We appreciate your interest in CAPinside and that you visit our homepage. Here we inform you about which of your personal data we collect when you visit our website and for what purpose they are used.
RESPONSIBLE AND CONTACT
Responsible person within the meaning of Art. 4 No. 7 DSGVO is CAPinside Ag, which maintains and operates the platform CAPinside as a separate brand:CAPinside Ag
represented by: Philipp Schröder, Achim Denkel, Micha Grüber
Kleine Johannisstrasse 9
20457 Hamburg - Phone: +49 40/897 20 776 0
CAPinside Ag is a German stock corporation based in Hamburg. The Associated Marketing Platform CAPinside is a separate brand of CAPinside Ag and develops individual marketing and sales offers in the B2B area.
For data protection questions, please contact our (external) appointed Data Protection OfficerMr. Thomas Mecke
Tel.: +49 0551 - 29 344 58
How are your data processed?
We commit your data confidentially at all times and in accordance with the legal requirements, In particular, the European Data Protection Regulation, which will enter into force on 25.05.2018 treat and protect your privacy.
GENERAL PURPOSE OF DATA PROCESSING
CAPinside and the operation of this platform is subject to a very dynamic development. It is therefore not possible to represent every single detail. But we want to show you the essential details of data processing. The processing of data is in particular for the purpose of rendering our contractual obligations to our users. Deviating from this, we process your data in order to safeguard our legitimate interests in consideration of your interests. And of course, in some cases we are legally required to process data (for example, to provide data to investigative authorities). In all other cases, we will obtain a separate consent from you for data processing. In the course of rendering our contractual obligations to our users, we always try to adapt our products and services to the needs of the users. Personalization plays an important role here. In doing so, interest and usage profiles are created. In order to be able to show you suitable product recommendations, we must understand what interests you might have. To identify these interests, we use the information you provide us with. In addition, we also use such information that we receive automatically due to your use of our service (by so-called "tracking") and possibly information that we receive indirectly.
We commit your data confidentially at all times and in accordance with the legal requirements, In particular, the European Data Protection Regulation, which will enter into force on 25.05.2018 treat and protect your privacy.
WHAT ARE PERSONAL DATA?
Personal data is all such information, even partial information, referring to one identified or identifiable living person. You will be charged if you are with contact us, i. if you are an existing or new customer, prospective customer or applicant be interested in our products and services, submit applications, fill in online forms, create a profile or are already in business with us. No personal Data in this sense is data that can not be attributed to a natural person, either directly or indirectly are collected or processed for the purpose of purely statistical surveys (for example, on the Usage behavior on our website).
INFORMATION YOU ARE COMMUNICATING TO US
Due to the contractual relationship between you and CAPinside AG, you are under our terms and conditions contracted to provide us with the necessary data, as we can not meet our contractual obligations without them. A legal obligation does not exist in this respect. When you visit and / or use our websites, we process the following personal information that we have received from you:
1. Registration data
When registering, you must complete certain mandatory fields. This information is essential for a functioning professional network. For example:
- Title, first name and last name
- Job title and company name
- Industry and license
- age group
We require these mandatory details to verify you. As part of a private message between two users only the first and last name as well as the company name are visible.
If you submit a deletion request to us, we usually delete that data on the same business day, at the latest, however, within 72 hours. We delete this information when your user account Clear. The legal basis for this processing of personal data is Art. 6 I (b) GDPR.
2. Access data
As part of CAPinside's registration applications, we must collect and process certain personally identifiable information from you as your credentials. For example:
- User name
- Login E-mail address
Your access data are not visible to third parties. We do not share this information with any third party. We will delete this information when you delete your user account. Legal basis for this processing personal data is Art. 6 para. 1 lit. b) DSGVO.
3. Email addresses
We will use the electronic mailing address (s) you have provided to you regularly Newsletter or advertisement for own similar products and services or questionnaires for Purpose of having your own market research electronically, unless you have contradicted such use. In the newsletters, for example, we can send you new ones Inform functions at CAPinside, suggest you interesting contacts and products or Provide you with certain personal statistics. You can send the newsletters at any time Unsubscribe via the link given at the end of each newsletter.
We will delete this information when you delete your user account. Legal basis for this processing personal data is Art. 6 para. 1 lit. b) GDPR.
For our live chat feature, we collect and store the information you provide us through the chat form. We use an external provider, www.userlike.com, who collects the questions and comments you have provided and forwards them to us. Userlike uses Amazon's Content Delivery Network (CDN for short) cloudfront.com. Amazon CloudFront is a global CDN service that securely delivers low-latency, high-speed data, video, applications, and APIs. CloudFront is integrated with AWS-both the physical sites directly connected to the AWS global infrastructure and the software that works seamlessly with services. We have entered into a data processing agreement with Amazon to ensure the security of your data. More information can be found at https://aws.amazon.com/en/cloudfront/.
