1. General Information
The responsible body in the sense of the data protection laws is:
Managing Director: Dr. Martin LacherDr. Florian Haagenand Dr. Felix Lowinski
80797 Munich, Germany
Phone: + 49 89 4161 7755-5
Contact Data Protection Officer
If you have any questions about data protection, please send us an e-mail or contact our data protection officer directly:
Mrs. Andrea Schneider
80797 Munich, Germany
Phone: +49 89 4161 7755-0
2. Data storage, data usage and data security
Gathering General Information
Data protection is very important for finAPI.
When accessing our website, information of a general nature is automatically collected. This information (server logfiles) includes e.g. the type of Web browser, the operating system used, the domain name of your Internet service provider and the like. This is solely information that does not allow you to make any conclusions about yourself. This information is technically necessary in order to correctly deliver requested content from Web pages and is mandatory when using the Internet. We statistically evaluate such anonymous information in order to optimize our Internet presence and underlies technology.
Registration on our website
When registering for the use of our personalized services, some personal data is collected, such as name, address, contact and communication data such as telephone number and e-mail address. We use these to fulfil our contractual obligations on the basis of article 6 (1) lit. B. DSGVO. If you are registered with us, you can access content and services that we only offer registered users.
Provision of optional paid services
For the provision of optional chargeable services, we will ask for additional data, such as payment details. We also use these to fulfil our contractual obligations on the basis of article 6 (1) lit. B. DSGVO.
When you register to subscribe to our newsletter, the information you provide will be used exclusively for this purpose. Subscribers can also be notified of changes by e-mail that are relevant to the service or registration (for example, changes to the newsletter offer or technical circumstances).
For an effective registration we need a valid e-mail address, your first name, your surname and the company name. In order to verify that an application is actually made by the owner of an e-mail address, we use the "double opt-in" procedure. For this we log the order of the newsletter, the sending of a confirmation mail and the receipt of the requested answer. No further data will be collected. The data is used exclusively for the sending of the newsletter and is not passed on to third parties.
You can revoke your consent to the storage of your personal data and your use for the sending of newsletters at any time. In each newsletter you will find a corresponding link. You can also tell us your request via the above mentioned contact option.
Newsletter – Mailchimp
The newsletter is sent by the shipping service provider "MailChimp", a Newsletterversandplattform of the US supplier The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the data protection regulations of the shipping service provider here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/A MAILCHIMP is certified under the Privacy Shield Agreement and provides a guarantee to comply with the European level of data protection. The shipping service provider shall be based on our legitimate interests in accordance with article 6 (1). F. DSGVO and an order Processing contract pursuant to article 28 (3) p. 1 DSGVO.
The shipping service provider can use the data of the recipients in pseudonomized form, i.e. without assigning them to a user, to optimize or improve their own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletters or for Use for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write it ourselves or to pass the data on to third parties.
If you contact us by e-mail or contact form, the information you provide will be saved for the purpose of processing the request and for any further questions. The data of the users can be stored in our Customer Relationship Management system ("CRM system") or similar request organization.
The purpose of the data processing is to contact you. By submitting your message, you consent to the processing of the transmitted data. The processing is carried out on the basis of article 6 (1) lit. b DSGVO with your consent. You can revoke your consent at any time by notifying us without the legality of the processing due to the consent until the withdrawal is affected. We use your e-mail address only to process your request. Your data will then be deleted if you have not agreed to further processing and use.
Your data will be deleted automatically as soon as the purpose for your particular survey is eliminated (for example, answering your request via the contact form; Unsubscribe from our newsletter, termination of your contractual relationship with finAPI GmbH). An exception exists with regard to such data, which we are obliged to retain by law. Such retention obligations arise, for example, from the Zahlungsdiensteaufsichtsgesetz, the Commercial Code, and the tax code and may be up to ten full calendar years. The data processing is carried out on the basis of article 6 (1) sentence 1 lit. c) DSGVO. A further exception exists in respect of such data, for the purposes of which it is stored for the purpose of the preservation of evidence in the framework of civil law statutes of limitations beyond the end of the contractual relationship a legitimate interest of finAPI GmbH. Such limitation periods may be up to 30 years, with the regular limitation period being three full calendar years. The data processing is carried out on the basis of article 6 (1) sentence 1 lit. f) DSGVO.
Transfer of data
In no case shall the data be passed on to uninvolved third parties unless this is provided for by law. If third parties are involved in the provision of a service, we shall indicate them in advance, with explicit mention of the third parties involved.
Provision of data
There is no legal obligation that you must provide us with your data. However, certain data are required so that we can answer your request, send our newsletter or conclude a contract with you or fulfill this agreement.
