This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.This is some text inside of a div block.

Data Protection Information

Effective date 29.01.2021

Playbook GmbH

Data protection information

Your privacy and the protection of your personal data is important to us. With this Data Protection Information, we inform you about the processing of personal data in connection with the use of the Priv website as well as about your existing data protection rights.

1. Who we are and how you can contact us

We as Playbook GmbH are responsible for handling your personal data when you visit the Priv website and interact with us over the website:

Playbook GmbH
Urbanstraße 71
10967 Berlin
e-mail: hello@priv-io.com

Represented by its Managing Director Louis Buys, business address ibid.

Commercial Register: Charlottenburg Amtsgericht HRB 226474 B

hereinafter: “Priv”, “we”, “us”, “our”.

Should you have any questions regarding the processing of your personal data by us and the associated rights as well as other data protection notices and suggestions, you can contact our data protection officer at any time in confidence by e-mail to dpo@priv-io.com or by mail to the above postal address, using the reference "Data Protection Officer".

2. Personal data – information that relates to you

While visiting the Priv website, we rely on the handling of personal data to make our site available and be able to interact with you. Personal data can be information that directly identifies you, such as your name. In addition, information, which only makes you identifiable together with further details, is also personal data (e.g. your IP address). We classify the personal data that we process from you in the following categories:

Category of personal data

Details

Access data

Access data is information that is necessary to enable the use of our webpages and online services. This includes in particular:

Browser type and browser version, used operating system, Internet Service Provider, IP address of the requesting device, Date and time of the server request, website from which our website is accessed (referrer URL), websites that are accessed by your system through our website.

Master data

Master data is information about you that is required to identify you and, if necessary, to contact you.

This includes the following information:
Name and surname, address, e-mail address, phone number.

Log data

Log data is information that is used to record certain actions on our websites. Log data is collected to ensure the security and integrity of the website and to document and assign certain actions for reasons of legal security.

This includes the following information:
Date and time of an operation, IP address of the device used to perform a specific action.

3.5 Cookies

3.5.1 Characteristics and functionality of cookies

Our websites and sub-sites use cookies. Cookies are text files that are stored in your internet browser or by the internet browser on your computer system when you use the website. When you access a website, a cookie can be stored on your operating system. This cookie contains a string of characters that enables the browser to be uniquely identified when the website is recalled.

3.5.2 Categories of cookies

We use the following categories of cookies:

Necessary cookies enable the use of a website. They enable basic functions such as page navigation and access to secure areas of the website. Without these cookies the website will not work properly.Lawful basis for the use of necessary cookies is a legitimate interest according to Art. 6 (1)(f) GDPR. The legitimate interest arises of the necessity to ensure the proper functioning of the website which also serves the interest of the website visitor.

Targeting cookies are used to identify visitors between different websites, e.g. content partners, banner networks. Those cookies may be used to understand the visitor’s interests or show relevant ads on other websites.

The use of marketing cookies is conditional to the website visitor’s consent according to Art. 6 (1)(a), 7 GDPR, which is obtained separately before using any marketing cookies.

3.5.3 Cookies we use

Necessary cookies

We use the following cookies:

Name of the cookie

Provider

Expiration

Purpose of use

CookieScriptConsent

1 month

This cookie is used by Cookie-Script.com service to remember visitor cookie consent preferences. It is necessary for Cookie-Script.com cookie banner to work properly.

Targeting Cookies

We use the following cookies:

Name of the cookie

Provider

Expiration

Purpose of use

_pk_id.1.deac

13 months

Matomo is used to better understand how visitors use the website. This includes technical aspects, the frequency of use of certain features and information about the regional origin of visitors. This cookie is used to store a few details about the visitor. These details cannot and are not traced back to an individual visitor. Information that could in any way relate to an individual is completely de-identified (anonymized) before it is collected and used.

_pk_ses.1.deac

30mins

To enable the functionalities of Matomo, this cookie helps to temporarily collect the de-identified (anonymized) information on the visit of a website visitor

4. With whom we share your personal data

External service providers

In some cases, we use external service providers to fulfil our tasks. Contractors and service providers, we have engaged and with whom we have a non-temporary business relationship are:

Recipient

Address

Service

Objectis Ltd.
Žalgirio st. 88LT-09303
Vilnius
Lithuania

Supply of an online-based software solution for the management of cookie settings and consent collection

ePrivacy Holding GmbH
Große Bleichen
2120354
Hamburg
Germany

Supply of an online-based software solution for the analysis of website information

5th Floor Pier Place
Foreshore
Cape Town
South Africa

Maintenance, Hosting, Technical Support for the Website

Other Recipients

Your personal data may be transferred to other recipients, such as public authorities in order to comply with statutory notification obligations (e.g. social security institutions, tax authorities or law enforcement agencies) or to other companies in connection with company transactions or restructuring (e.g. for due diligence, transfer of business).

