist.com. We are legally represented by Hendrik Schriefer, Fabian Niedballa.
Our data protection officer can be reached via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.
We detail the scope of data processing, processing purposes and legal bases below. In principle, the following come into consideration as the legal basis for data processing:
Insofar as we transfer data to service providers or other third parties outside the EEA, the security of the data during the transfer is guaranteed by adequacy decisions of the EU Commission, insofar as they exist (e.g. for Great Britain, Canada and Israel) (Art. 45 para. 3 GDPR).
If no adequacy decision exists (e.g. for the USA), the legal basis for the data transfer are usually, i.e. unless we indicate otherwise, standard contractual clauses. These are a set of rules adopted by the EU Commission and are part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many of the providers have given contractual guarantees that go beyond the standard contractual clauses to protect the data. These include, for example, guarantees regarding the encryption of data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies wish to access the respective data.
Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and no legal obligations to retain data conflict with the deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted, i.e. the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Data subjects have the following rights against us with regard to their personal data:
Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data. Contact details of the data protection supervisory authorities are available at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.
Within the scope of the business or other relationship, customers, prospective customers or third parties need to provide us with personal data that is necessary for the establishment, execution and termination of a business or other relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or to provide a service or will no longer be able to perform an existing contract or other relationship.
Mandatory data are marked as such.
As a matter of principle, we do not use a fully automated decision-making process in accordance with article 22 GDPR to establish and implement the business or other relationship. Should we use these procedures in individual cases, we will inform of this separately if this is required by law.
When contacting us, e.g. by e-mail or telephone, the data provided to us (e.g. names and e-mail addresses) will be stored by us in order to answer questions. The legal basis for the processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) to answer inquiries directed to us. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
From time to time, we conduct customer surveys to get to know our customers and their wishes better. In doing so, we collect the data requested in each case. It is our legitimate interest to get to know our customers and their wishes better, so that the legal basis for the associated data processing is Art. 6 para. 1 s. 1 lit f GDPR. We delete the data when the results of the surveys have been evaluated.
We reserve the right to inform customers who have already used services from us or purchased goods from time to time by e-mail or other means electronically about our offers, if they have not objected to this. The legal basis for this data processing is Art. 6 para. 1 s. 1 lit. f GDPR. Our legitimate interest is to conduct direct advertising (recital 47 GDPR). Customers can object to the use of their e-mail address for advertising purposes at any time without incurring additional costs, for example via the link at the end of each e-mail or by sending an e-mail to our above-mentioned e-mail address.
Based on the consent of the recipients (Art. 6 para. 1 s. 1 lit. a GDPR), we also measure the opening and click-through rate of our newsletters to understand what is relevant for our audience.
We send newsletters with the tool SendGrid of the provider Twilio, Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA (privacy policy: https://www.twilio.com/legal/privacy). The provider processes content, usage, meta/communication data and contact data in the process in the USA.
We send newsletters with the tool HubSpot of the provider HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA (privacy policy: https://legal.hubspot.com/privacy-policy). The provider processes content, usage, meta/communication data and contact data in the process in the EU.
Our website stores information in the terminal equipment of website visitors (e.g. cookies) or accesses information that is already stored in the terminal equipment (e.g. IP addresses). What information this is in detail can be found in the following sections.
This storage and access is based on the following provisions:
The subsequent data processing is carried out in accordance with the following sections and on the basis of the provisions of the GDPR.
During the informative use of the website, i.e. when site visitors do not separately transmit information to us, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.
These data are:
This data is also stored in log files. They are deleted when their storage is no longer necessary, at the latest after 14 days.
Our website is hosted by Webflow, Inc. 208 Utah, Suite 210, San Francisco, CA 94103, USA (privacy policy: https://webflow.com/legal/eu-privacy-policy) on the basis of a data processing agreement (Art. 28 GDPR). The provider thereby processes the personal data transmitted via the website, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide a website, so that the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
It is our legitimate interest to provide a website, so the legal basis of the described data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
The legal basis of the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
When contacting us via the contact form on our website, we store the data requested there and the content of the message.
