Data protection declaration
Debitos GmbH, Platz der Einheit 2, 60327 Frankfurt am Main (in the following: “We“) are, as the operator of the Secondary Debt Market on the website www.debitos.de (in the following: “Website”) and all belonging subdomains, the responsible entity for the personal data of the users (in the following: “You”) of the website in the sense of the Federal Data Protection Act (“FDPA“).
We protect your privacy and your personal data. We collect, process and use your personal data in accordance with the content of these data protection provisions and the applicable German data protection laws, in particular the General Data Protection Regulation (the GDPR) and the BDSG.
It is regulated under this data protection declaration, which personal data about you we collect, process, and use. For this reason, we urgently ask you to read the subsequent explanations thoroughly.
1.) COLLECTION OF PERSONAL DATA
1.1) Personal data in terms of this data protection declaration are individual items of data about your private or factual circumstances. This includes in particular your name, your email address, your address, and your telephone number as well as your account data and your tax specifications.
1.2) Personal data includes also information about your usage of our website. In this context, we collect personal data about you as follows: information about your visits of the website such as the amount of data transferred, the location from where you retrieve data from the website, as well as other communication data and sources that you retrieve. Normally, this is done through the application of logfiles and cookies. More information about logfiles and cookies is given in clause 3.
2.) PURPOSE OF USE
We use your personal data for the following purposes:
2.1) In order to provide the following services:
(a) for responding user requests,
(b) for processing the contracts concluded with you,
(c) for billing purposes, and
(d) for the technical administration of the Secondary Debt Market.
2.2) In order to ensure that our website is presented in a way that is as effective and interesting as possible to you, e.g. storage of displaying preferences.
2.3) In order to meet our obligations arising from any contracts concluded between you and us, e.g. guarantee of an orderly and at most undisturbed usage of the Secondary Debt Market;
2.4) In order to guarantee the operation of our website, in particular to determine and resolve mistakes of the website, to observe the occupancy rate of the website and to perform adjustments or improvements.
2.5) In order to meet our legal obligations, e.g. determination of a violation against penal provisions, competition law, third-party rights, protection of minors, consumer protection, or exclusion of a consumer from the Secondary Debt Market etc.;
2.6) In order to enable you to participate in interactive offers, provided that you wish so;
2.7) In order to inform you about modifications of our services.
3.) INFORMATION ABOUT YOUR COMPUTER, COOKIES, AND TARGETING
3.1) With every access to our page, we collect the following information about your computer: the IP-address of your computer, the inquiry of your browser as well as the time of this inquiry. Besides that, the status and the data volume transferred in the course of this inquiry are captured. [We also collect product and version information about the utilized browser and the operating system of your computer. We furthermore capture from which website the access to our page occurred.] Thereby, the IP-address of your computer is saved only for the duration of your utilization of the website and is thereafter instantaneously deleted or anonymized by truncation. The remaining data is saved for a limited duration.
3.2) Moreover, we possibly collect information about your utilization of our website by applying so-called browser-cookies. These are small text files, which are saved on your data carrier and save certain settings and data necessary for the exchange with our system via your browser. A cookie normally contains the name of the domain from where the cookie-data was sent as well as information about the age of the cookie and an alphanumeric identification character. Cookies enable our systems to recognize the device of the user and to immediately make eventual default settings available. As soon as a user accesses the platform, a cookie is transmitted to the hard drive of the user’s computer. Cookies help us to improve our website and that we can offer you a better service that is even more tailored to you. They allow us to recognize your computer, if you return to our website and as a result:
(a) To save information about your preferred activities on the website and thereby align our website with your individual interests. This includes for instance advertisement, which complies with your personal interests;
(b) To accelerate the speed of the execution of your inquiry.
3.3 In the cookies that we use, only the above exemplified data about your utilization of the website are saved up to one year. This does not happen through an allocation to you personally, but through assignment of an identification number to the cookie (“Cookie-ID”). A merger of the cookie-ID and your name, your IP-address, or similar data, which would enable an allocation of the cookie and you, does not take place. How you can prevent the application of browser-cookies, you find out in clause 8.
3.4) Our website uses so-called tracking-technologies. We utilize those technologies in order to design the internet offering more interesting to you. This technique allows to address internet users, who already showed interest in our website, with advertisement on websites of our partners. The fade-in of this advertising material on the pages of our partner happens based on a cookie-technology and an analysis of the previous usage behavior. This analysis occurs under a pseudonym and there are no user profiles merged with your personal data. In case you disagree with the creation of user profiles, you can disagree by sending us a message. After that, a special opt-out-cookie is filed on your computer, which has to be saved permanently. If you delete this cookie or it gets deleted automatically by browser settings, you have to install this cookie again at a repeated visit on our page.
3.5) We collaborate with Google Analytics, who support us in designing our internet offering and the website more interesting for you. Therefore, also cookies from those partner companies are saved on your hard drive at a visit on the webpage. Here it involves cookies that get deleted automatically after a prescribed time. Also through the cookies of our partner companies, data are collected only using a cookie-ID, which enables our advertising partners to address you with advertisement that you could actually be interested in. How you can prevent the application of such cookies, you find out in clause 8.
