Skip to content

PRIVACY POLICY

This privacy policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) within the scope of our services as well as within our online offering and the web pages, features, and content associated with it, as well as external online presences, such as our social media profiles (collectively referred to as “online offering”). With regard to the terms used, such as “processing” or “controller”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Responsible for the content

Robins Crowd UG (haftungsbeschränkt)
Wallstraße 88
55122 Mainz
Germany

Managing Director: Alfons Schwiderski

Types of processed data

  • Inventory data (e.g., personal master data, names, or addresses)
  • Contact data (e.g., email, telephone numbers)
  • Content data (e.g., text input, photographs, videos)
  • Usage data (e.g., visited websites, interest in content, access times)
  • Meta-/communication data (e.g., device information, IP addresses)

Categories of affected persons

Visitors and users of the online offering (hereinafter we also refer to the affected persons as “users”).

Purpose of processing

  • Provision of the online offering, its functions, and content
  • Response to contact requests and communication with users
  • Security measures
  • Reach measurement/marketing

Terms used

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and includes virtually any handling of data.

“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

The “controller” is the natural or legal person, authority, institution, or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

“Processor” is a natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller.

Relevant legal bases

In accordance with Article 13 GDPR, we inform you of the legal bases of our data processing. For users from the jurisdiction of the General Data Protection Regulation (GDPR), i.e., the EU and the EEC, the following applies if the legal basis is not mentioned in the privacy policy:

The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR;

The legal basis for processing for the performance of our services and implementation of contractual measures as well as responding to inquiries is Art. 6 (1) lit. b GDPR;

The legal basis for processing to fulfil our legal obligations is Art. 6 (1) lit. c GDPR;

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) lit. d GDPR serves as the legal basis.

The legal basis for processing to perform a task carried out in the public interest or in the exercise of official authority vested in the controller is Art. 6 (1) lit. e GDPR.

The legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR.

The processing of data for purposes other than those for which they were collected is determined according to the provisions of Art. 6 para. 4 GDPR.

The processing of special categories of data (according to Art. 9 para. 1 GDPR) is determined according to the provisions of Art. 9 para. 2 GDPR.

Security measures

In accordance with legal requirements, taking into account the state of the art, the costs of implementation, and the nature, scope, circumstances, and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, input, transfer, ensuring availability, and their separation. Furthermore, we have established procedures that ensure the exercise of data subjects’ rights, deletion of data, and responses to data compromise. Moreover, we take into account the protection of personal data already in the development or selection of hardware, software, and procedures, in accordance with the principle of privacy by design and by default.

Cooperation with processors, joint controllers, and third parties

If, in the course of our processing, we disclose data to other persons and companies (processors, joint controllers, or third parties), transmit them to them, or otherwise grant them access to the data, this is done only on the basis of legal permission (e.g., if the transmission of data to third parties, such as payment service providers, is necessary for contract fulfillment), users have consented, a legal obligation provides for it, or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).

If we disclose data to other companies in our group, transmit them, or otherwise grant access, this is done, in particular, for administrative purposes as a legitimate interest and beyond that on a basis that complies with legal requirements.

Transfers to third countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA), or the Swiss Confederation) or this occurs in the context of the use of third-party services or disclosure, or transmission of data to other persons or companies, this is done only if it is to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation, or on the basis of our legitimate interests. Subject to express consent or contractually required transmission, we process, or let the data be processed only in third countries with a recognized level of data protection, to which the US processors certified under the “Privacy Shield” belong, or on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications, or binding internal data protection rules (Art. 44 to 49 GDPR, information page of the EU Commission).

Rights of the data subjects

You have the right to request confirmation as to whether data concerning you is being processed and to information about this data, as well as further information and a copy of the data in accordance with legal requirements.

You have the right, in accordance with legal requirements, to request the completion of data concerning you or the correction of incorrect data concerning you.

In accordance with legal requirements, you have the right to demand that data concerning you be deleted immediately, or, alternatively, to demand a restriction of the processing of the data in accordance with legal requirements.

You have the right to demand that the data concerning you, which you have provided us, be received in accordance with legal requirements and to demand their transmission to other responsible parties.

Furthermore, in accordance with legal requirements, you have the right to file a complaint with the competent supervisory authority.

Right of withdrawal

You have the right to withdraw consents with effect for the future.

Right to object

You can object to the future processing of data concerning you at any time in accordance with legal requirements. The objection can be made in particular against processing for direct marketing purposes.

Cookies and Right to Object to Direct Advertising

“Cookies” are small files that are stored on users’ computers. Different information can be stored within cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit within an online service. Cookies that are deleted after a user leaves an online service and closes their browser are referred to as temporary cookies, or “session cookies” or “transient cookies.” For example, the contents of a shopping cart in an online store or a login status can be stored in such a cookie. Cookies that remain stored after closing the browser are referred to as “permanent” or “persistent” cookies. For instance, the login status can be saved when users visit it after several days. Similarly, such a cookie can store the interests of users, which are used for reach measurement or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the responsible party operating the online service (otherwise, if only its cookies are involved, they are referred to as “first-party cookies”).

We may use temporary and permanent cookies and explain this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in their browser’s system settings. Stored cookies can be deleted in the browser’s system settings. Excluding cookies can lead to functional restrictions of this online service.

A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US site or the EU site. Furthermore, the storage of cookies can be achieved by disabling them in the browser settings. Please note that not all functions of this online service may be used if you do so.

Deletion of Data

The data processed by us will be deleted or its processing restricted in accordance with legal requirements. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations.

If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. That is, the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

Changes and Updates to the Privacy Policy

We ask you to regularly inform yourself about the content of our privacy policy. We adjust the privacy policy as soon as the changes in the data processing carried out by us make it necessary. We will inform you as soon as the changes require your participation (e.g., consent) or other individual notification.

Business-Related Processing

In addition, we process

  • Contract data (e.g., subject matter of the contract, term, customer category).
  • Payment data (e.g., bank details, payment history)

from our customers, prospects, and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising, and market research.