The legal basis for the processing is our legitimate interest in answering inquiries directed to us. The legal basis for the processing is therefore Art. 6 para. 1 s. 1 lit. f GDPR.
We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
We publish positions that are vacant in our company on our website, on pages linked to the website or on third-party websites.
The processing of the data provided as part of the application is carried out for the purpose of implementing the application process. Insofar as this is necessary for our decision to establish an employment relationship, the legal basis is Art. 88 para. GDPR in conjunction with Sec. 26 para. 1 of the German Data Protection Act (Bundesdatenschutzgesetz). We have marked the data required to carry out the application process accordingly or refer to them. If applicants do not provide this data, we cannot process the application.
Further data is voluntary and not required for an application. If applicants provide further information, the basis is their consent (Art. 6 para. 1 s. 1 lit. a GDPR).
We ask applicants to refrain from providing information on political opinions, religious beliefs and similarly sensitive data in their CV and cover letter. They are not required for an application. If applicants nevertheless provide such information, we cannot prevent their processing as part of the processing of the resume or cover letter. Their processing is then also based on the consent of the applicants (Art. 9 para. 2 lit. a GDPR).
Finally, we process the applicants' data for further application procedures if they have given us their consent to do so. In this case, the legal basis is Art. 6 para. 1 s. 1 lit. a GDPR.
We pass on the applicants' data to the responsible employees in the HR department, to our data processors in the area of recruiting and to the employees otherwise involved in the application process.
If we enter into an employment relationship with the applicant following the application process, we delete the data only after the employment relationship has ended. Otherwise, we delete the data no later than six months after rejecting an applicant.
If applicants have given us their consent to use their data for further application procedures as well, we will not delete their data until one year after receiving the application.
Site visitors can book appointments with us on our website. For this purpose, we process meta data or communication data in addition to the data entered. We have a legitimate interest in offering interested parties a user-friendly option for making appointments. Therefore, the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR. Insofar as we use a third-party tool for the agreement, the information on this can be found under "Third parties".
Site visitors can open a customer account on our website. We process the data requested in this context based on the consent of the site visitor. Legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR.
The consent may be revoked at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation. If the consent is revoked we will delete the data insofar as we are not obliged or have a right to retain it further.
For the processing of payments, we use payment processors who are themselves data controllers within the meaning of Art. 4 No. 7 GDPR. Insofar as they receive data and payment data entered by us in the ordering process, we thereby fulfill the contract concluded with our customers (Art. 6 para. 1 s. 1 lit. b GDPR).
These payment processors are:
Interested parties may participate in free webinars. In return for the free webinars, we may contact the interested parties by email and telephone in order to offer them a contract. The legal basis for the data processing is the contract concluded with the participant for the free subscription to the webinar and the use for advertising purposes of their contact data.
Participants may object free of charge at any time to the use , e.g. by sending an email to the above-mentioned email address.
Interested parties may obtain free whitepapers. In return for providing the free whitepapers , we may contact the interested parties by email and telephone in order to offer them a contract. The legal basis for the data processing is the contract concluded with the interested party for the free subscription of the whitepaper and the use of their contact data for advertising purposes.
Participants may object free of charge at any time to the use, e.g. by sending an email to the above email address.
Interested parties can use demo accounts free of charge. In return for the free use, we may process the data of the interested parties in order to offer them a contract. The legal basis for the data processing is the contract concluded with the interested party for the free use of the account and the use of their contact data for advertising purposes.
Participants may object free of charge at any time to the use, e.g. by sending an email to the above email address.
We process the following data:
If you conclude a contract with us concerning the use of the Sharpist App(whether as a Web App, Mobile App or in any other form), we shall retain the data collected for the offer for the duration of the contractual relationship.
During the ongoing cooperation, contact data of further representatives of your company may be added, e.g. for technical or content-related questions; § 3 par. 3 applies accordingly.
The purpose of processing is the fulfillment of the contract (Article 6 para. 1 s. 1 lit. b GDPR).
We shall delete the data collected in accordance with paragraphs 1-2 as soon as they are no longer required for the fulfillment of the contract in the specific case. Insofar as personal data are contained in contractual documents, commercial letters, invoices or comparable documents or files, we shall delete them as soon as the retention periods under commercial and tax law applicable to them have expired.
