Privacy Policy Website

January 28, 2023

General information about the processing of your data

We are obliged by law to inform you about the processing of your personal data (hereinafter referred to as “data”) when you download and use our apps. This data protection notice informs you about the details of the processing of your data and about your legal rights in this regard. For terms such as “personal data” and “processing”, the legal definitions pursuant to Art. 4 GDPR apply. We reserve the right to adapt the privacy policy with future effect, in particular in the event of further development of the mobile apps, the use of new technologies or changes to the legal bases or the corresponding case law. We recommend that you read this privacy policy from time to time and take a printout or a copy for your records.

Scope

This privacy policy applies to all pages of https://codeclou.io. It does not cover any linked websites of other providers.

Controller

The following party is known as the controller under data protection law and therefore responsible for the processing of personal data within the scope of this privacy policy:

codeclou GmbH
HUerivnareivcphu--DQiverhuly--SFtgre.. 22
9900555522 REöötghuernaboancphu anna dqerre PCergtnaivtgzm
Deutschland
Tel.: ++4499 991111 3311110099990033
E-Mail: vasb@pbqrpybh.vb

Questions about data protection

If you have any questions about data protection with regard to our company or our app, you can contact us using the contact details provided under “Controller”.

Your rights

You have the following rights with regard to the personal data concerning you that you can assert against us:

  • Right of access: You can request access to the personal data concerning you which we process, as set forth in Art. 15 GDPR.
  • Right to rectification: If the information concerning you is not (or no longer) correct, you can request its rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
  • Right to erasure You may request the erasure of your personal data in accordance with Art. 17 GDPR.
  • Right to restriction of processing: Pursuant to Art. 18 GDPR, you have the right to demand that the processing of your personal data be restricted.
  • Right to object to processing: Pursuant to Art. 21(1) GDPR, you have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data which occurs based on Art. 6(1) Sentence 1(e) or (f) GDPR. If you object, we will not process your data further, unless we can prove compelling legitimate reasons for the processing which override your interests, rights and freedoms or, moreover, the processing serves to establish and exercise or defend legal claims (Art. 21(1) GDPR). Furthermore, under Art. 21(2) GDPR you have the right to object at any time to the processing of your personal data for direct marketing purposes, which includes profiling to the extent that this is related to such direct marketing. In this privacy policy, we draw your attention to this right to object when describing each processing operation.
  • Right to withdraw your consent: If you have given your consent for processing, you have a right to withdraw that consent under Art. 7(3) GDPR.
  • Right to data portability: You have the right to receive the personal data you have given us in a structured, commonly used, machine-readable format (“data portability”) and the right to transfer this data to another controller, if the prerequisites of Art. 20(1)(a), (b) GDPR are fulfilled (Art. 20 GDPR).

You can assert your rights by informing us using the contact details specified under “Controller” above.

If you believe that the processing of your personal data violates data protection law, then under Art. 77 GDPR you also have the right to lodge a complaint with a data protection supervisory authority of your choice. This includes the data protection supervisory authority responsible for the controller:

Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, postal address: Postfach 1349, 91504 Ansbach, phone: +49981/180093-0, email: poststelle@lda.bayern.de, https://www.lda.bayern.de

Using our website

In principle, you can use our website for purely informational purposes without disclosing your identity. When you access the individual pages of the website in this sense, this only results in access data being transferred to our web hosting service so that the website can be displayed to you. This involves the following data being processed:

  • Browser type / browser version
  • Operating system used
  • Language and version of the browser software
  • Date and time of access
  • Hostname of the accessing device
  • IP address
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Websites accessed via the website
  • Referrer URL (website visited before)
  • Notification of whether the access was a success and
  • Volume of data transferred

It is necessary for this data to be processed temporarily in order to make it technically possible for you to visit our website and to deliver the website to your device. The access data is not used to identify individual users and is not combined with other data sources. The data is also stored in log files, in order to ensure the functionality of the website and the security of the information technology systems. The legal basis for the processing is Art. 6(1) Sentence 1(f) GDPR. We have legitimate interests in ensuring the functionality, integrity and security of the website. Storing access data in log files, in particular the IP address, for a longer period of time enables us to detect and prevent misuse. This includes, for example, defending against requests that would overload the service as well as against bots. The access data will be erased as soon as it is no longer required for achieving the purpose of its processing. In the case of recording the data to provide the website, this is the case when you end your visit to the website. The log data is generally stored directly and in such a way that it can only be accessed by administrators, and it is erased after fourteen days at the latest.

You may object to the processing. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller” above.

Device information

In addition to the aforementioned access data, technologies are used when you use the website which store information in your device (e.g. desktop PC, laptop, tablet or smartphone) or access information which is already stored on your device. These technologies may include, for example, cookies, pixels, local storage, session storage, IndexedDB or browser fingerprinting technologies. These technologies can be used to recognise you across devices and websites.

According to Sect. 25(1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG), we generally require your consent for the use of these technologies. According to Sect. 25(2) TTDSG, this is only not required if the technologies either enable the transmission of a message via a public telecommunications network or if they are absolutely necessary to provide a telemedia service that you have expressly requested:

Technically necessary device information

Some elements of our website serve the sole purpose of transmitting a message (Sect. 25(2) No. 1 TTDSG) or are absolutely necessary to provide you with our website or individual features thereof (Sect. 25(2) No. 2 TTDSG).

