Privacy

Privacy Policy of DealCircle GmbH

The requirements of the EU General Data Protection Regulation (hereinafter GDPR) apply throughout Europe. We would like to inform you about the the processing of personal data carried out by our company in accordance with this regulation (see articles 13 and 14 GDPR). If you have any questions or comments about this data protection declaration, you can send them at any time to the e-mail address given in points 2 or 3.


Table of contents:

I. Overview

In this section of the data protection declaration, you will find information on the scope of application, the person responsible for data processing, the data protection officer and data security.

1. Scope

Data processing by DealCircle GmbH can essentially be divided into two categories:

  • For the purpose of contract processing, all data required for the execution of a contract with DealCircle GmbH will be processed. If external service providers are also involved in the execution of the contract, your data will be passed on to them to the extent necessary.
  • When you access the DealCircle GmbH website/platform, various information is exchanged between your terminal and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimise our website.

This privacy policy applies to the following offers:

  • our online offer is available at www.dealcircle.de;
  • whenever this data protection declaration is otherwise referred to from one of our offers (e.g. websites, sub-domains, mobile applications, web services or integration into third party sites), regardless of the way you call up or use it.

All these offers are together also called “Services”.

2. Responsible person

The person responsible for data processing – i.e. the person who decides on the purposes and means of processing personal data – in connection with the services is

DealCircle GmbH
Rothenbaumchaussee 205
D-20149 Hamburg
datenschutz@dealcircle.de

3. Data protection officer

You can contact our data protection officer as follows:

Contact form:

https://www.dsextern.de/anfragen
DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg

4. Data security

We have established an information security management system in our company in order to develop the measures required by Art. 32 DSGVO and thus achieve a level of protection appropriate to the risk.


II. The data processing operations in detail

In this section of the data protection declaration we inform you in detail about the processing of personal data within the scope of our services. To make it easier to understand, we structure this information according to certain functionalities of our services. During normal use of the services, different functionalities and thus different processing operations may occur consecutively or simultaneously.

1. General information on data processing

Unless otherwise stated, the following applies to all processing operations described below:

a. No obligation to provide

There is no contractual or legal obligation to provide personal data. You are not obliged to provide data.

b. Consequences of non-delivery

In the case of required data (data marked as mandatory when entered), failure to provide such data will mean that the service in question cannot be provided. Otherwise, the non-supply may mean that our services cannot be provided in the same form and quality.

c. Consent

In various cases you have the possibility to give us your consent to further processing in connection with the processing described below (if necessary for part of the data). In this case, we will inform you separately, in connection with the submission of the respective declaration of consent, about all modalities and the scope of the consent and about the purposes that we pursue with these processing operations.

d. Transfer of personal data to third countries

If we transfer data to third countries, i.e. countries outside the European Union, the transfer will only take place in compliance with the legal requirements.

The admissibility requirements are regulated by Art. 44 -49 DSGVO.

e. Hosting with external service providers

Our data processing is to a large extent carried out by so-called hosting service providers, who provide us with storage space and processing capacities in their computer centres and also process personal data on our behalf in accordance with our instructions. These service providers either process data exclusively in the EU or we have guaranteed an adequate level of data protection by means of the EU General Data Protection Regulation.

f. Transmission to public authorities

We only transmit personal data to state authorities (including law enforcement agencies) if this is necessary to fulfil a legal obligation to which we are subject (legal basis: Art. 6 para. 1 c) DSGVO) or if it is necessary to assert, exercise or defend legal claims (legal basis: Art. 6 para. 1 f) DSGVO).

g. Storage duration

We do not store your data longer than we need them for the respective processing purposes. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted, unless it is still necessary to store it for a limited period. Reasons for this can be, for example, the following:

  • Fulfilment of commercial and tax law retention obligations
  • Obtaining evidence for legal disputes within the framework of the legal statute of limitations

It is also possible for us to continue to store your data with us if you have expressly given your consent.

h. Data categories

  • Account data: Login/user ID and password
  • Person master data: Title, salutation/gender, first name, surname, date of birth
  • Address data: Street, house number, address supplements if necessary, postcode, town, country
  • Contact details: Telephone number(s), fax number(s), e-mail address(es)
  • Registration data: Information about the service you have registered for; dates and technical information about registration, confirmation and deregistration; data provided by you at registration
  • Order data: Ordered products, prices, payment and delivery information
  • Access data: Date and time of the visit to our service; the page from which the accessing system reached our site; pages called up during use; data for session identification (session ID); also the following information of the accessing computer system: Internet Protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.
  • Application data: Curriculum vitae, references, proofs, samples of work, certificates, pictures

2. Calling up the website/application

This describes how we process your personal data when you call up our services. In particular, we would like to point out that the transmission of access data to external content providers (see b.) is unavoidable due to the technical functioning of information transmission on the Internet.