To participate in a live chat, we require you to provide a name and yours Contact details. If you do not want to specify your real name, you can also use a pseudonym specify. In addition, you may voluntarily indicate the name of the company, for which you are active. Chat data and chat content will be shared for a period of three (3) Stored for months and then deleted.
The legal basis for this data processing is Art. 6 para. 1 lit. f) GDPR. Our "legitimate interest" i.S.d. Art. 6 para. 1 lit. f) DSGVO is the fast and easy way of communicating via online chat with the respective users in order to be able to react quickly to questions. More information about Userlike can be found here: https://www.userlike.com/en/terms#privacy-policy
5. Payment data
If you use paid products from CAPinside, we collect and use your payment information for payment and billing purposes according to the chosen means of payment. The billing is done with the help of our external service provider Debitoor (Debitoor GmbH, Choriner Str. 34, 10435 Berlin, Germany), with which we also have a data processing agreement acc. Art. 28 DSGVO. For the payment and billing of the automatic renewal of the user relationship your payment data will be stored. For example:
- Bank details and VAT, if applicable
We store this data until the data is not tax, commercial or otherwise are subject to legal storage obligations more. Legal basis for this processing personal data is Art. 6 para. 1 lit. b) DSGVO.
6. Fund data
In order to meet our claim of a personalized offer to the user of our service, we store the fund data you provide, such as:
- List names and anonymized ID's of the funds contained therein
- Saved fund comparisons
- WKNs and ISINs
- Fund name and internal ID of the fund
The legal basis is Art. 6 para. 1 lit. b) GDPR, i. that data collection and processing to achieve the contractual objectives. This also applies to pre-contractual information, you make us in the context of a first request and we need to give you one make a binding offer.
7. Community data
To analyze your interest sufficiently and to be able to react accordingly As part of your user profile, we also save the names of people and funds follow and vice versa, which users you may follow (so-called followers).
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our "interest" i.S.d. Art. 6 para. 1 lit. f) DSGVO is the analysis of your interests for the appropriate design of our service (Personalization).INFORMATION WE GET AUTOMATICALLY AS A RESULT OF USING OUR PLATFORM
With the help of so-called tracking technologies, we automatically collect and process data from you when you visit our website.
1. What is tracking and what is it for?
On our web server we collect data from our users, and third parties that we primarily use for the Provide provision of our service. On your device, be it PC or mobile, will be using of cookies, pixels and similar tracking methods data collected and evaluated by you and constantly optimize our offer and adapt it to your individual needs.
The evaluation of information obtained through tracking is required to suit you to provide personalized services for the contractual purpose of CAPinside and To ensure you the greatest possible benefit. The implicit feedback, that you provide to us as a result of our tracking through your use of CAPinside, is an important part to understanding what content you more or less are interested.
In order for the pages to be displayed in your browser, the IP address of the device you are using must be processed. In addition, more information about the browser of your device. In terms of data protection, we are also obliged to guarantee the confidentiality and integrity of personal data processed using our IT systems. For this purpose, the following data is logged:
- IP address of the calling computer (for a maximum of 7 days)
- Operating system of the calling computer
- Browser version of the calling computer
- Name of the retrieved file
- Date and time of retrieval
- Transferred amount of data
- Referring URL
The IP address will be updated after 7 days at the latest of all systems related to the operation these websites are used deleted. A personal reference we can from the then restore any remaining data. The data is also used to fix website errors, such as attacks and tampering recognize and protect our users from it.
The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR and takes place in our legitimate interest. Our "interest" within the meaning of Art. 6 para. 1 lit. f) GDPR is the operation of this website, taking into account the protection goals of confidentiality, Integrity and availability of the data. As a recipient, you always have the option of to contradict this form of data collection.
USING TRACKING TECHNOLOGIES:
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You may also prevent Google`s collection of data generated by the cookie and your use of the website (including your IP address) and the processing of such data by Google by downloading the browser plug-in available at the following link and install: https://tools.google.com/dlpage/gaoptout?hl=en
Opposition to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent your data from being collected on future visits to this site: Disable Google Analytics
This website uses Adobe Typekit webfonts. Typekit is a service from Adobe (Adobe Systems Software Ireland Limited, 4-6 Riverwalk
Citywest Business Campus, Dublin 24, Ireland). This service provides fonts that appear in the user`s web browser after a server call to Adobe (in the US). In this case, at least the IP address of the browser of the terminal of the user of this website is stored by Adobe. For more information, please refer to the Typekit Privacy Notice, which can be found here https://www.adobe.com/de/privacy/policies/typekit.html Adobe is a member of the US-EU Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active), which guarantees an appropriate level of privacy. Legal basis is gem. Art. 6 para. I lit. f) GDPR our legitimate interest. This can be seen here in what our users are interested in to improve our products and our offer as a whole to constantly expand and expand.
