Officially licensed and supervised by the German Federal Financial Supervisory Authority (BaFin).
Data protection and data security for our contractual partners as well as for consumers have always been a high priority for our company. The protection of your personal data during our entire business processes is very important to us and a special concern. Respecting this personal right is a matter of course for us. In general, it is not necessary for you to provide personal data in order to use our website. However, we may need your personal data in order for us to be able to provide certain services. In doing so, we collect, process and use personal data insofar as this is legally permissible, is necessary, and you have consented for us to do so.
As the responsible body, we, finAPI GmbH, Adams-Lehmann-Str. 44, 80797 Munich, take all legally required measures to protect your personal data. Our company data protection officer can be reached at the data protection department at the above address, or by e-mail at firstname.lastname@example.org.
When you access our website, the browser used on your device automatically sends information to the server of our website where it is temporarily stored in a so-called log file. We have no influence on this. The following information is collected without your intervention and stored until automatic deletion:
The IP address of your device and the other data listed above are used by us for the following purposes:
The data is stored for a period of 28 days and then automatically deleted. Furthermore, we use so-called cookies and tracking tools for our website. The exact procedures involved and how your data is used for this purpose are explained in more detail below (see 7).
Personal data is collected, processed and used by us to the extent necessary to process your request and to transfer it to our CRM systems.
The data processing serves the purpose of establishing contact and initiating a contract. The processing is based on Art. 6 (1) (b) of the EU General Data Protection Regulation (GDPR).
Personal data is collected, processed and used by us insofar as this is necessary to provide the information published by our company or to contact you as requested. We also use your data to inform you about company news by mail or telephone, for example, to send press releases. When we contact you, we are guided by the relevance of our message and the thematic focus of your journalistic work.
Personal data is collected, processed and used by us to the extent necessary to process your application and to contact you as requested. We pass on your personal data within our company only to persons who require this data to fulfill contractual and legal obligations or to implement our legitimate interests. To optimize our applicant management, we work with the software solution of Coveto ATS GmbH, to which we transfer data that is necessary and legally permissible for the applicant process in accordance with Art. 28 GPDR. You can find more information about Coveto’s data protection at www.coveto.de/datenschutz.
Insofar as you have concluded a contract with us, or we manage you as an interested party, we process your address data and criteria of advertising selection on the basis of Art. 6 (1) (a) and (f) of the GDPR in order to send you such information and offers from us and other companies. The newsletter may be sent by means of a shipping service provider. If you do not want this, you can object to the use of your data for advertising purposes at any time.
We also process your data for market and opinion research. We use this exclusively in anonymized form for statistical purposes and only for finAPI. Your answers in surveys are not passed on to third parties or published. We do not store the answers from our surveys together with your e-mail address or other personal data. You can object to the use of data for market and opinion research at any time, either in full or for specific measures, without incurring any costs other than the transmission costs of your message to us. A notification in text form (e.g. e-mail, letter) to finAPI GmbH, Adams-Lehmann-Str. 44, 80797 Munich or to email@example.com is sufficient for this purpose. Of course, you will also find an unsubscribe link in every survey e-mail.
You may object to the use of your personal data for advertising purposes at any time, either in whole or in part, without incurring any costs other than the transmission costs of your message to us. A notification in text form to finAPI GmbH, Adams-Lehmann-Str. 44, 80797 Munich or to firstname.lastname@example.org is sufficient for this purpose.
If you object, the contact address concerned will be blocked from further data processing for advertising purposes. We would like to point out that in exceptional cases, advertising material may still be sent temporarily after receipt of your objection. This is due to the lead time necessary for advertising campaigns, especially via post, and does not mean that we will not implement your objection. Thank you for your understanding.
finAPI processes personal data on the basis of the provisions of the GPDR (also with the help of service providers). The processing is carried out on the basis of consents pursuant to Art. 6 (1) (a) GPDR as well as on the basis of Art. 6 (1) (b) as well as (f) GPDR, insofar as the processing is necessary for the completion of a contract to which the data subject is a party; or for the implementation of pre-contractual measures; or insofar as the processing is necessary for the protection of our legitimate interests or those of a third party or the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, are not overridden. Data processing operations carried out by finAPI in the context of a legal obligation are carried out on the basis of Art. 6 (1) (c) GPDR. On the basis of Art. 6 (1) (f) GPDR, we process your address data and advertising selection criteria in order to send you information and offers from us and other companies. If you do not wish this, you can object to the use of your data for advertising purposes with us at any time. Consents can be revoked at any time vis-à-vis finAPI. This also applies to consents that were already given before the GPDR came into force. The revocation of consent does not affect the lawfulness of the personal data processed until the revocation.
Personal data, for example surname, first name, date of birth, place of birth, address as well as communication data and identification data.
Any information you provide to us by entering it on these web pages will be stored on a server located in a country in the European Union and forwarded only to the appropriate parties within the company to process your inquiries and requests.
Service providers we use may also receive data from us in order to fulfill the prescribed purposes. These may, for example, be companies in the categories of IT services, printing services, marketing, sales or telecommunications.
Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your device, do not contain viruses, Trojans or other malware. In the cookie, information is stored in connection with the specific end device used.
The legal basis of data processing for cookies requiring consent is Article 6(1)(a) GPDR. This data includes, but is not limited to, page views, length of stay, country, etc. We analyze these statistical data to improve our offer and to check the acceptance of individual web pages. Invisible GIFs are only used to position elements on the website. No other functions are associated with the invisible GIFs used. These cookies are stored by your browser and are usually deleted when you close the browser. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website. The storage period of cookies depends on their purpose and differs.
We recommend that for shared computers that are set to accept cookies, you always log out completely when finished.
Which cookies are currently used by us is explained in more detail in the following section. You can manage the cookies independently – HERE – quickly and easily and change your settings at any time.
Our website uses the cookie consent technology of a Consent Manager Provider to obtain your consent to the storage of certain cookies on your terminal device and to document this in accordance with data protection law. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, website: https://www.cookiebot.com/ (hereinafter “the Consent Manager Provider”).
When you visit our website a connection is established to the servers of the Consent Manager Provider in order to obtain your consents and other declarations regarding cookie use. Subsequently, the Consent Manager Provider stores a cookie in your browser in order to be able record your consent or non-consent for non-essential cookies. The data collected in this way are stored until you request us to delete them, you delete the Consent Manager Provider cookie yourself, or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
With your consent, we use the web analysis tool Matomo to analyze and statistically evaluate the use of the website. Cookies are used for this purpose. The information about website usage obtained in this way is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use the data to evaluate the use of the website. The data collected will not be passed on to third parties.
The IP addresses are anonymized (IP masking), so that an assignment to individual users is not possible.
The processing of the data is based on Art. 6 para. 1 p. 1 lit. a GDPR. We thereby pursue our legitimate interest in optimizing our website for our public image.
You can revoke your consent at any time by deleting the cookies in your browser or changing your privacy settings.
On our website, we offer you the option of subscribing to our newsletter or registering for e-mail automation lists, e.g. for communication in the context with test accounts or orders. We use the so-called double opt-in procedure to register for these e-mail services. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided, in which we ask you to confirm your registration. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
You can revoke your consent to the sending and unsubscribe from the e-mail services at any time. You can declare the cancellation by clicking on the unsubscribe link provided in each e-mail, by e-mail to email@example.com or by sending a message to the contact details given in the imprint. Your data for the e-mail service will be deleted within 3 months after unsubscribing, except if there are legal obligations to keep records.
We generally only store your data for as long as is necessary for the respective purpose of the data processing (e.g. processing your request or legal retention periods).
We store the data collected for the processing of the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After the expiry of this period, we retain the information of the contractual relationship required by commercial and tax law for the periods determined by law. For this period (generally ten years from the conclusion of the contract), the data is processed again solely in the event of an audit by the tax authorities.
The duration of data storage for advertising purposes does not follow any rigid principles and is based on the question of whether storage is necessary for the advertising approach. In addition, we follow the principle of deleting data for advertising use 4 years after the end of the contract or 4 years after the end of any marketing contacts. Advertising objections are not deleted.
We store the data we process as part of the recruitment process for up to 6 months after the application process has been completed.
In particular justified cases we also store data for longer periods, such as if a public authority requires this or if the data is needed for legal reasons, e.g., to provide evidence in a court case.
If we use service providers outside the EU or the European Economic Area (EEA), we take appropriate and suitable safeguards in accordance with Art. 44 ff. GDPR (conclusion of EU standard contracts, additional technical and organizational measures such as encryption or anonymization etc.) to ensure an adequate level of data protection for the transfer of personal data. Please note that despite careful selection of a service provider, the service provider may process data outside the EU or EEA or may be subject to a different jurisdiction due to its registered office and thus may not provide an adequate level of data protection.
In addition to the right to revoke the consent you have given to us you have the following additional rights if the respective legal requirements are met:
You can address your respective concerns in writing to finAPI GmbH, Adams-Lehmann-Str. 44, 80797 Munich, Germany, or by e-mail to firstname.lastname@example.org. In addition, you have the option of contacting the supervisory authority responsible for finAPI, the Bavarian State Office for Data Protection (BayLDA).
Under the conditions of Art. 21 (1) GPDR, all processing of your data may be objected to for reasons arising from the particular situation of the data subject. This objection should be addressed to finAPI GmbH, Adams-Lehmann-Str. 44, 80797 Munich.
The above general right to object applies to all processing purposes described in this data protection policy that are processed on the basis of Article 6(1)(f) GDPR. Unlike the specific right of objection to data processing for advertising purposes, we are only obliged under the GDPR to implement such a general right of objection if you provide us with reasons of overriding importance for doing so (e.g. a possible risk to life or health). In addition, you have the option of contacting the supervisory authority responsible for finAPI, the Bavarian State Office for Data Protection Supervision (BayLDA).
All data transmitted by you personally will be transferred with the generally used and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure SSL connection, among other things, by the appended s at the http (i.e. https://…) in the address bar of your browser or by the lock symbol in the lower area of your browser.