  • Language settings
  • Browser time zone
  • Login information

The elements are erased after storage is no longer required.

You can prevent processing by adjusting your browser settings accordingly. For elements whose storage duration is not limited to the session, you can adjust your browser settings so that the elements are erased after your session has expired.

Technically non-essential device information

Our website also uses elements that are not technically necessary. We only use these technologies with your consent in accordance with legal requirements. Information about the individual technologies and features can be found in our “settings” as well as in the following information, which is sorted according to the individual features:

Contacting our company

When you contact our company, e.g. by email, we will process the personal data provided by you so that we can respond to your request. The legal basis for this processing is Art. 6(1) Sentence 1(f) GDPR and Art. 6(1) Sentence 1(b) GDPR, if the contact is made with the intention of concluding a contract. If the request is aimed at concluding a contract, it is necessary for you to provide your data. If you do not provide your data, it will not be possible to conclude/execute a contract and process the request. As soon as processing is no longer necessary, we erase the data generated here – usually two years after the end of the communication – or, if statutory retention obligations apply, restrict processing of the data.

You may object to the processing. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller” above.

Processing for contractual purposes

We process your personal data if and to the extent necessary for the initiation, creation, execution and/or termination of a legal transaction with our company. The legal basis for this results from Art. 6(1) Sentence 1(b) GDPR. It is necessary for you to provide your data in order to conclude the contract and you are contractually obliged to provide your data. If you do not provide your data, it will not be possible to conclude and/or execute a contract. Once the purpose has been achieved (e.g. contract processing), the personal data will be blocked for further processing or erased, unless we are entitled to keep processing the data on the basis of a consent granted by you (e.g. consent to the processing of your email address for sending promotional emails), a contractual agreement, a statutory authorisation (e.g. authorisation to send direct marketing) or on the basis of justified interests (e.g. retention for asserting claims).

Your personal data will be passed on to third parties if

  • it is necessary for the creation, execution or termination of legal transactions with our company (e.g. when transmitting data to a payment service provider to process a contract with you) (Art. 6(1) Sentence 1(b) GDPR), or
  • a subcontractor or party we use to perform our obligations, which we use exclusively within the framework of providing the offers or services requested by you, needs this data (unless you are expressly informed otherwise, such auxiliary parties are only entitled to process the data insofar as this is necessary for the provision of the offer or service), or
  • there is an enforceable official order (Art. 6(1) Sentence 1(c) GDPR), or
  • there is an enforceable court order (Art. 6(1) Sentence 1(c) GDPR), or
  • this is necessary for the establishment, exercise or defence of legal claims (Art 6(1) Sentence 1(c) GDPR)
  • we are legally obliged to do so (Art. 6(1) Sentence 1(c) GDPR), or
  • the processing is necessary in order to protect the vital interests of the data subject or another natural person (Art. 6(1) Sentence 1(d) GDPR), or
  • this is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6(1) Sentence 1(e) GDPR), or
  • we can cite our overriding legitimate interests, or those of a third party, in the disclosure (Art. 6(1) Sentence 1(f) GDPR)

Your personal data will not be transmitted to other persons, companies or bodies unless you have effectively consented to such transmission. The legal basis for the processing is then Art. 6(1) Sentence 1(a) GDPR. In this privacy policy, we draw your attention to the respective recipients when describing each processing operation.

Hosting and analysis of website visits

We use external hosting services provided by Host Europe GmbH (Hansestraße 111, 51149 Cologne; hereinafter referred to as “Host Europe”), which serve to provide the following services: infrastructure and platform services for the purpose of website and email hosting. For these purposes, all of the data required for the operation and use of our website – including the access data mentioned under “Using our website” – is processed. The legal basis for this processing is Art. 6(1) Sentence 1(f) GDPR. By using external hosting services, our aim is to make providing our website efficient and secure.

In addition, Host Europe anonymises the access data mentioned under “Using our website” so that the “Webalizer 2” tool provided by Host Europe GmbH can provide an anonymised analysis of website visits. The anonymisation of the aforementioned access data occurs on the basis of Art. 6(1) Sentence 1(f) GDPR. We have a legitimate interest in the anonymised analysis of user behaviour in order to optimise our website.

You may object to the processing. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller” above.

Content delivery network

GitHub Pages

We use the services of the GitHub Pages content delivery network, which is provided by GitHub, Inc. (88 Colin P Kelly Junior Street, San Francisco, CA 94107 US; hereinafter referred to as “GitHub”) for the purpose of allowing our website to be displayed more quickly. When you visit our website, a library is loaded and temporarily stored on your device in order to avoid reloading the content. This involves your IP address being processed by the provider. GitHub processes your data in part in the US. No EU Commission adequacy decision exists for data transfers to the US. We have concluded so-called standard contractual clauses with GitHub in order to commit GitHub to an appropriate level of data protection. A copy is of course available on request. The legal basis of the data processing is Art. 6(1) Sentence 1(f) GDPR. By using GitHub, we are pursuing our legitimate interest in faster website retrieval as well as a more effective and improved presentation of our website. Further information, in particular on the storage period, can be found at: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement

You may object to the processing, insofar as it is based on Art. 6(1) Sentence 1(f) GDPR. Your right of objection exists if you have reasons arising from your particular situation. You may send us your objection using the contact details specified under “Controller”.

Copyright by Spirit Legal