Here, data on the user`s behavior on the website is collected and processed, e.g. which articles you read, which products you are interested in, how long you stay on individual pages, etc. The data is pseudonymized (in addition to general metadata such as the age group and the specified license, eg only the user ID is recorded) stored in Google Cloud Services (Information about Google`s data processing and protection can be found here: https://policies.google.com/privacy). A conclusion on your person is only possible for CAPinside, and here also only authorized employees, by comparison of the Analytics and user database. Third parties can not make any conclusions based on this data. We use this data as the basis for our machine learning so that the user of our service receives a personalized portal and only the content that interests you, or that our users only see those products for which they have a license. Legal basis is gem. Art. 6 para. I lit. f) GDPR our legitimate interest. This can be seen here in what our users are interested in to improve our products and our offer as a whole to constantly expand and expand.
INFORMATION WE GET FROM THIRD PARTIES
We also process data that we have not collected directly from you. That's the case when we request an external job (like the Schufa) to compare and verify your data. In these cases, we process the data in accordance with. Art. 6 para. 1 lit. b) alternatively lit. f) GDPR in the context of our fulfillment of the contract against the respective user and / or for the protection of ours legitimate interests in balance with your interests. No third party has insight into this data. We save this data until deletion of the user account, unless longer, statutory Storage periods exist (e.g., when using / purchasing a paid service / product).
INFORMATION WE SHARE TO THIRD PARTIES
Data that we receive from you will only be disclosed to third parties if this is necessary for the fulfillment of our own business purposes (ie in particular for the provision of services owed to you) (eg to increase your community or the reach of your product you have given your consent thereto or we are required to do so by law or as a result of a legal or regulatory order. In particular, your data will not be disclosed to third parties for their advertising purposes. If we work together with external service providers in the context of data processing (eg in web hosting), this is usually done on the basis of so-called order processing, in which we remain responsible for the data processing. We check each of these service providers beforehand for the measures taken by them for data protection and data security and thus ensure the statutory contractual provisions for the protection of personal data.
However, we may set service providers for the operation of these websites or for others Products from us. Here it may happen that a service provider is aware of personal Receives data. We select our service providers carefully - especially with regard to Data protection and data security - and take all data protection required measures for a permissible data processing.
If you choose to pay via the Stripe payment service provider, payment will be processed through Stripe Payments Europe Ltd (Block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland), to which we will provide your information as part of the ordering process, along with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) according to Art. 6 para. 1 lit. b) pass on DSGVO. The transfer of your data takes place exclusively for the purpose of the payment processing with Stripe and only insofar as it is necessary for this. For more information on Stripe`s privacy, please visit: https://stripe.com/en/privacy
The payment transactions via the common means of payment (Visa / Mastercard, direct debit) are made exclusively via an encrypted SSL connection. You can recognize an encrypted connection by changing the address line of the browser from "http: //" to "https: //" and the lock symbol in your browser line
With encrypted communication, your payment details that you submit to us may not be read by third parties.
OTHER THIRD-PARTY SERVICE PROVIDERS AND OTHER COMPANIES, THE SERVICES OF WHICH WE TAKE PLACE
The FWW is a German company specializing in the analysis and preparation of fund data (www.fww.de, Asset International Deutschland GmbH, Münchener Str. 14, 85540 Haar bei München). CAPinside obtains corresponding information from FWW for the provision of its services. A confidentiality agreement exists. FWW does not receive any personal information from you.
Facebook may also link this data to their Facebook account and for their own promotional purposes, according to Facebook`s data usage policy https://www.facebook.com/about/privacy/. You have the possibility to prohibit Facebook and its partners from displaying advertisements. You can edit the settings for Facebook`s ads by following the link: https://www.facebook.com/ads/website_custom_audiences/.
Facebook is a member of the US-EU Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active) ensuring an adequate level of data protection. Legal basis is gem. Art. 6 para. I lit. f) GDPR our legitimate interest. This can be seen here in what our users are interested in to improve our products and our offer as a whole to constantly expand and expand.