We do not take automated decisions on the conclusion of contracts; nor do we use profiling technology.
We use LinkedIn Insight Tag for conversion tracking. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.linkedin.com/legal/privacy-policy.
We use HubSpot for customer relationship management. The provider is HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), content data (e.g. entries in online forms), and meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in managing data in a simple and inexpensive way.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://legal.hubspot.com/de/privacy-policy.
We use Iubenda to manage consents. The provider is iubenda s.r.l, Via San Raffaele, 1 - 20121 Milan, Italy. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. c DSGVO. The processing is necessary for the fulfillment of a legal obligation to which we are subject.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.iubenda.com/privacy-policy/94654098.
We use Weglot for translations. The provider is Weglot, 138, rue Pierre Joigneaux in BOIS-COLOMBES (92270), France. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://weglot.com/de/privacy/.
We use GDPR Legal Cookie to manage consents. The provider is beeclever GmbH, Universitätsstraße 3, 56070 Koblenz. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. c DSGVO. The processing is necessary for the fulfillment of a legal obligation to which we are subject.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://gdpr-legal-cookie.com/pages/datenschutzerklarung.
We use Vimeo Videos for videos on the website. The provider is Vimeo, Inc., 555 West 18th Street New York, NY 10011, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are consents.
We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://vimeo.com/privacy.
We use Calendly to schedule appointments. The provider is Calendly LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), contact data (e.g. e-mail addresses, telephone numbers), and master data (e.g. names, addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://calendly.com/pages/privacy.
We use Google Tag Manager for analytics and for advertisement. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.
We use Webflow to create websites. The provider is Webflow, Inc., 398 11th St., Floor 2, San Francisco, CA 94103, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in setting up and maintaining a website and thus presenting ourselves to the outside world.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://webflow.com/legal/eu-privacy-policy.
We use Google Conversion Tag for conversion tracking. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en
We use Facebook Conversion API for analytics. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.facebook.com/policy.php.
We use Google Analytics for analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.
We use Microsoft Advertising for analytics and for conversion tracking. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://privacy.microsoft.com/en-gb/privacystatement.
We are represented in social media networks in order to present our organization and our services there. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used, for example, to show advertising on the pages of the networks and elsewhere on the Internet that corresponds to the interests of the users. To this end, the operators of the networks store information on user behavior in cookies on the users' computers. Furthermore, it cannot be ruled out that the operators merge this information with other data. Users can obtain further information and instructions on how to object to processing by the site operators in the data protection declarations of the respective operators listed below. It is also possible that the operators or their servers are located in non-EU countries, so that they process data there. This may result in risks for users, e.g. because it is more difficult to enforce their rights or because government agencies access the data.
If users of the networks contact us via our profiles, we process the data provided to us in order to respond to the inquiries. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.
We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available here: https://https://www.linkedin.com/legal/privacy-policy?_l=de_DE. One way to object to data processing is via the settings for advertisements: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use HubSpot for scheduling appointments. The provider is HubSpot, Inc., 25 1st Street Cambridge, MA 0214, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), contact data (e.g. e-mail addresses, telephone numbers), and master data (e.g. names, addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in managing data in a simple and inexpensive way.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://legal.hubspot.com/de/privacy-policy.
We maintain a profile on Xing. The operator is XING AG, Dammtorstraße 29-32, 20354 Hamburg. The privacy policy is available here: https://privacy.xing.com/de/datenschutzerklaerung.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.
In the following, we provide information about the collection of personal data when using our mobile or web app (hereinafter only "App").
Personal data is any data that can be related to a specific natural person, such as their name or IP address.
The controller within the meaning of Art. 4 (7) EU General Data Protection Regulation (GDPR) is Sharpist GmbH, Karl-Marx-Straße 58, 12043 Berlin, Germany, email: mail@sharpist.com. We are legally represented by Hendrik Schriefer.
Our data protection officer can be reached via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.
