Last updated January 19, 2021
INFORMATION ON DATA PROTECTION RELATED TO OUR PROCESSING UNDER ARTICLES 13, 14 AND 21 GENERAL DATA PROTECTION REGULATION (GDPR)
1. Data Controller & contact details
InfluencerDB Tech GmbH & Co. KG
Subbelrather Str. 15a
50823 Cologne / Germany
Email: privacy (at) influencerdb (dot) com
2. Purposes and legal basis upon which we process your data
We process personal data in accordance with the stipulations of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), and other applicable data protection provisions. The details on which data is processed and how they are used largely depend on the services requested or agreed in each case.
2.1 Purposes necessary for performance of a contract or precontractual measures (Art. 6(1)(b) GDPR)
The processing of personal data is performed at your request for the performance of our contracts with you and for the performance of your orders, as well as for the performance of measures and activities within the scope of pre-contractual relationships, e.g., with interested parties. The collection of these data is performed mainly:
- in order to be able to identify you as a customer,
- in order to be able to provide you with particular licensed services,
- for correspondence with you,
- for accounting purposes,
- for processing of any liability claims that exist, as well as the assertion of any claims against you,
- for measures of the control and optimization of business processes,
- for the traceability of transactions, orders, and other agreements,
- to guarantee IT security (including system or plausibility tests),
- for emergency management,
- to fulfill the general duties of care,
- for cost recording and controlling, as well as for reporting.
2.2 Purposes within the framework of your consent (Art. 6(1)(a) GDPR)
Your personal data may also be processed for certain purposes (e.g. use of your email address for marketing purposes) as a result of your consent. As a rule, you may revoke this consent at any time. This also applies to the revoking of declarations of consent that were issued to us before the GDPR went into effect, i.e., prior to May 25, 2018. You will be informed separately about the consequences of revocation or refusal to provide consent in the respective text of the consent.
Generally, revocation of consent only applies to the future. Processing carried out prior to consent being issued is not affected and remains lawful.
2.3 Purposes necessary for compliance with a legal obligation (Art. 6(1)(c) GDPR) or for the performance of a task carried out in the public interest (Art. 6(1)(e) GDPR)
Like all players in business life, we are also subject to a large number of legal obligations. These are primarily statutory requirements (e.g., commercial and tax laws), but also if applicable supervisory law or other requirements set out by government authorities. Therefore, it may be necessary to disclose personal data within the framework of official government/court measures for the purposes of collecting evidence, law enforcement and criminal prosecution or the satisfaction of civil law claims. However, this will only be done within the strict scope of potential legal necessities.
3. The categories of data that we process if we do not receive data directly from you, and their origin
If necessary for the contractual relationship with you and the activities performed by you, we may process data which we lawfully receive from other offices or other third parties. In addition, we process personal data that we have lawfully collected, received or acquired from publicly accessible sources (such as commercial registers, the press, social media platforms, and other media) if such is necessary and we are allowed to process these data in accordance with statutory provisions.
a) Relevant personal data categories in the scope of our business relationship to you in accordance with Paragraph 2.1 of this document may be, in particular:
- Personal data (name, employer and comparable data),
- Contact data (address, e-mail address, phone number and similar data)
- Payment confirmation
- Customer history
- Data on your use of the tele-media offered by us (e.g., time of access to our websites, apps or newsletters, clicked pages/links of us or entries and comparable data)
- Metadata/communication data (e.g., device information, IP addresses),
b) Processing personal data that is provided to us by our customers, whereby we act solely as a data processor via a Data Processing Addendum (DPA). This data is also referred to as “Customer Data”.
Customer Data may be provided through manual entry or through technical connections such as application programming interfaces (APIs) to systems our Customers operate and connect to us.
4. Recipients or categories of recipients of your data
Any personal data will only be transferred to third parties if
- you have given us consent to transmit data to third parties, or
- this is necessary in accordance with Art. 6(1)(b) GDPR for the processing of customer relationships with you, or
- for purposes where we are obligated or entitled to give information, notification or to forward data, or
- to the extent that external service providers commissioned by us process data as order processors or parties that assume certain functions (e.g., external data centers, support and maintenance of IT applications, archiving, document processing, call center services, compliance services, data validation and data protection. plausibility check, data destruction, purchasing/procurement, customer administration, letter shops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, banks, printing shops, companies for data disposal, courier services, logistics, and press relations work).
We will moreover refrain from transmitting your data to third parties. If we commission service providers within the framework of processing an order, your data will be subject there to the security standards stipulated by us in order to adequately protect your data. We will also engage with such service provides to sign a DPA or equivalent contracts with us. In all cases, recipients may only use the data for purposes for which the data have been sent to them.
5. Duration of data storage
In principle, we process and store your data and Customer Data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.
The personal data that we record about our customers will be stored until the end of the legal storage period (6 years after the end of the calendar year in which you ceased being a customer) and erased, unless we are obligated to store the data for longer in accordance with Art. 6(1)(c) GDPR as a result of storage and documentation obligations under tax and commercial law (under the German Commercial Code, Penal Code, or Tax Code), or if you have given your consent to longer storage in accordance with Art. 6(1)(a) GDPR.
If the data is no longer required to meet contractual or statutory obligations and rights, data will be routinely erased unless its further processing – for a limited period – is necessary to fulfil the purposes listed under item no. 2.2 due to an overriding legitimate interest. Such an overriding legitimate interest is deemed to be the case, for example, if it is not possible to erase the data as a result of the particular type of storage, if such is only possible at a disproportionately great expense, and processing for other purposes is excluded by appropriate technical and organizational measures.