a. Information on processing
Data category Purpose Legal basis Where applicable, justified interest Storage duration
Access data Connection establishment, presentation of the contents of the service, detection of attacks on our site by means of unusual activities, fault diagnosis Art. 6 para. 1 f) DSGVO Proper functioning of services, security of data and business processes, prevention of misuse, prevention of damage caused by interference with information systems 7 days


b. Recipients of personal data
Recipient category Data concerned Legal basis of the transmission Where applicable, justified interest
External content providers that provide content (e.g. images, videos, embedded social networking posts, banner ads, fonts, update information) required to display the Service Access data Order processing (Art. 28 DSGVO) proper functioning of the services, (accelerated) presentation of the contents
Hosting service provider Access data Order processing (Art. 28 DSGVO)


c. External content providers who transmit to third countries
Name of the service Functionality Transfer of data to third countries? If necessary, decision on appropriateness (Art. 45 DSGVO) Where appropriate, appropriate guarantees (Art. 46 DSGVO)
Google fonts Representation of fonts Yes EU-U.S. Privacy Shield https://www.privacyshield.gov/list

Google Fonts:

We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. Google Fonts is used without authentication and no cookies are sent to the Google Fonts API. If you have a Google Account, none of your Google Account information will be sent to Google while using Google Fonts. Google only records the use of CSS and the fonts used and stores this information securely. You can find more information about these and other questions at https://developers.google.com/fonts/faq?tid=231548945379.

You can find out which data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

3. Newsletter / Email Alerts

We describe here what happens to your personal data in connection with a subscription to our newsletter:

a. Information on processing
Data category Purpose Legal basis Where applicable, justified interest Storage duration
E-Mail address Verification of the registration (double opt-in procedure), newsletter dispatch Article 6(1)(b) DSGVO Duration of the newsletter subscription
Person master data Personalisation of the newsletter Article 6(1)(b) DSGVO Duration of the newsletter subscription
Registration data Traceability of newsletter registration/confirmation/deregistration Article 6 paragraph 1 letters b), f) DSGVO Proof of successful newsletter registration/confirmation/deregistration Duration of the newsletter subscription
User profile data newsletter design of the newsletter in line with the interests of the reader Article 6 paragraph 1 letter f) DSGVO Improvement of our service, advertising purposes Duration of the newsletter subscription


b. Recipients of personal data
Recipient category Data concerned Legal basis of the transmission Where applicable, justified interest
Service provider for newsletter dispatch all data mentioned under a. Order processing (Art. 28 DSGVO)

4. Job application

In an ongoing application process we process your personal data in the following way:

a. Information on processing
Data category Purpose Legal basis Where applicable, justified interest Storage duration
Address data, contact details Identification, contacting, communication for contract initiation Art. 6 para. 1 b) DSGVO 6 months
Person master data Identification, contacting, age verification Art. 6 para. 1 b) DSGVO 6 months
Application details Selection of applicants Art. 6 para. 1 b) DSGVO 6 months


b. Recipients of personal data
Recipient category Data concerned Legal basis of the transmission Where applicable, justified interest
Join Solutions AG All data mentioned under a) Art. 6 para. 1 b) DSGVO
LinkedIn Corporation All data mentioned under a) Art. 6 para. 1 b) DSGVO
Email service provider All data mentioned under a) Order processing (Art. 28 DSG-VO)
Mail archiving service provider All data mentioned under a) Order processing (Art. 28 DSG-VO)

5. Customer support

You can find out how we process your personal data when you contact our customer service here:

a. Information on processing
Data category Purpose Legal basis Where applicable, justified interest Storage duration
Personal master data, contact data, contents of enquiries/complaints Processing of customer enquiries and user complaints Art. 6, para. 1 b), f) Customer loyalty, improvement of our service Processing of the request

6. Data processing in the context of contact

If you contact us via the online form or by e-mail, we store the information you provide in order to be able to answer your enquiry and ask possible follow-up questions.

The same applies if we contact you directly to present investment opportunities that are relevant to you. In this case, we obtain the contact details from publicly available and non-confidential sources.

a. Information on processing
Data category Purpose Legal basis Where applicable, justified interest Storage duration
Personal master data, contact data, contents of the mail Processing of enquiries, presentation of projects Art. 6, para. 1 b), f) Customer loyalty, improvement of our service 1 year, archiving 10 years


b. Recipients of personal data
Recipient category Data concerned Legal basis of the transmission Where applicable, justified interest
Email service provider All of the above-mentioned Order processing (Art. 28 DSG-VO)
Mail archiving service provider All of the above-mentioned Order processing (Art. 28 DSG-VO)
Hosting service provider All of the above-mentioned Order processing (Art. 28 DSG-VO)
Companies concerned by the request All of the above-mentioned Article 6(1)(a)

7. Tracking

Below we describe how your personal data is processed using tracking technologies for the analysis and optimisation of our services and for advertising purposes.

The description of the tracking procedures also includes information on how you can prevent or object to data processing. Please note that the so- called “opt-out”, i.e. the refusal of processing, is usually stored via cookies. If you use our services via a new terminal device or in another browser, or if you have deleted the cookies set by your browser, you will have to explain the rejection again.

The tracking procedures presented process personal data only in pseudonymous form. A connection with a concrete, identified natural person, i.e. a combination of the data with information about the bearer of the pseudonym, does not take place.


Tracking to analyse and optimise our services and their use, and to measure the success of advertising campaigns and optimise the display of advertising

Purposes of the processing

The analysis of user behaviour by means of tracking helps us to check the effectiveness of our services, to optimise them and adapt them to the needs of the users, and to correct errors. It also serves to statistically determine characteristic values about the use of our services (range, intensity of use, surfing behaviour of users) on the basis of uniform standard procedures, thus obtaining values that are comparable throughout the market.

Tracking to measure the success of advertising campaigns helps us to optimise our ads for the future and also enables marketers and advertisers to optimise their ads accordingly. The purpose of tracking to optimise the display of advertising is to provide users with advertising tailored to their interests, to increase the success of the advertising and thereby also to increase advertising revenues.


Legal basis of the processing

Protection of legitimate interests under Art. 6 para. 1 f) DSGVO


The tracking methods used in detail

Name of the service Functionality Possibility to stop processing (opt-out) Transfer of data to third countries? If necessary, decision on appropriateness (Art. 45 DSGVO) Where appropriate, appropriate guarantees (Art. 46 DSGVO
Google Analytics Web Analysis https://tools.google.com/
dlpage/gaoptout?hl=en
no

III. Rights of data subjects

1. Right of objection

You have the right to object at any time, for reasons arising from your particular situation, with future effect, to the processing of personal data concerning you that is carried out pursuant to Article 6, paragraph 1, letters e) or f) of the DPA, including profiling based on these provisions.

You can exercise the right of objection free of charge.

You can contact us using the contact details given under I.2.

2. Right of access to information

You have the right to know whether personal data relating to you is being processed by us, what personal data, if any, this is, and to receive further information in accordance with Art. 15 DSGVO.

3. Right of rectification

You have the right to demand that we correct incorrect personal data relating to you without delay (Art. 16 DSGVO). Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.

4. Right of cancellation (“right to be forgotten”)

You have the right to demand from us that personal data relating to you be deleted immediately, provided that one of the reasons stated in Art. 17 Para. 1 DSGVO applies and the processing is not necessary for one of the purposes regulated in Art. 17 Para. 3 DSGVO.

5. Right to restrict processing

You are entitled to request a restriction in the processing of your personal data if one of the conditions laid down in Art. 18 paragraph 1 letters a) to d) DSGVO is met.

6. Right to data transferability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transmit this data to another person in charge without hindrance from us or to obtain a direct transmission by us, if technically possible. This shall always apply if the basis for data processing is consent or a contract and the data is processed automatically. Accordingly, this does not apply to data held only in paper form.

7. Right of withdrawal with consent

If the processing is based on your consent, you have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

8. Right of appeal

They have a right of appeal to a supervisory authority.


IV. Glossary

Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Browser: Computer program for displaying web pages (e.g. Chrome, Firefox, Safari)

Cookies: The term “cookie” actually comes from the English vocabulary and can be translated into German in its original meaning as “Keks”. In the context of the World Wide Web, however, a cookie describes a small text file that is stored locally on the user’s computer when he or she visits a website. This file stores data about the user’s behaviour. If the browser is called up and the corresponding website is visited repeatedly, the cookie is used and provides the web server with information about the user’s surfing behaviour using the stored data. In this context, cookies are not biscuits, but information that a website stores locally on the computer of the visitor in a small text file. This can be information that has already been set by the user on a page, but also information that the website has collected completely independently from the user. Later, these locally stored text files can be read out again by the same web server that created them. Most browsers accept cookies automatically. You can manage cookies using the browser functions (usually under “Options” or “Settings”). This allows you to deactivate the saving of cookies, make it dependent on your consent in individual cases or restrict it in some other way. You can also delete cookies at any time.

Third countries: Country not bound by the legal requirements of the EU Data Protection Directive (country outside the EEA)

Personal data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an on-line identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Pixel: Pixels are also called tracking pixels, web beacons or web bugs. They are small, invisible graphics in HTML e-mails or on websites. When a document is opened, this small image is loaded from a server on the Internet, where the download is registered. In this way, the server operator can see whether and when an e-mail was opened or a website visited. This function is usually realised by calling a small programme (Javascript). In this way, certain types of information can be recognised and passed on on your computer system, such as the content of cookies, the time and date of the page call and a description of the page on which the pixel-code is located.

Services: Our services to which this privacy policy applies (see scope of application).

Tracking: The collection of data and analysis of this data regarding the behaviour of visitors to our services.

Tracking technologies: Tracking can take place via the activity protocols (log files) stored on our web servers as well as via data collection from your end device via pixels, cookies and similar tracking technologies.

Processing: Any operation or set of operations, performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


Status: June 30, 2020