Twitter is a member of the US-EU Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active) ensuring an adequate level of data protection. Legal basis is gem. Art. 6 para. I lit. f) GDPR our legitimate interest. This is to communicate with our community and to recognize what our users are interested in to constantly improve and expand our products and our offerings.
Use of Vimeo plugins
We use for the integration of videos u.a. also the provider Vimeo. Vimeo is operated by Vimeo, LLC (headquartered at 555 West 18th Street, New York, New York 10011).
Please note that Vimeo also claims to maintain an adequate level of privacy by complying with the Privacy Shield requirements. More information can be found here: https://vimeo.com/transfer_statement
www.digitalocean.com is an external server service provider that stores our customer information. Digitalocean is an American company that is an active participant in the EU-US Shield, which ensures appropriate and compliant data security. The list can be viewed here: www.privacyshield.gov . digitalocean operates several data centers, including outside the European Union and the EEC (European Economic Community) area. When ordering the server you can choose in which data center these servers should be created. CAPinside has selected Frankfurt am Main to ensure the preservation of your data within the EU.
www.cloud66.com is an American provider that stores and manages the backups of CAPinside`s database. In addition, CAPinside has agreed an EU standard contract clause with this provider, which according to its own statements also complies with the requirements of the GDPR, in order to ensure data security here as well. Legal basis is gem. Art. 6 para. I lit. b) GDPR, the fulfillment of our contractual obligations, namely the provision of a functioning online offer.
When you create a user account, so-called transaction emails are sent by CApinside. Transaction mails are e.g. E-mails asking you to verify the e-mail address, a password reset link will be sent via the Forgotten Password feature, etc. These emails will be sent through our external service provider Amazon SES (Simple Email Services) owned by the Amazon Web Service (Amazon AWS), which is a subsidiary of the Amazon.com group, based in the United States. Amazon is a participant in the EU-US Privacy Shield and ensures European-level privacy (more info here: https://amzn.to/2KqRpmA https://amzn.to/2ka3inR and here to the privacy label https://amzn.to/2qVXqzh). We also use Amazon AWS for our other, automatically sent emails (for example "Earlybird" newsletter). Legal basis is gem. Art. 6 para. I lit. f) GDPR our legitimate interest. This is to communicate with our community and to recognize what our users are interested in to constantly improve and expand our products and our offerings.
Other recipients include:
- CRM service provider
- Web conferencing portals and service providers, such as CSN Network GmbH
- E-mail delivery service providers
- Software Developer
- Ad server operator
- External consultant
Social plugins are not used by us. The "share buttons" that you find on our site are not the scripts of the respective companies (Facebook, Twitter and Co.), but simple links to these pages. Your data will not be forwarded to these companies.
YOUR RIGHTS AS AFFECTED
Request for information, information and correction
Of course, you can at any time information about your personal information processed by us Require data as provided for in Art. 15-21 GDPR. If your data is incomplete, you can ask for a completion. If we have shared your information with third parties, We inform this third party about the correction, if required by law.
Your right to cancellation
For the following reasons you can request the immediate deletion of your personal data:
- If your personal information is no longer needed for the purposes for which it was collected
- If you revoke your consent and lack any other legal basis
- If you object to processing and there are no overriding reasons for processing worthy of protection
- If your personal information has been processed unlawfully
- If your personal information needs to be deleted to comply with legal requirements
Please note that the abovementioned cancellation reasons comply with the legal requirements.
Your right to restrict the processing of your personal data
You have the right to request a restriction on the processing of your personal data for one of the following reasons:
- If the accuracy of your personal information is disputed by you and we had the opportunity to verify the accuracy
- If the processing is not lawful and you require a restriction of use instead of deletion
- If we no longer need your information for processing purposes, you may need it for assertion, exercise or defense against legal claims
- If you have objected, as long as it is not certain that your interests prevail
Your right to contradict
CAPinside may only use your personal information on the basis of legitimate interests or yours Process consent. You are always entitled to use your data in these cases to contradict.
Your right to complain
If you are not satisfied with a response from CAPinside, you can contact our privacy officer and file a complaint. Otherwise, you may also contact a privacy officer of your choice, e.g. at:The Hamburg Commissioner for Data Protection and Freedom of Information
Klosterwall 6 (Block C)
Phone: (040) 42854-4040
Your right to data portability
You have the right to receive personally identifiable information you provide to us in a portable format.
Should the general terms and conditions and / or this privacy statement be made retrospectively prove to be ineffective or otherwise subsequently omitted, all data of the Contractual partner based on the interests involved and processed (see Article 6 (1) (f) GDPR). The "legitimate interest" of CAPiside lies especially in the continuous market maintenance and expansion and the ongoing expansion of the community around the customer as far as possible gain.