6. Processing of your data in a third country or through an international organization
Your data may be processed in a third country, including in connection with the involvement of service providers within the framework of the processing of the order. If no decision has been issued by the EU Commission regarding the presence of an appropriate level of data protection for the respective country, we warrant that your rights and freedoms will be reasonably protected and guaranteed in accordance with EU data protection requirements through contractual agreements to this effect. We will provide you with detailed information on request.
You can request information on the suitable or appropriate guarantees and on the possibility of receiving a copy of these from the company data protection officer or the human resources department responsible for you.
7. Your data protection rights / rights of data subjects
If certain conditions are met, you can assert the following data protection rights against us:
a) Under Art. 7(3) GDPR, you may revoke the consent that you have issued to us at any time. The result of this is that we may no longer perform the data processing covered by this consent in future.
b) Under Art. 15 GDPR, you have the right to obtain information on your personal data processed by us (where applicable, with limitations in accordance with Section 34 Federal Data Protection Act).
c) Upon request, we will rectify all data stored on you in accordance with Art. 16 GDPR if such data is inaccurate or incorrect.
d) Upon your request, we will erase your data in accordance with the principles of Art. 17 GDPR, unless we are prohibited from doing so by other statutory provisions (e.g., statutory retention obligations or the restrictions laid down in Section 35 Federal Data Protection Act) or an overriding interest on our part (for example, to defend our rights and claims).
e) Taking into account the preconditions laid down in Art. 18 GDPR, you may request us to restrict the processing of your data.
f) In accordance with the provisions of Art. 20 GDPR, you also have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to transmit such data to a third party.
g) Furthermore, you may file an objection to the processing of your data in accordance with Art. 21 GDPR, as a result of which we are obliged to stop processing your data. This right of objection only applies, however, if very special circumstances characterize your personal situation, whereby the rights of our company may stand in the way of your right of objection.
h) In addition, you have the right to complain to a data protection supervisory authority (Art. 77 GDPR). We recommend, however, that complaints should always initially be sent to us by email to gdpr(at)influencerdb(dot)com.
Your applications regarding the exercising of your rights should, if possible, be addressed in writing to the above-mentioned address or directly by email to gdpr(at)influencerdb(dot)com.
8. Scope of your obligation to provide us with your data
You only need to provide data that is necessary for the commencement and performance of the business relationship, for a pre-contractual relationship with us, or if we are obliged to collect the data by law. Without this data, we are generally not able to conclude the agreement or continue to perform it. This may also relate to data that is required later within the framework of the contractual relationship. If we request data from you above and beyond this, you will be informed about the voluntary nature of the information separately.
INFORMATION ON YOUR RIGHT OF OBJECTION UNDER ART: 21 GDPR
- You have the right to file an objection at any time against processing of your data carried out on the basis of Art. 6(1)(f) GDPR (data processing on the basis of a weighing-up of interests). The precondition for this is, however, that there are legitimate reasons for your objection emanating from your special personal situation. This also applies to any potential profiling based on this provision within the meaning of Art. 4(4) GDPR.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling reasons warranting protection for the processing that outweigh your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
- We also process your personal data in order to perform direct advertising. If you do not want to receive any advertising, you have the right to file an objection against this at any time. This also applies to the profiling to the extent that it is connected with such direct advertising. We will respect this objection with effect for the future.
We will no longer process your data for the purpose of direct advertising if you object to processing for this purpose.
The objection may be filed without adhering to any formal requirements and should be sent to gdpr(at)influencerdb(dot)com.
SUPPLEMENTARY DATA PROTECTION STATEMENT FOR OUR WEBSITE
WHAT PERSONAL INFORMATION DO WE COLLECT FROM THE PEOPLE THAT VISIT OUR BLOG, WEBSITE OR SOFTWARE PRODUCT?
When registering on our site or accessing gated content, as appropriate, you may be asked to enter your name, email address, or other details to help you with your experience.
WHEN DO WE COLLECT INFORMATION?
We collect information from you when you register on our site or enter information on our site.
HOW DO WE USE YOUR INFORMATION?
We may use the information we collect from you when you register, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize the user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To send periodic emails regarding your interest in our products, services, or content.
- To follow up with them after correspondence (live chat, email or phone inquiries)
HOW DO WE PROTECT VISITOR INFORMATION?
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
DOES OUR SITE ALLOW THIRD-PARTY BEHAVIORAL TRACKING?
It’s important to note that we allow third-party behavioral tracking. Usually, this tracking is implemented using so-called ‘cookies’.
DO WE USE ‘COOKIES’?
WHAT THIRD-PARTY COOKIES DO WE USE?
WHAT SHOULD YOU DO IF YOU DON’T WANT COOKIES TO BE SET?
Some people find the idea of a website storing information on their computer or mobile device to be intrusive, particularly when this information is stored and used by a third party without them knowing. Although cookies are generally quite harmless, you may not, for example, want to see advertising that has been targeted to your interests using your history of using our site. If you prefer, you may choose to block some or all cookies, or even to delete cookies that have already been set; but you should be aware that you might lose some functions of the website.
If you want to restrict or completely block the cookies that are set by our Site, or any other site, you can do so through your browser setting. The ‘Help’ function in your browser should explain how. Alternatively, you can visit an article at www.lifewire.com, which contains comprehensive information on how to do this on a wide variety of browsers. You will find general information about cookies and details on how to delete cookies from your device.
To opt-out of third-parties collecting any data regarding your interaction on our Site, please refer to their websites for further information.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information that you have provided to us unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
GOOGLE TAG MANAGER
This website uses Google Tag Manager. Google Tag Manager is a solution that allows marketed website tags to be managed using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager