privacy policy
GDPR | General Data Protection Regulation
preamble
With the following privacy policy, we would like to inform you about what types of personal data (hereinafter also abbreviated as "data") we process for what purposes and in what scope. The privacy statement applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, mobile applications and external online presences, such as our social media profiles (hereinafter collectively referred to as "online services").

The terms used are not gender specific.

Last updated: March 3, 2022
Controlador
Mr. Alexandre Cardoso
Bezel Blockchain Development.
Legal Notice: https://www.idol-nft.com
Overview of processing operations
The following table summarizes the types of data processed, the purposes for which they are processed and the data subjects in question.

Categories of processed data:

• Inventory data.
• Payment Data.
• Contact details.
• Content data.
• Contract data.
• Usage data.
• Meta/communication data.

Categories of Data Subjects

• Customers.
• Employees.
• Potential customers.
• Communication partner.
• Commercial.
• Commercial and contractual partners.

Purposes of Processing

• Provision of contractual services and customer support.
• Contact and communication requests.
• Security measures.
• Direct marketing.
• Network Analysis.
• Office and organizational procedures.
• Managing and responding to queries.
• Comments.
• Marketing.
• Profiles with user-related information.
• Provision of our online services and usability.
Legal Basis for Processing
Below, you will find an overview of the legal basis of the GDPR on which we base the processing of personal data. Please note that, in addition to the provisions of the GDPR, the national data protection provisions of your or our country of residence or domicile may apply. If, in addition, more specific legal bases are applicable in individual cases, we will inform you of this in the data protection statement.

• Consent - The data subject has given his consent to the processing of his personal data for one or more specific purposes.
• Execution of contract and prior requests - Execution of a contract to which the data subject is a party or for due diligence at the request of the data subject before the conclusion of the contract.
• Compliance with a legal obligation - Treatment is necessary for the fulfillment of a legal obligation to which the person responsible is subject.
• Legitimate Interests - Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except when such interests override the fundamental interests or rights and freedoms of the data subject that require protection of personal data.
Safety precautions

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs and the nature, scope, context and purposes of the processing, as well as the risk of variable probability and severity for the rights and freedoms of individuals, in order to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data, controlling physical and electronic access to data, as well as access, entry, transmission, security and separation of data. In addition, we have established procedures to ensure that the rights of data subjects are respected, that the data is erased and that we are prepared to respond quickly to data threats. In addition, we take into account the protection of personal data from the development or selection of hardware, software and service providers, in accordance with the principle of privacy by design and privacy by default.

SSL encryption (https): To protect your data transmitted through our online services in the best possible way, we use SSL encryption. You can recognize these connections encrypted by the prefix https:// in your browser's address bar.

Transmission of Personal Data

In the context of our processing of personal data, it may happen that the data is transferred to other places, companies or people or disclosed to them. Recipients of this data may include, for example, service providers in charge of IT tasks or service and content providers embedded in a website. In this case, the legal requirements will be respected and, in particular, the corresponding contracts or agreements, which serve to protect your data, will be concluded with the recipients of your data.

Data transmission within the group of companies: We may transfer personal data to other companies in our group of companies or grant them access to this data. To the extent that this disclosure is for administrative purposes, the disclosure of the data is based on our legitimate commercial and economic interests or otherwise, if it is necessary to comply with our contractual obligations or if there is the consent of the data subjects or legal permission.

Data processing in third countries
If we process data in a third country (i.e. outside the European Union (EU), European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or disclosure or transfer of data to other people, bodies or companies, this will only occur in accordance with legal requirements.

Subject to express consent or transfer required by contract or law, we process or process the data only in third countries with a recognized level of data protection, based on special warranties, such as a contractual obligation through the so-called standard protection clauses of the EU Commission or if binding certifications or internal data protection regulations justify the processing (Article 44 to 49 GDPR, EU Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en).
Deletion of data
The data processed by us will be deleted in accordance with legal provisions as soon as its processing is revoked or other permissions no longer apply (for example, if the purpose of processing this data no longer applies or is not necessary for this purpose).

If the data is not deleted because it is necessary for other legally permitted purposes, its processing is limited to those purposes. This means that the data will be restricted and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or for which storage is necessary to enforce, exercise or defend legal claims or protect the rights of another natural or legal person.

In the context of our data processing information, we may provide users with more information about the deletion and retention of data specific to the respective processing operation.
Use of cookies
Cookies are small text files or other data records that store information on end devices and read information from end devices. For example, to store the access status in a user account, the contents of a shopping cart in an online store, the content accessed, or the functions used. Cookies can also be used for various purposes, for example. for the purposes of functionality, security, and convenience of online offers, as well as the creation of analysis of visitor flows.

Consent information:

We use cookies in accordance with legal provisions. Therefore, we obtain the prior consent of users, except when it is not required by law. In particular, consent is not necessary if the storage and reading of information, including cookies, is strictly necessary to provide an information society service explicitly requested by the subscriber or user. The revocable consent will be clearly communicated to the user and will contain information about the respective use of cookies.

Information about the legal bases under data protection law:

The legal basis under data protection law in which we process users' personal data with the use of cookies depends on whether we request the consent of users. If the user consents, the legal basis for the processing of his data is declared consent. Otherwise, the data processed with the help of cookies is processed based on our legitimate interests (for example, in a commercial operation of our online services and improvement of their usability) or, if this is done in the context of compliance with our obligations contracts, if the use of cookies is necessary to fulfill our contractual obligations. For what purposes cookies are processed by us, we clarify in the course of this privacy policy or in the context of our consent and processing procedures.

Retention period:

Regarding the retention period, a distinction is made between the following types of cookies:

•Temporary cookies (also known as "session cookies"):

Temporary cookies are deleted no later than after a user leaves an online service and closes his end device (i.e., browser or mobile application).

•Permanent cookies:

Permanent cookies remain stored even after the closing of the terminal device. For example, the access status can be saved, or the preferred content can be displayed directly when the user visits a website again. Likewise, user data collected with the help of cookies can be used for range measurement. Unless we provide users with explicit information about the type and duration of storage of cookies (for example, as part of obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.

General information on revocation and objection (opt-out):

Users can revoke the consent they have given at any time and also object to the processing in accordance with legal requirements (more information about the objection is provided as part of this privacy policy). Users can also declare their objection through their browser settings, for example by disabling the use of cookies (which may also limit the functionality of our online services.

More information about processing methods, procedures and services used

Processing of cookie data based on consent:

We use a cookie management solution in which the consent of users to the use of cookies, or the procedures and providers mentioned in the cookie management solution, can be obtained, managed, and revoked by users. The declaration of consent is stored so that it does not have to be recovered again and consent can be proven in accordance with the legal obligation. Storage can occur on the server side and/or in a cookie (so-called deletion cookie or with the help of comparable technologies) in order to assign consent to a user and/or his device. Subject to individual details of cookie management service providers, the following information applies: The duration of the storage of consent can be up to two years. In this case, a pseudonymous user identifier is formed and stored with the date/time of consent, information about the scope of consent (for example, which categories of cookies and/or service providers), as well as the browser, system and end device used.
Services provided to companies

We process data from our contractual and business partners, for example, customers and stakeholders (collectively referred to as "contractual partners") in the context of contractual and comparable legal relationships, as well as associated actions and communication with contractual or pre-contractual partners, for example, to answer questions.

We process this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any update obligations and features in case of warranty and other service interruptions. In addition, we process the data to protect our rights and for the purposes of administrative tasks associated with these obligations and organization of the company. In addition, we process the data based on our legitimate interests in proper and economical business management, as well as security measures to protect our contractual partners and our business operations against misuse, danger of your data, secrets, information and rights (for example, for the involvement of telecommunications, transport and other ancillary services, as well as subcontractors, banks, tax and legal advisor Under applicable law, we only disclose the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to comply with legal obligations. Contractual partners will be informed about other forms of processing, for example, for marketing purposes, within the scope of this privacy policy.

What data is needed for the purposes mentioned, we inform the contracting partners before or in the context of data collection, for example. in online forms by special marking (for example, colors) and/or symbols (for example, asterisks or the like) or in person.

We delete the data after the expiration of the legal guarantee and comparable obligations, that is, in principle after the expiration of 4 years, unless the data is stored in a customer account or must be kept for legal reasons of archiving (for example, as a 10-year rule for tax purposes). In the case of data disclosed to us by the contractual partner in the context of an assignment, we delete the data in accordance with the specifications of the assignment, usually after the end of the assignment.

If we use third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms will apply in the relationship between users and providers.

Online store and e-commerce

We process our customers' data to allow them to select, purchase or order the selected related products, goods and services, as well as their payment and delivery, or the execution of other services. If it is necessary for the execution of an order, we use service providers, namely carriers to deliver or execute it to our customers. For the processing of payment transactions, we use the services of banks and payment service providers. The required data is identified as such in the course of the comparable ordering or purchase process and includes the data necessary for delivery, or other form of product availability and billing, as well as contact information to be able to carry out any query.

• Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact data (e.g. email, phone numbers); Contract data (e.g., object of the contract, duration, customer category); Usage data (e.g. websites visited, interest in content, access times);

• Data subjects: Customers; Potential customers; Commercial and contractual partners.

• Purposes of Processing: Provision of contractual services and customer support; Security measures; Contact and communication requests; Office and organizational procedures; managing and responding to queries.

• Legal Basis: Execution of contract and prior requests; Legitimate Interests; Compliance with legal obligation.

Use of online platforms for listing and sales purposes

We offer our services on online platforms operated by other service providers. In addition to our privacy policy, the privacy policies of the respective platforms apply. This is particularly true with regard to the payment process and the methods used on platforms for performance measurement and behavior-related marketing.

• Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact data (e.g. email, phone numbers); Contract data (e.g., object of the contract, duration, customer category); Usage data (e.g. websites visited, interest in content, access times);

• Data subjects: Customers.

• Purposes of Processing: Provision of contractual services and customer support.

• Legal Basis: Execution of contract and prior requests;

• Legitimate Interests.

Provision of online services and web hosting

We offer our services on online platforms operated by other service providers. In addition to our privacy policy, the privacy policies of the respective platforms apply. This is particularly true with regard to the payment process and the methods used on platforms for performance measurement and behavior-related marketing.

•Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact data (e.g. email, phone numbers); Contract data (e.g., object of the contract, duration, customer category); Usage data (e.g. websites visited, interest in content, access times);

•Data subjects: Customers.

•Purposes of Processing: Provision of contractual services and customer support.

•Legal Basis: Execution of contract and prior requests;

•Legitimate Interests.

More information about processing methods, procedures and services used:
• Collection of Access Data and Log Files: We, ourselves or our hosting provider, collect data based on each access to the server (so-called server log files). Server log files may include the address and name of the pages and files accessed, the date and time of access, volumes of data transferred, notification of successful access, browser type and version, user operating system, referral URL (the page visited previously) and, as a general rule, the IP addresses and the requesting provider. Server log files can be used for security purposes, for example. to avoid overload the servers (especially in the case of abusive attacks, so-called DDoS attacks) and ensure the stability and optimal load balancing of the servers;

• Retention period: the log file information is stored for a maximum period of 30 days and then deleted or made anonymous. Data, the subsequent storage of which is necessary for the purpose of proof, is excluded from deletion until the respective incident is definitively clarified.
Special notes on applications (applications)

We process the user data of our application to the extent necessary to provide users with the application and its functionalities, monitor its security and develop it further. In addition, we may contact users in accordance with legal provisions if communication is necessary for the purpose of administering or using the application. In addition, we refer to data protection information in this privacy policy regarding the processing of user data.

Legal basis: The processing of the data necessary for the availability of the features of the application serves to comply with contractual obligations. This also applies if the provision of the functions requires authorization from the user (for example, release of functions from the device). If data processing is not necessary for the provision of the functionality of the application but serves the security of the application or our business interests (for example, data collection for the purpose of optimizing the application or security purposes), it is carried out based on our legitimate interests. If users are expressly asked to give their consent to the processing of their data, the data covered by consent is processed on the basis of consent.

• Types of data processed: inventory data (for example, names, addresses); Meta/communication data (for example, device information, IP addresses).

• Purposes of Processing: Provision of contractual services and customer support.

• Legal Basis: Consent (Article 6 (1) (a) GDPR); Performance of a contract and prior requests (Article 6 (1) (b) GDPR); Legitimate Interests (Article 6 (1) (f) GDPR).

More information about processing methods, procedures and services used:

• Device authorizations for access to functions and data: The use of certain functions of our application may require access to the camera and stored recordings of users. By default, these authorizations must be granted by the user and can be revoked at any time in the settings of the respective devices. The exact procedure for controlling application permissions may depend on the user's device and software. Users can contact us if they need further explanation. We emphasize that the refusal or revocation of the respective authorizations may affect the functionality of our application.

Registration, Access and User Account

Users can create a user account. In the context of registration, the required mandatory information is communicated to users and processed for the purpose of making the user account available based on compliance with contractual obligations. The data processed includes, in particular, the access information (name, password and email address).

In the context of the use of our registration and access functions, as well as the use of the user account, we store the IP address and time of your action. Storage is based on our legitimate interests, as well as on the protection of the user against misuse and other unauthorized uses. This data will not be passed on to third parties unless it is necessary to proceed with our claims or there is a legal obligation to do so.

Users can be informed by email of information relevant to their user account, such as technical changes.

• Types of data processed: inventory data (for example, names, addresses); Contact data (for example, email, phone numbers); Content data (for example, text entry, photographs, videos); Meta/communication data (for example, device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services).

• Purposes of Processing: Provision of contractual services and customer support; Security measures; managing and responding to queries.

• Legal Basis: Execution of contract and prior requests; Legitimate Interests.

More information about processing methods, procedures and services used:

• Deletion of data after termination: If users have terminated their user account, their data relating to the user account will be deleted, subject to any legal permission, obligation or consent of users.

• No obligation to retain data: It is the responsibility of users to protect their data before the termination of the contract in case of termination. We have the right to irretrievably delete all user data stored during the term of the contract.

Blogs and publishing media

We use blogs or comparable means of communication and online publishing (hereinafter "media of publication"). Readers' data will only be processed for the purposes of the means of publication to the extent necessary for their presentation and communication between authors and readers or for security reasons. In addition, we refer to information about the treatment of visitors to our publication medium within the scope of this privacy policy.

• Types of data processed: inventory data (e.g., names, addresses); Contact data (e.g. email, phone numbers); Content data (e.g., text input, photographs, videos); Usage data (e.g. websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services).

• Purposes of Processing: Provision of contractual services and customer support; Feedback (for example, collecting feedback via online form); Contact and communication requests; managing and responding to queries.

• Legal Basis: Execution of contract and prior requests; Legitimate Interests; Consent.

More information about processing methods, procedures and services used:

• Comment subscriptions: Follow-up comments can be subscribed by users with their consent. Users will receive a confirmation email to verify that they are the owners of the email address entered. Users can unsubscribe from current comments at any time. The confirmation email will contain information about the cancellation options. For the purpose of proving users' consent, we store the time of registration along with the IP address of users and delete this information when users unsubscribe. You can unsubscribe from receiving our subscription at any time, that is, revoke your consent. We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to provide evidence of prior consent. The processing of this data is limited to the purpose of a possible defense against complaints. A request for individual exclusion is possible at any time, provided that the previous existence of consent is confirmed at the same time.

Contact and query management

We use blogs or comparable means of communication and online publishing (hereinafter "media of publication"). Readers' data will only be processed for the purposes of the means of publication to the extent necessary for their presentation and communication between authors and readers or for security reasons. In addition, we refer to information about the treatment of visitors to our publication medium within the scope of this privacy policy.

• Types of data processed: inventory data (e.g., names, addresses); Contact data (e.g. email, phone numbers); Content data (e.g., text input, photographs, videos); Usage data (e.g. websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services).

• Purposes of Processing: Provision of contractual services and customer support; Feedback (for example, collecting feedback via online form); Contact and communication requests; managing and responding to queries.

• Legal Basis: Execution of contract and prior requests; Legitimate Interests; Consent.

More information about processing methods, procedures and services used:

• Comment subscriptions: Follow-up comments can be subscribed by users with their consent. Users will receive a confirmation email to verify that they are the owners of the email address entered. Users can unsubscribe from current comments at any time. The confirmation email will contain information about the cancellation options. For the purpose of proving users' consent, we store the time of registration along with the IP address of users and delete this information when users unsubscribe. You can unsubscribe from receiving our subscription at any time, that is, revoke your consent. We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to provide evidence of prior consent. The processing of this data is limited to the purpose of a possible defense against complaints. A request for individual exclusion is possible at any time, provided that the previous existence of consent is confirmed at the same time.

Cloud services

We use Internet accessible software services (so-called "cloud services", also called "Software as a Service") provided on the servers of their providers for the following purposes: storage and administration of documents, calendar management, email delivery, spreadsheets and presentations, exchange of documents, content and information with specific recipients or publication of websites, forms or other content and information, as well as chats and participation in audio conferences and video conferences.

Within this structure, personal data may be processed and stored on the provider's servers, provided that this data is part of the communication processes with us or is processed by us in accordance with this privacy policy. This data may include, in particular, master data and contact data of data subjects, data on processes, contracts, other procedures and their contents. Cloud service providers also process usage data and metadata they use for security and service optimization purposes.

If we use cloud services to provide documents and content to other publicly accessible users or websites, forms, etc., providers may store cookies on users' devices for web analysis or to remember user settings (for example, in the case of media control).

Legally based information - If we request permission to use cloud services, the legal basis for data processing is consent. In addition, its use may be a component of our (pre)contractual services, provided that the use of cloud services has been agreed in this context. Otherwise, user data will be processed based on our legitimate interests (i.e., interest in efficient and secure administrative and collaboration processes).

• Types of data processed: inventory data (e.g., names, addresses); Contact data (e.g. email, phone numbers); Content data (e.g., text input, photographs, videos); Usage data (e.g. websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses).

• Data subjects: Customers; Employees (for example, employees, job seekers); Possible customers; Communication partner (Recipients of emails, letters, etc.).

• Purposes of Processing: Office and organizational procedures.

• Legal Basis: Consent; Execution of a contract and prior; Legitimate Interests.

Newsletter and Electronic Communications

We send newsletters, emails, and other electronic communications (hereinafter referred to as "newsletters") only with the consent of the recipient or legal permission. To the extent that the contents of the newsletter are specifically described in the scope of registration, they are crucial to the user's consent. Otherwise, our newsletters contain information about our services and about us.

To subscribe to our newsletters, it is usually enough to enter your email address. We may, however, ask you to provide a name to contact you in person in the newsletter or provide more information if this is necessary for the purposes of the newsletter.

• Double opt-in procedure: Registration in our newsletter usually occurs in the so-called Double-Opt-In procedure. This means that you will receive an email after registration asking you to confirm your registration. This confirmation is necessary so that no one can register with external email addresses.

Newsletter records are registered in order to be able to prove the registration process in accordance with legal requirements. This includes storing access and confirmation times, as well as the IP address. Similarly, changes to your data stored with the dispatch service provider are recorded.

• Deletion and restriction of processing: we may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to provide evidence of prior consent. The processing of this data is limited to the purpose of a possible defense against complaints. A request for individual exclusion is possible at any time, provided that the previous existence of consent is confirmed at the same time. In the event of an obligation to permanently observe an objection, we reserve the right to store the email address exclusively for this purpose on a block list.

• Information on legal bases: The sending of the newsletter is based on the consent of the recipients or, if consent is not necessary, based on our legitimate interests in direct marketing. To the extent that we hire a service provider to send emails, this is done based on our legitimate interests in efficient and safe sending. The registration procedure is registered based on our legitimate interests for the purpose of demonstrating that it was carried out in accordance with the law.

• Types of data processed: inventory data (e.g. names, addresses); Contact data (e.g. email, phone numbers); Meta/communication data (e.g. device information, IP addresses); Usage data (e.g. websites visited, interest in content, access times).

