PRIVACY POLICY

As a matter of principle, you can use our website without entering any personal data. In individual cases, however, the collection and processing of your personal data may be necessary in order to use certain functions of our website. In addition, we collect and process personal data to optimise our website and services, which we process in accordance with data protection regulations.

We take the protection of your personal data very seriously and would therefore like to inform you below about your rights as well as the type and scope of the respective data collection.

1. RESPONSIBLE PERSON

Contact details of the responsible person
Person responsible for processing within the meaning of the Basic Data Protection Regulation (DS-GVO) and the Federal Data Protection Act (BDSG):

IoT ONE Exchange c/o repeatmobile GmbH
Straßburger road 55
10405 Berlin
Phone: +49 (0) 30 60 98 944 90
Website: www.iotone.exchange
E-mail: info@iotone.exchange 

2. DEFINITIONS OF TERMS

Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics expressing the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Person concerned

A person concerned is a person whose personal data are processed by the person responsible.

Processing

Processing shall mean any operation or set of operations which is carried out with or without the aid of automated means relating to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.

Responsible

The person responsible is the person who decides on the purposes and means of the processing of personal data and also carries it out accordingly.

Contract processor

The contract processor is another natural or legal person, public authority, agency or body that processes personal data on behalf of the controller.

Recipient

The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed.

Consent

The data subject’s consent shall mean any voluntary, informed and unequivocal expression of his or her intention to proceed with a particular case, in the form of a statement or other unequivocal confirmatory act by which the data subject indicates his or her consent to the processing of his or her personal data.

Supervisory authority

The supervisory authority is an independent government body established by a member state pursuant to Art. 51 DS-GVO, which is responsible for monitoring compliance with data protection laws and regulations.

3. INFORMATION ON THE PROCESSING OF PERSONAL DATA

We process your personal data by various technical means and possibly also under the increase of other service providers. We would like to inform you about the concrete details of the processing in the following points.

Visiting our website

When you visit our website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
– IP address and service provider
– Date and time of the request
– Contents of the request (concrete page)
– Access status/HTTP status code
– amount of data transferred in each case
– Website from which the request originates
– Browser incl. language and software version
– Operating system and its interface
The data listed in paragraph 1 are also automatically stored in the log files (log file) of our server. The log data is stored separately from other data and can only be viewed by the hoster. The storage period of the log data is 7 days. The legal basis for the processing of your data when visiting our website is Art. 6 Para. 1 S. 1 lit. f DS-GVO, § 15 Telemediengesetz (TMG).

Use of cookies

In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the location that sets the cookie (here by us). Cookies cannot execute programs or transmit viruses to your computer. They serve to make the website more user-friendly and effective. The legal basis for the use of cookies is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

This website uses the following types of cookies, the scope and function of which are explained below:

– Transient Cookies
– Persistent Cookies

Transient cookies are automatically deleted when you close your browser. These include in particular session cookies. They store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser.

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.

You can configure your browser settings according to your wishes and also refuse to accept third party cookies or all cookies. Please note, however, that you may not be able to use all functions of this website.

How to contact us by e-mail

(1) When you contact us via the contact addresses provided on our website, the data entered by you (your e-mail address and regularly your name and other data provided by you) will be stored by us at the time of sending in order to respond to your enquiry and process your request.

(2) You can object to the processing of your personal data at any time by sending an e-mail to info@iotone.exchange  or declare your objection to the processing of your personal data to the person(s) listed in Section 1. If you contact us directly by e-mail, you can object to the processing of your personal data at any time by the same means.

(3) We will delete the data arising in this connection after storage is no longer required or restrict processing if there are legal storage obligations. The legal basis is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

(4) If the purpose of your contact is to conclude a contract, an additional legal basis for the processing of your personal data is Art. 6 Para. 1 S. 1 lit. b DS-

Use of the inquiry form

When sending a request via the request form on our website, the data you enter (regularly your e-mail address, your name as well as your personal message and optionally your telephone number, organisation, number of employees and coupon number) will be processed by us on the basis of your consent at the time of sending in order to process your request.

On the basis of the data entered by you, we will make the DEMO requested by you available in the desired period and store and process your personal data. The same applies to the storage and processing of personal data in connection with the inquiry regarding our partner program.

We delete the data and the processing in this context after the storage is no longer necessary, or restrict the processing if there are legal storage obligations. The legal basis for the processing of your personal data in the case of an enquiry using the enquiry form provided is Art. 6 Para. 1 S. 1 lit. b DS-GVO.

Integration of Google Web Fonts

On this website we use Google Web Fonts for an improved visual representation. These are fonts that are retrieved from a Google server when you visit our website and are stored in the cache of your browser to display our website. Further information can be found at https://fonts.google.com/about#. The legal basis for the use of Google Web Fonts is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

When you visit the website, Google receives information that you have accessed it. In addition, the data referred to in Section 3, “Use of cookies” and “Visiting our website”, of this declaration are transmitted. This occurs regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be associated with Google, you must log out of your Google Account before visiting our website. Google stores your data as usage profiles and uses them for advertising, market research and/or for designing its website according to your needs. Such evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing demand-oriented advertising. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.