4.) DATA SECURITY
4.1) All information that you transmit to us, are saved on servers within the European Union. Unfortunately, the transmission of information via the internet is not completely safe, wherefore we cannot guarantee the security of the data that is transmitted to our website via the internet. However, we secure our website and other systems through technical and organizational measures against loss, damage, access, alteration, or distribution of your data through unauthorized persons. In particular, your private data is transmitted encrypted with us. In doing so, we help ourselves with the coding system SSL (Secure Socket Layer) [or TLS (Transport Layer Security)].
4.2) Insofar as Debitos engages external service providers, Debitos ensures that they are obligated to the compliance with data protection regulations. Besides that, the employees of Debitos are obligated to maintain confidentially.
5.) NO TRANSFER OF YOUR PERSONAL DATA
We do not transmit your personal data to third parties, unless you agreed to the data transfer or we are entitled or obligated to a data transfer due to legal regulations and/or regulatory or legal orders. This can particularly involve the exchange of information for the purpose of prosecution, averting a danger, or enforcement of intellectual property rights.
6.) DATA PROTECTION AND WEBSITES OF THIRD PARTIES
The website can contain hyperlinks to and from websites of third parties. If you follow a hyperlink to one of these websites, please note that we do not assume responsibility or guarantee for external content or data protection regulations. Please make sure of the respectively current data protection regulations, before you transmit personal data to these websites.
7.) MODIFICATIONS OF THESE DATA PROTECTION REGULATIONS
We reserve the right to modify these data protection regulations at any time with future effect. A recent version is always available on the website. Please visit the website regularly and inform yourself about the current data protection regulations.
8.) YOUR RIGHTS AND CONTACT
8.1) If you do not wish an application of browser-cookies, you can adjust your browser so that a storage of cookies is not accepted. Please note that in this case, you can use our website only limited or not at all. If you want to accept our cookies only, and not the cookies of our service providers and partners, you can choose the setting “block cookies from third-party providers” in your browser.
8.2) It is drawn to your attention that the collection, processing, and use of your data takes place on a voluntary basis. You can, at any time and free of charge, access your personal data, request disclosure and if necessary request its correction and/or inhibition. For this purpose and/or to receive more information about this, contact us via the support-email-address: firstname.lastname@example.org. If you have questions, comments, or requests regarding the collection, processing, and use of your personal data through us, please contact us at the indicated contact details as well.
8.3) Furthermore, you can refuse your agreement to the collection, processing, and use of your data or revoke it at any time with future effect with the consequence that you are excluded from the usage of the Secondary Debt Market. Declarations of revocation are to be directed to:
Debitos GmbH, Platz der Einheit 2, 60327 Frankfurt am Main; the support-email-address: email@example.com.
8.4) In case of revocation, the data will be deleted at Debitos with the entry of the declaration of revocation.
Your rights as a data subject (user of our website)
According to the EU General Data Protection regulation (the GDPR) you have the right to know which data we have stored about you and for what purpose (information). You may have incorrect data corrected (rectification). You also have the right to request the deletion of data if, for example, the data is not required to achieve the purposes for which it was stored or if we are not permitted to store the data for other reasons (deletion). However, if a law allows us to store data or even prescribes it, we are typically unable to comply with the request for deletion. You have the right to have data blocked if, for example, the correctness of data has not been determined and still needs to be checked (restriction of processing). You can object to the processing (objection). This objection must contain an explanation of the particular situation on the basis of which further processing is unacceptable to you. The objection will be carefully examined and the data will be blocked for the duration of the examination. You have the right to request data which you have made available to us and which is processed automatically in a common, machine-readable format from us (data portability).
If you wish to exercise one or more of these rights, please use the following e-mail address:
Requests and complaints
If, as the data subject, you do not agree with the way in which Debitos or persons at Debitos process your personal data and wish to inform the data protection officer directly, please contact him directly:
2B Advice GmbH
– Germany –
Telephone +49 228 92 61 65 120
The data protection officer is obliged to keep your identity confidential. Should it come to the conclusion that your identity could be inferred in the course of clarifying a complaint, the data protection officer will point this out to you in advance and, if necessary, ask you to release him from his obligation to secrecy.
Data Protection Supervisory Authority
You may address questions and complaints also to the Data Protection Supervisory Authority in charge:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Prof. Dr. Michael Ronellenfitsch
– Germany –
Telefon: + 49 611-1408 0
Telefax: +49 611-1408 611
9.) LEGAL BASES
The processing of your personal data has the following legal bases: consent (Article 6(1)(a) of the GDPR in conjunction with Article 7 of the GDPR), necessity to fulfil a contract with you (Article 6(1)(b) of the GDPR), processing to fulfil legal obligations (Article 6(1)(c) of the GDPR), legitimate interest in the data processing (Article 6(1)(f) of the GDPR).
We have a legitimate interest in detecting and preventing abuse of our service, and we also have a legitimate interest in improving our service and tailoring it to your needs.
10.) HOW LONG DO WE STORE YOUR DATA?
We store your name and e-mail address for the purpose of sending you the newsletter until you revoke your consent to receive the newsletter. After receipt of the revocation your data will be deleted immediately.
We use the “Mailchimp” program from Rocket Science Group to send our newsletters. Your data will be transmitted to this service provider in the USA. Rocket Science Group has a current and valid Privacy Shield certification, which guarantees an adequate level of data protection that complies with EU standards.