• Data subjects: Communication partner (Recipients of e-mails, letters, etc.). • Purposes of Processing: Direct marketing (for example, by e-mail or postal).

• Legal Basis: Consent; Legitimate Interests

• Opt-Out: You can opt out of receiving our newsletter at any time, that is, revoke your consent or object to additional receipt. You will find a link to cancel the newsletter at the end of each newsletter or you can use one of the contact options listed above, preferably by email.

Web Analysis, Monitoring and Optimization

Web analysis is used to evaluate visitor traffic to our site and may include users' behavior, interests or demographic information, such as age or gender, as pseudonym values. With the help of web analysis, we can, for example, recognize at what time our online services or their functions or content are used more often or requested repeatedly, as well as which areas require optimization.

In addition to web analysis, we may also use test procedures, for example, to test and optimize different versions of our online services or their components.

Unless otherwise stated below, profiles, i.e. aggregate data for a usage process, may be created for these purposes and the information may be stored in a browser or terminal device and read from it. The information collected includes, in particular, websites visited, and elements used there, as well as technical information such as the browser used, the computer system used and information about the times of use. If users have agreed to the collection of their location data from us or from the providers of the services we use, the location data may also be processed.

Unless otherwise stated below, profiles, i.e., summary data for a use process or user, may be created for these purposes and stored on a browser or terminal device (so-called "cookies") or similar processes may be used for the same purpose. The information collected includes, in particular, websites visited, and elements used there, as well as technical information such as the browser used, the computer system used and information about the times of use. If users have consented to the collection of their location data or profiles for us or for the providers of the services we use, they may also be processed, depending on the provider.

Users' IP addresses are also stored. However, we use any existing IP masking procedure (i.e., pseudonymization when shortening the IP address) to protect the user. In general, within the structure of web analysis, A/B testing and optimization, no user data (such as email addresses or names) is stored, but pseudonyms. This means that we, as well as the suppliers of the software used, do not know the real identity of the users, but only the information stored in their profiles for the purposes of the respective processes.

Legal basis information: If we request the consent of users for the use of third-party suppliers, the legal basis for the processing is consent. In addition, processing may be a component of our (pre)contractual services, provided that the use of the third party has been agreed in this context. Otherwise, user data will be processed based on our legitimate interests (i.e., interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to information about the use of cookies in this privacy policy.

• Types of data processed: usage data (for example, websites visited, interest in content, access times); Meta/communication data (for example, device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services).

• Purposes of Processing: Web Analytics (for example, access statistics, recognition of recurring visitors); Profiles with user-related information (Creating user profiles).

• Security measures: IP Masking.

• Legal Basis: Consent

Social Media Profiles (Social Media)

We maintain online presence on social networks and process user data in this context to communicate with users active on social networks or to provide information about us.

We would like to point out that user data can be processed outside the European Union. This can pose risks for users, for example, making it more difficult to enforce users' rights.

In addition, user data is usually processed on social networks for market research and advertising purposes. For example, user profiles can be created based on user behavior and associated interests of users. User profiles can then be used, for example, to place ads on and off networks that supposedly correspond to the interests of users. For these purposes, cookies are usually stored on the user's computer, in which the user's usage behavior and interests are stored. In addition, data can be stored in user profiles regardless of the devices used by users (especially if users are members of their networks or will become members later).

For a detailed description of their processing operations and opt-out options, refer to the respective data protection statements and information provided by the providers of their networks.

Also in the case of requests for information and the exercise of rights of data subjects, we emphasize that they can be pursued more effectively with suppliers. Only providers have access to user data and can directly take appropriate measures and provide information. If you still need help, don't hesitate to contact us.

• Types of data processed: Contact data (e.g., email, phone numbers); Content data (e.g., text entry, photographs, videos); Usage data (e.g. websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services). • Purposes of Processing: Contact and communication requests; Feedback (for example, collecting feedback via online form); Marketing.

• Legal Basis: Legitimate Interests.