Information of the provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For more information about the purpose and scope of data collection and processing by the plug-in provider, please refer to the provider’s privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Integration of Google Maps

On this website we use the offer of Google Maps. This allows us to display interactive maps directly on the website and allows you to conveniently use the map function. The legal basis for the use of Google Maps is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data referred to in Section 3, “Use of cookies” and “Visiting our website”, of this declaration are transmitted. This occurs regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be associated with Google, you must log out of your Google Account before visiting our website. Google stores your data as usage profiles and uses them for advertising, market research and/or for designing its website according to your needs. Such evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing demand-oriented advertising. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.

Information of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the provider’s privacy policy. You will also find further information on your rights in this regard and setting options to protect your privacy there: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Integration of Google ReCaptcha

We use the Google reCaptcha service to determine whether a person or computer makes a particular entry in our contact or newsletter form. Google uses the following information to determine whether you are a human being or a computer: IP address of the terminal device used, the website that you visit on our site and on which the captcha is embedded, the date and duration of the visit, the identification data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks for which you must identify images. The legal basis for the data processing described is Art. 6 Para. 1 Letter f of the Basic Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

4. PRESENCE IN SOCIAL NETWORKS

We also operate online presences (fanpages) within social networks and platforms. We present ourselves as a company, can communicate with you as our customers, partners or interested parties and publish information and offers. Also a possible analysis of the activity on our fan page can be done with statistical data, which is provided to us by the providers of social networks and platforms (so-called Insights data). However, data processing only takes place as soon as you interact with our fan page.

The legal basis for this is Art. 6 Para. 1 S. 1 lit. f DS-GVO, since data processing is carried out on the basis of our legitimate interests in more effective information and communication with you. Art. 6 para. 1 sentence 1 lit. b DS-GVO represents the legal basis for contract-relevant communication with us.

When calling up and using our fan page, your personal data is processed by the providers of social networks and platforms themselves for analysis and advertising purposes. As the operator of the fan page, we have no influence on this and we do not receive any information from the respective providers about the exact scope of data processing. This allows the providers to create user profiles, e.g. to place advertisements in line with their interests. Cookies are usually stored on your devices for this purpose. Data processing can also take place outside the European Union. The US providers of social networks and platforms are certified according to the Privacy Shield, whereby they undertake to comply with the data protection standards of the EU (https://www.privacyshield.gov/list). The provider of the social networks and platforms is primarily responsible for data processing via the fan page. You also have the option of asserting your rights (see “No. 6”) directly against the providers of social networks and platforms.

Further information on data processing and your rights can be found in the privacy statements of the providers:
– LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Privacy Statement: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

5. TRANSMISSION IN THIRD COUNTRIES

In some cases your data will be transmitted by external service providers to servers outside the EU in individual cases (so-called third countries). In particular, these can be service providers in the areas of hosting, fulfilment of regulatory obligations, debt collection and marketing, whereby we carefully select these service providers and contractually oblige them to comply with data protection in accordance with the statutory requirements. Insofar as the service providers are located in the USA, it is ensured that the providers are subject to the EU-US Privacy Shield Agreement and that an appropriate level of data protection can therefore be guaranteed (https://www.privacyshield.gov/list).

The following companies receive data in third countries outside the European Union:
– LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy

6. YOUR RIGHTS

You have the following rights against us with regard to the processing of your personal data, which you can assert at any time informally against the contact person listed in 2. above.

Right of access
Upon request, we will provide you with information on which personal data we have stored about you, for what purpose, for what duration, from which source and on what legal basis, and whether we have disclosed this information to third parties.

Right to rectification
If it turns out that the personal data you provide us with is incorrect or incomplete, we will correct or supplement it immediately upon request.

Right to deletion (right to be forgotten)
You have the right to an immediate deletion of your personal data, unless there is a legal obligation to store.

Right to limitation of processing
You can ask us to restrict the processing of your personal data.

Right to object to the processing
You can object to the processing of your personal data at any time. This applies in particular if the legal basis for the processing is Art. 6 Para. 1 S. 1 lit. f DS-GVO.

Right to data transferability
You have the right to receive your personal data in a universally readable format.

Right of appeal to a supervisory authority
You also have the right to complain to the responsible data protection supervisory authority about the processing of your personal data by us. The data protection authority of the federal state in which we have our registered office is responsible. You can find more information on this at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
We take the liberty of pointing out politely that the exercise of your rights in individual cases may be linked to the existence of certain conditions.

Guarantee of data security and data protection
In order to guarantee the protection and security of your personal data, we carry out a large number of technical and organisational security measures, the effectiveness of which we regularly check.