We detail the scope of data processing, processing purposes and legal bases below. In principle, the following come into consideration as the legal basis for data processing:
Insofar as we transfer data to service providers or other third parties outside the EEA, the security of the data during the transfer is guaranteed by adequacy decisions of the EU Commission, insofar as they exist (e.g. for Great Britain, Canada and Israel) (Art. 45 para. 3 GDPR).
If no adequacy decision exists (e.g. for the USA), the legal basis for the data transfer are usually, i.e. unless we indicate otherwise, standard contractual clauses. These are a set of rules adopted by the EU Commission and are part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many of the providers have given contractual guarantees that go beyond the standard contractual clauses to protect the data. These include, for example, guarantees regarding the encryption of data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies wish to access the respective data.
Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and no legal obligations to retain data conflict with the deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted, i.e. the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Data subjects have the following rights against us with regard to their personal data:
Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data. Contact details of the data protection supervisory authorities are available at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.
Within the scope of the business or other relationship, customers, prospective customers or third parties need to provide us with personal data that is necessary for the establishment, execution and termination of a business or other relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or to provide a service or will no longer be able to perform an existing contract or other relationship.
Mandatory data are marked as such.
As a matter of principle, we do not use a fully automated decision-making process in accordance with article 22 GDPR to establish and implement the business or other relationship. Should we use these procedures in individual cases, we will inform of this separately if this is required by law.
When contacting us, e.g. by e-mail or telephone, the data provided to us (e.g. names and e-mail addresses) will be stored by us in order to answer questions. The legal basis for the processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) to answer inquiries directed to us. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
Our app is ready for download at Apple's App Store und Google's Play Store (hereinafter "Stores"). When users download the app, the necessary information is transmitted to the stores, i.e. in particular user name, e-mail address and customer number of the account, time of download, payment information and the individual device identification number. We have no influence on this data collection and are not responsible for it. We process the data only insofar as it is necessary for downloading the mobile app to the user's mobile device.
Our App is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen. The provider thereby processes the personal data transmitted via the app, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide an app, so that the legal basis of the data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
When users use our app, we collect the data that is technically necessary for us to offer users the functions of our app and to ensure stability and security. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.
The data processed to this extent are:
The app requests the user's access to functions of the end device or to data of the device in order to be able to execute functions of the app. By allowing access, the user gives consent to the associated data processing, so that the legal basis is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time by terminating access in the settings of their end device. The revocation does not affect the lawfulness of the processing until the revocation.
The functions or data processed to this extent are
In the app, we process data in order to provide the user with functions of the app. The legal basis for the processing is the usage agreement concluded with the user via the app.
The data processed to this extent are only the data entered into the App by the user.
We call our customers' employees, who use our Sharpist App "Learners". When we recommend you as a Coach for to a Learner, we share your following information with them via the Sharpist App:
When a learner chooses you for coaching, we will collect and share the following information about the learner:
The above-mentioned data may only be used for the fulfillment of the specific coaching assignment; any processing beyond this is not permitted. After the coaching assignment has ended, all personal data of the learner must be deleted.
After a coaching session, keywords may be selected that outline the topic of the session. We share these keywords with the learner and may also share them with our client in certain cases. In no case will we share with our client which coach selected which keywords to which learner. The selected list of keywords can be found in the appendix "Keywords related to the session topic".
The data will be forwarded to the clients only if at least 5 learners have completed at least 10 coaching sessions in total. Otherwise, only the number of registered learners is provided.
For statistical data analysis and evaluation, we use the following contract processors:
The legal basis for the processing is our legitimate interest in improving our product for our users (Art. 6 para. 1 p. 1 lit. f GDPR).
For receiving, storing and sending e-mails, we use the following order processors:
The legal basis of the transfer to a country outside the EEA (or for data subjects in the UK: outside the EEA or the UK) is standard contractual clauses. The security of the data transferred to the third country (i.e., a country outside the EEA) is guaranteed by standard data protection clauses adopted in accordance with the review procedure under Article 93 para. 2 GDPR (Article 46 para. 2 lit. c GDPR), which we have agreed with the provider.