More information about processing methods, procedures and services used:

• LinkedIn: social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Standard contractual clauses (safeguarding the level of data protection when processing data in third countries): https://legal

• TikTok: social network/video platform; Service provider: musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA; Website: https://www.tiktok.com; Privacy policy: https://www.tiktok.com/de/privacy-policy.

• Twitter: social network; Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, parent company: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https://twitter.com/privacy, (Settings: https://twitter.com

• YouTube: social network and video platform; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy policy: https://policies.google.com/privacy; Opt-Out: https://adssettings.google.com/authenticated.

Plugins and built-in functions and content

In our online services, we integrate functional and content elements obtained from the servers of their respective providers (hereinafter referred to as "third-party suppliers"). These can, for example, be graphs, videos or maps of cities (hereinafter, uniformly referred to as "Content").

Integration always presupposes that third-party provider of this content process the user's IP address, since they could not send the content to their browser without the IP address. The IP address is therefore necessary for the presentation of these contents or functions. We strive to use only the content, whose respective providers use the IP address only for the distribution of the content. Third parties may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to evaluate information such as visitor traffic on the pages of this site. Pseudonymous information may also be stored in cookies on your device and may include technical information about the browser and operating system, referral sites, visiting hours and other information about the use of our website, as well as may be linked to this information from other sources.

Legal basis information: If we request the consent of users (for example, in the context of so-called "cookie banner consent"), the legal basis for processing is this consent. Otherwise, user data will be processed based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services. We refer you to the note on the use of cookies in this privacy policy.

• Types of data processed: usage data (for example, websites visited, interest in content, access times); Meta/communication data (for example, device information, IP addresses).

• Data subjects: Users (for example, website visitors, users of online services).

• Purposes of Processing: Provision of our online services and usability; Provision of contractual services and customer support.

• Legal Basis: Legitimate Interests.

Changes and Updates to the Privacy Policy
We ask you to find out regularly about the content of our data protection statement. We will adjust the privacy policy as changes to our data processing practices make this necessary. We will inform you as soon as the changes require your cooperation (for example, consent) or other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, we ask you to note that addresses may change over time and to verify the information before contacting us.
Rights of Data Subjects

As a data subject, you are entitled to several rights under the GDPR:

• Right to object: you have the right, for reasons arising from your particular situation to object at any time to the processing of your personal data, including profiling based on these provisions. When personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you for marketing purposes, which includes profiling to the extent that it is related to such direct marketing.

• Right to revoke consents: You have the right to revoke consents at any time.

• Right of access: You have the right to request confirmation that the data in question will be processed and to be informed of this data and to receive more information and a copy of the data in accordance with the provisions of the law.

• Right to rectification: You have the right, in accordance with the law, to request the completion of the data concerning you or the rectification of the incorrect data concerning you.

• Right to deletion and right to restriction of processing: In accordance with legal provisions, you have the right to require that the relevant data be deleted immediately or, alternatively, to require that the processing of the data be restricted in accordance with the law provisions.

• Right to data portability: You have the right to receive the data relating to you that you have provided to us in a structured, common and machine-readable format in accordance with legal requirements, or to request its transmission to another controller.

• Complaint to the supervisory authority: In accordance with the law and without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority, in particular a supervisory authority in the Member State where you habitually reside, the supervisory authority of your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

Terminology and Definitions

This section provides an overview of the terms used in this privacy policy. Many of the terms are extracted from the law and defined mainly in Article 4 GDPR. The legal definitions are binding. The following explanations, on the other hand, are intended above all for the purpose of understanding. The terms are sorted in alphabetical order.

• Controller: "Controller" means the natural or legal person, public authority, agency or other body that, alone or in conjunction with others, determines the purposes and means of processing personal data.

• Personal Data: "personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social nature of that natural person.

• Processing: The term "processing" covers a wide range and practically all data processing, whether collection, evaluation, storage, transmission or deletion.

• Profiles with user-related information: The processing of "profiles with user-related information", or "profiles" abbreviatedly, includes any type of automated processing of personal data that consists of using this personal data to analyze, evaluate or predict certain personal aspects related to an individual (depending on the type of profile, this may include different information about demographic Cookies and web beacons are often used for profiling purposes.