Conditions under which data is transferred outside the European Union, Switzerland and the European Economic Area

To the extent necessary to pursue the processing purposes described above, we may transfer your personal data to service providers as data processors according to Art. 28 GDPR in the United States of America ("US”) and South Africa (SA). Regarding the transfer to the US and SA, there is no adequacy decision by the European Commission within the meaning of Art. 45 (1) GDPR. Therefore, we together with the service providers have concluded EU standard data protection clauses in accordance with Art. 46 (2)(c) GDPR. You may request a copy of these agreements from our data protection officer (for contact details, refer to section 1 of this data protection information).

5. How we determine for how long we store your personal data

Insofar as no explicit storage period is specified in this data protection information, personal data will be stored for as long as is necessary for the specified purposes or the fulfilment of our legal obligations.

In all other respects, the storage period shall be governed by the legal retention periods, for example according to commercial and tax law. At the latest, after expiry of these periods, the data stored and retained by us will be deleted, unless further storage is necessary in exceptional cases.

6. TLS encryption

For security reasons and to protect the transmission of confidential content, such as data within contact requests, our websites use TLS encryption. The establishment of transport encryption is a recognized standard in the network, above all to prevent unauthorized persons from accessing personal data.

You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If TLS encryption is activated, third parties cannot read the data that you transmit to us.

7. Cases in which you have the right to object to the use of your personal data

You may object to the processing of your data on grounds relating to your particular situation, insofar as we process them for our legitimate interest according to Art. 6 (1)(f) GDPR. In the event of objection, we shall refrain from any further processing of your data unless it is necessary for overriding, compelling or legitimate reasons or for the assertion, exercise, or defense of legal claims. Insofar as we process your data on the basis of Art. 6 (1) (f) GDPR for direct marketing purposes, you may object to this processing at any time without stating reasons; this also applies to profiling, insofar as it is associated with direct marketing. If you object to processing for direct marketing purposes, we will no longer use your personal data for these purposes.If you wish to exercise your right of objection, please contact our Data Protection officer or us. The contact details can be found under section 1 of this data protection information.

8. Further rights you have

In addition, you have the right to obtain information about your personal data processed by us at any time under the conditions of Art. 15 GDPR. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged storage period, the existence of a right of rectification, deletion, limitation of the processing or opposition to the existence of a right of appeal, the origin of your data if it has not been collected from us, as well as the existence of an automated decision making process including profiling and, if applicable, meaningful information on its details.

Within the scope of your right to information, you may request a copy of your personal data. Data copies are generally made available in electronic form unless you have indicated otherwise. The first copy is free of charge for you, for further copies a reasonable fee may be charged. The provision shall be subject to the rights and freedoms of other persons who may be affected by the transmission of the data copy.

Under the conditions of Art. 16 GDPR, you may immediately request the correction of incorrect or incomplete personal data stored by us.

In addition, under the conditions of Art. 17 GDPR, you may, in principle, request the deletion of your personal data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.

Pursuant to Art. 18 GDPR, you may also demand that the processing of your personal data be restricted if you dispute the accuracy of the personal data stored by us or if you have objected to the processing pursuant to Art. 21 GDPR. In this case, we have to limit processing of your data for the duration of the examination of your request. You can also demand the restriction if the processing is unlawful, but you refuse to delete it or if not we but you need your data stored with us to assert, exercise or defend legal claims.

Under the conditions of Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or, as far as technically feasible, to request the transfer directly to another responsible person. This right to data transfer exists only if the processing is based on consent pursuant to Art. 6 (1)(a) GDPR or Art. 9 (2)(a) GDPR or on a contract pursuant to Art. 6 (1)(b) GDPR and is carried out by automated means. The restrictions of Art. 20 (3) and (4) GDPR must be considered.

If we process data based on a consent given by you, you are also entitled to withdrawyourconsent at any time in accordance with Art. 7 (3) GDPR. This also applies to declarations of consent issued to us before the GDPR came into force, i.e. before 25 May 2018.

Your withdrawal means that we will not continue the data processing, which until then was based on this consent, for the future.

Please contact our Data Protection Officer regarding your data protection rights. The contact details can be found under section 1 of this data protection information.

9. Your right to lodge a complaint with a supervisory authority

If you are of the opinion that the processing of your personal data by us violates the provisions of data protection law, you also have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, workplace or place of presumed infringement, pursuant to Art. 77 GDPR. The competent supervisory authority for Priv in Berlin, Germany is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin, Germany
Phone: +49 (0) 30 13889-0
Email: mailbox@datenschutz-berlin.de

Status: March 2021