Users can open a user account in the app. We process the data requested in this context to fulfill the respective user contract concluded for the account, so that the legal basis for the processing is Art. 6 para. 1 s. 1 lit. b GDPR. We delete the data when users delete their user account.
We use Intercom for engagement with the users. The provider is R&D Unlimited Company 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Ireland. The provider processes content data (e.g. entries in online forms), contact data (e.g. e-mail addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses), and master data (e.g. names, addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.intercom.com/de/legal/privacy
We use Firebase Cloud Messaging to communicate with users. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://firebase.google.com/support/privacy
We use Firebase Crashlytics to track errors in applications or on websites and to manage repairs. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in adequately monitoring the functionality of our applications.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy.
We use Google Analytics for analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses) in the USA.
The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.
The legal basis for the transfer to a country outside the EEA are standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.
The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.
We reserve the right to change this privacy policy with effect for the future. A current version is always available here.
If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.
Hereinafter we inform you about the nature, scope and purpose of the processing of your personal data when using the Sharpist Mobile App or Web App (hereinafter referred to as „App“). Personal data is any information that relates to an identified or identifiable natural person.
The person responsible (“Controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controller within the meaning of the GDPR for the personal data processed by us is:
Sharpist GmbH
Karl-Marx-Straße 58
12043 Berlin
phone +49 (0) 30 120 88 76 33
e-mail mail@sharpist.com
(hereinafter “we”).
(1) We have designated Mr.Philipp Nordhus as our internal Data Protection Officer. You can reach him in our office via the above contact details or via datenschutz@sharpist.com.
(2) The data protection authority locally responsible for our company is: Berliner Beauftragte für Datenschutz und Informations freiheit, Friedrich straße 219, 10969 Berlin.
(1) If you would like to work for us as a Coach, we request the following data from you: first and last name, billing address, e-mail address, telephone number, tax number, VAT identification number, bank account details, information about your language skills, education and professional experience.
(2) We collect this data to decide whether and in which areas you can work for us as a coach and to carry out the coaching assignments (contract negotiations and contract implementation according to Article 6 par. 1 letter b GDPR).
(3) If no contractual relationship has been established between you and us, we shall delete your data at the end of the calendar year following the last communication with you.
(4) If a contract has been concluded between you and us, we will delete the data collected about you as soon as a particular information is no longer required for the performance of the contract. Where personal data is contained in contractual documents, commercial letters, invoices or comparable documents or files, we shall delete these as soon as the applicable retention periods under commercial and tax law have expired.
(5) We do not use automated decision making in connection to the conclusion of contracts; nor do we use profiling technology.
(1) Our mobile app is available for download in the Apple App Store (Apple Inc., 1 Apple Park Way, Cupertino, CA 95014, USA) and the Google Play Store (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). When you install our mobile app, Apple or Google will send us the following data about you or your device: Ad-ID, OS version and language. In addition, the terms of contract and privacy information of Apple and Google apply.
(2) As a Coach, you can only use the installed App after a registration. To register, it is necessary to provide your e-mail address and select a password.
(3) After registration, we ask you to share some additional information with us: your preferred language, Invoice information, type of coach, coaching experience, work experience, degree, coaching focus, introductory text, coach log in sessions and information on Sharpist learners and sessions.
(4) You may voluntarily provide additional personal data, which we process based on your consent (Article 6 par. 1 letter a GDPR).
(1) In order to ensure a high quality of service, we will use your telephone number as described below:
(a) We would like to call you occasionally to ask you about your experience inworking with us. This concerns for example the following topics: Design and usability of the Sharpist App, reliability of the functions of the Sharpist App, your opinion on possible new functions or other changes, suggestions for improvement from your side.
(b) If a technical problem occurs with the Sharpist App installed on your device, we would like to be able to call you so that we can work with you to better identify and resolve the problem.
(c) If a learner has informed us that he/she would like to cancel or postpone a coaching session with you at short notice, we would inform you by telephone if information via another channel would probably not reach you in time or not reliably.
(d) In the event that planned coaching sessions are repeatedly missed for no apparent reason, we would like to clarify the reason by telephone and discuss possible improvements for future scheduling.
(2) The use of your telephone number mentioned in paragraph 1 is based on our legitimate interest in offering the best possible service to all parties involved and in identifying technical and organizational obstacles and eliminating them for the future (Article 6 paragraph 1 letter f DSGVO).
(1) Our Clients’ employees using use our Sharpist App are called „Learners“ by us. When we propose you as Coach for a Learner, we share the following information about you with the Learner via the Sharpist App: first name, last name, your photo, language skills, education and professional experience.
(2) When a Learner decides for you for the coaching, we will share the following information about the Learner with you: first name, last name, gender, academictitle, associated company, the Learner’s role in the company, details of the Learner’ spersonal goals („Goals“), details of topics that should be excluded from coaching(„No-Gos“ ), and preferred language.
(3) You shall use the data referred to in the foregoing paragraph for no other purpose than the fulfilment of the specific coaching assignment; any processing beyond this is prohibited. You must delete any personal data related a Learner upon completion of the coaching.
(4) After a Coaching session, you may choose keywords that outline the session’s topic. We will share these keywords with the Learner, and may, in certain cases, also share them with our Client. In no case we will tell our Client which Coach chose which keywords regarding which Learner. Please see Annex „Session topic keywords“ for the keyword list you may choose from.
(5) We process all the above-mentioned data in order to properly fulfil our contracts concluded with you and with our Clients on coaching our Clients’ employees(Article 6 paragraph 1 letter b GDPR).
(1) During the contractual relationship regarding the use of Sharpist App, we will provide our respective Client with the following information:
(a) the first name and last name of all Coaches who have scheduled or completed a coaching,
(b) the keywords that you have chosen on the topics of the coaching sessions, but without information on which Coach sent which keywords regarding which Learner.
(C) For statistical data analytics and evaluation, we use use services provided by the following processors:Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and y42 (DATOS Intelligence GmbH, Lohmühlenstraße 65, 12435Berlin, Germany).
(2) However, we shall provide the above information only when there are at least 5Learners having completed at least 10 coaching sessions altogether. Otherwise, we shall only disclose the number of registered Learners.
(1) When you contact us by e-mail, we will process your message together with your contact details (your name, your e-mail address and possible further information added by your e-mail client and the servers transferring your e-mail).
(2) This data processing is based on our legitimate interest to answer you request and to handle possible follow-up communication (Article 6 paragraph 1 letter f GDPR). We shall delete the data collected from you at the end of the calendar year following the last communication with you.
(3) Our mail servers work with TLS and SSL, thus the data transfer between your and our mail servers will be encrypted as long as your e-mail provider supports at least one of these features.
(1) Processors according to Article 28 GDPR
(a) For the operation of our website on the Internet, for the Sharpist Mobile App and the Sharpist Web App we use services provided by the following processor: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
(b) To receive, store and dispatch e-mails we use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA94105, USA). When we use Twilio, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46par. 2 letter c GDPR based on the EU Standard Contractual Clauses.
(c) For processing our Clients‘ personal data, we use use services provided by the following processors: HubSpot (HubSpot Germany GmbH, Koppen straße 93, 10243 Berlin), Jot Form (Jot Form Inc., 801 Garden Street, Suite 201, Santa Barbara, CA 93101, USA) and Pipefy (Pipefy, Inc., 1209 N Orange Street, Wilmington, DE 19801, USA).When we use Jot Form or Pipefy, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article46 par. 2 letter c GDPR based on the EU Standard Contractual Clauses.
(a) For video communication between Coaches and Learners our app uses the services of Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105,USA). Since Twilio does not process data on our behalf, Twilio is not a processor in terms of Article 28 GDPR, but receives data directly from the Coaches and Learner staking part in the video communication.
(b) For online chat communication between Coaches and Learners we use the services of Intercom (Intercom R&D Unlimited Company, 18-21 St. Stephen’s Green, Dublin 2, Ireland).
With regard to your personal data we process, you have the following rights:
You have the right to obtain a confirmation from us as to whether we process personal data concerning you. If this is the case, we will inform you about the personal data stored about you and the further information in accordance with Article 15 par. 1 and 2 GDPR.
You have the right to have your inaccurate personal data rectified without undue delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
You can demand the erasure of your personal data concerning you under the conditions of Article 17 par. 1 GDPR without undue delay, as far as their processing is not necessary according to Article 17 par. 3 GDPR.
You may demand that we restrict the processing of your data if one of there quirements of Article 18 par. 1 GDPR applies. In particular, you can request there striction instead of an erasure.
We will communicate any rectification or erasure of your personal data and are striction of processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.
You have the right to receive the personal data which you provide to us in a structured, commonly used and machine-readable format. You may also request that we transmit the data to another controller without hindrance, where technically feasible.
As far as a data processing is based on your given consent, you have the right to, with draw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal.
RIGHT TO OBJECT: ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA; this right applies to a processing, according to Article 6 par. 1 f GDPR, necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. If you exercise your right to object, we will no longer process the personal data in question unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims.
IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES (E.G. NEWSLETTER), YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES..
If you believe that the processing of your personal data is in breach of the GDPR, you may lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. This does not exclude other administrative or judicial remedies.
Hereinafter we inform you about the nature, scope and purpose of the processing of your personal data in connection with services offered or provided by us. Personal data is any information that relates to an identified or identifiable natural person
The person responsible (“Controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controller within the meaning of the GDPR for the personal data processed by us is:
Sharpist GmbH
Karl-Marx-Straße 58
12043 Berlin
phone +49 (0) 30 120 88 76 33
e-mail mail@sharpist.com
(hereinafter “we”)
(1) We have designated Mr.Philipp Nordhus as our internal Data Protection Officer. You can reach him in our office via the above contact details or via datenschutz@sharpist.com.
(2) The data protection authority locally responsible for our company is: Berliner Beauftragte für Datenschutz und Informations freiheit, Friedrich straße 219, 10969 Berlin.
(1) When you contact us to find out more about us or to request a quotation, we will process your name, academic title, name and address of the company you represent, your function in this company, your e-mail address, your telephone number and any other information you may have provided for your request.
(2) This data processing is based on Article 6 paragraph 1 letter b GDPR (processing for the purpose of initiating a contract). If no contractual relationship is established between you and us, the data collected from you shall be deleted at the end of the calendar year following the last communication with you.
(1) If you conclude a contract with us concerning the use of the Sharpist App(whether as a Web App, Mobile App or in any other form), we shall retain the data collected for the offer for the duration of the contractual relationship.
(2) During the ongoing cooperation, contact data of further representatives of your company may be added, e.g. for technical or content-related questions; § 3 par. 1applies to these accordingly.
(3) The purpose of processing is the fulfilment of the contract (Article 6 paragraph 1 letter b GDPR).
(4) We shall delete the data collected in accordance with paragraphs 1-2 as soon as they are no longer required for the fulfilment of the contract in the specific case. Insofar as personal data are contained in contractual documents, commercial letters, invoices or comparable documents or files, we shall delete them as soon as the retention periods under commercial and tax law applicable to them have expired.
(5) We do not take automated decisions on the conclusion of contracts; nor do we use profiling technology.
(1) Employees of your company who use our Sharpist App are called „Learners“ by us. Learners can only use the Sharpist App after registration. To register, it is necessary that the Learner provides the following information about himself in the App: first name, last name, gender, and e-mail address. It is not possible to register the Sharpist App without providing these data.
(2) After registration, we collect the following additional data from the Learner: hisp referred language, the Learner‘s role in the company, details of his personal goals(„Goals“) and details of topics that should be excluded from coaching („No-Gos“).
(3) The Learner may voluntarily provide additional personal data, e.g. his telephone number to facilitate contact with us in the event of technical or content-related questions from the Learner.
(4) In order to offer the Learner suitable coaching, we will forward the following data of the Learner to one or more Coaches: first name, last name, gender, academic title, associated company, the Learner‘s role in the company, Goals, No-goes and preferred language. The Coaches shall process this data for no other purpose than the fulfilment of the specific coaching assignment; any processing beyond this is prohibited. Coaches shall delete any personal data of the Learner upon completion of the coaching.
(5) We collect all the above-mentioned data in order to be able to properly fulfil the contract concluded with you for coaching your employees (Article 6 paragraph 1 letter b GDPR).
(6) We delete the personal data collected from the Learner when the contractual relationship with you ends or when the Learner declares that he no longer wishes to use the Sharpist App.
(7) Insofar as we have included the name or pseudonym of a Learner in an invoice for accounting purposes following your instruction, this invoice component can not be deleted before the end of the tax retention period.
(1) During the contractual relationship regarding the use of Sharpist App, we provide you as our Client with the following information:
(a) the first name and last name of all Learners who have registered the Sharpist App in connection with the contract between you and us,
(b) the first name and last name of all Coaches assigned to Learners as defined in (a), and
(c) the keywords that the Coaches have sent us on the topics of their coaching sessions, but without information on which Coach sent which keywords regarding which Learner.
(2) However, we shall provide the above information only when there are at least 5Learners having completed at least 10 coaching sessions altogether. Otherwise, we shall only disclose the number of registered Learners.
(1) Processors according to Article 28 GDPR
(a) For the operation of our website on the Internet, for the Sharpist Mobile App and the Sharpist Web App we use services provided by the following processor: Hetzner Online GmbH, Industries. 25, 91710 Gunzenhausen, Germany.
(b) To receive, store and dispatch e-mails we use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA94105, USA). When we use Twilio, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46 par. 2 lit. c GDPR based on the EU Standard Contractual Clauses.
(c) For processing our Clients‘ personal data, we use use services provided by the following processors: HubSpot (HubSpot Germany GmbH, Koppen straße 93, 10243 Berlin), Jot Form (Jot Form Inc., 801 Garden Street, Suite 201, Santa Barbara, CA 93101, USA) and Pipefy ( Pipefy, Inc., 1209 N Orange Street, Wilmington, DE 19801, USA). When we use Jot Form or Pipefy, personal data is transferred to the USA, which are a third country lacking an adequacy decision by the Commission of the European Union. Data transfer is hence made in accordance with Article 46 par. 2 lit. c GDPR based on the EU Standard Contractual Clauses.
(d) For statistical data analytics and evaluation, we use use services provided by the following processors: Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,Ireland) and y42 (DATOS Intelligence GmbH, Lohmühlenstraße 65, 12435 Berlin, Germany).
(2) Further recipients
(a) For video communication between Coaches and Learners our app uses the services of Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA). Since Twilio does not process data on our behalf, Twilio is not a processor in terms of Article 28 GDPR, but receives data directly from the Coaches and Learner staking part in the video communication.
(b) For online chat communication between Coaches and Learners we use the services of Intercom (Intercom R&D Unlimited Company, 18-21 St. Stephen’s Green, Dublin 2, Ireland).
With regard to your personal data we process, you have the following rights:
You have the right to obtain a confirmation from us as to whether we process personal data concerning you. If this is the case, we will inform you about the personal data stored about you and the further information in accordance with Article 15 par. 1 and 2 GDPR.
You have the right to have your inaccurate personal data rectified without undue delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
You can demand the erasure of your personal data concerning you under the conditions of Article 17 par. 1 GDPR without undue delay, as far as their processing is not necessary according to Article 17 par. 3 GDPR.
You may demand that we restrict the processing of your data if one of there quirements of Article 18 par. 1 GDPR applies. In particular, you can request the restriction instead of an erasure.
We will communicate any rectification or erasure of your personal data and are striction of processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request it.
You have the right to receive the personal data which you provide to us in a structured, commonly used and machine-readable format. You may also request that we transmit the data to another controller without hindrance, where technically feasible.
As far as a data processing is based on your given consent, you have the right to, withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal.
RIGHT TO OBJECT: ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION,YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA; this right applies to a processing, according to Article 6 par. 1 f GDPR, necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. If you exercise your right to object, we will no longer process the personal data in question unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims.
IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES(E.G. NEWSLETTER), YOU MAY, AT ANY TIME, OBJECT TO PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES.
If you believe that the processing of your personal data is in breach of the GDPR, you may lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. This does not exclude other administrative or judicial remedies.
%20(1).png)