Rights concerned, right of appeal
You have a number of data privacy rights, which we inform you in section 3 separately. You can also complain to a data protection supervisory authority at any time.
Automated decision-making, profiling
In order to protect the security of your data during transmission, we use the current state of the art appropriate encryption methods (e.g. SSL) over HTTPS.
3. Data privacy rights
General Data privacy rights
You have the right to information according to article 15 of the DSGVO, the right to rectification under article 16 DSGVO, the right to delete according to article 17 DSGVO, the right to restrict the processing according to article 18 DSGVO, the right to object to opposition under article 21 DSGVO and the right to Data transferability from article 20 DSGVO.
Some data processing operations are only possible with your express consent. You can revoke an already given consent at any time. The legality of the data processing until the revocation remains unaffected by the revocation.
Exercise of data privacy rights, co-operation obligations and restrictions
For the exercise of certain opposition and revocation rights there are sporadic possibilities for the operation of links or buttons; You will be made aware of this separately in each context.
In addition, you can contact our data protection officer at any time by post or e-mail to assert your privacy rights (contact details above).
Please note that we may only process your entry if you provide us with your full first and last name, your current and possibly also old address, your date of birth and your e-mail address. This information is for comparison purposes only and is therefore a protection for you, so that non-unauthorized third parties can receive your personal data or exercise your privacy rights. It would also be desirable and helpful, but not necessary, to include any offer, transaction and/or contract numbers that we have communicated to you so that we can quickly identify the data in question.
If you exercise your privacy rights, please note the following: The restrictions under § § 34 and 35 BDSG apply to the right of information and the right of cancellation. Furthermore, limitations may arise from the fact that a complete or partial fulfilment of your data rights in individual cases is contrary to other legal provisions or a legitimate interest of finAPI GmbH.
4. Tracking Technologies/Cookies
We use so-called "cookies". Cookies are small text files that are transferred from a Web server to your PC. As a result, we automatically receive certain data such as IP address, browser used, operating system through your computer, and your connection to the Internet.
The processing takes place on the basis of § 15 (3) TMG as well as article 6 (1) lit. F DSGVO from the legitimate interest in the above-mentioned purposes. The data collected in this way will be pseudonymisiert by technical precautions. It is therefore no longer possible to assign the data to your person. The data will not be stored together with other personal data from you.
You have the right to object at any time to the processing of any personal data relating to you, based on article 6 (1) F DSGVO. In no case will a link with personal data be established without your consent.
You can also delete cookies stored in your Web browser at any time. If you have deleted all your cookies in the browser, you may have to set the desired opt-out cookies again.
Using Google Analytics
We rely on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer) on the basis of article 6 (1) lit. F DSGVO) Google Analytics, a web Analysis Service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter referred to as "Google"). Google Analytics uses so-called "cookies", i.e. text files that are stored on your computer and which allow you to analyze the use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these web pages, Google's IP address will be shortened in advance within Member States of the European Union or in other contracting States of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and shortened there. On behalf of the operator of this website, Google will use this information in order to evaluate your use of the website, to compile reports on the website activities and to make further use of the website and Internet usage related To provide services to the website operator. The IP address submitted by your browser as part of Google Analytics will not be merged with other Google data. Your data will be sent to the USA if necessary. A decision of adequacy by the European Commission exists for data transfers to the United States. You have the right to object at any time to the processing of any personal data relating to you, based on article 6 (1) F DSGVO.
You can prevent the storage of cookies by a corresponding setting of your browser software; However, we would point out that in this case you may not be able to use all the functions of this website to its full extent. You can also prevent Google from capturing the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by using the information available at the following link Download and install browser plugin: Browser add-on to disable Google Analytics. You will need to do this separately for each browser used on your devices.
If you have deleted all your cookies in the browser, you may have to set the desired opt-out cookies again.
Using Scriptbibliotheken (Google Fonts)
In order to display our content in a browser-spanning, correct and graphically appealing way, we use Scriptbibliotheken and font libraries on our website, such as Google fonts (https://www.google.com/webfonts/). Google fonts are transferred to the cache of your browser to avoid multiple loading. If the browser does not support or prevents access to Google fonts, content is displayed in a standard font.
Calling Scriptbibliotheken or font libraries automatically triggers a connection to the library's operator. It is theoretically possible – but currently also unclear whether and if necessary for what purposes – that operators of corresponding libraries collect data.
The data protection policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
For more detailed information on Google fonts, see Https://developers.google.com/fonts/faq?hl=de-DE&csw=1
Our website uses Google conversion tracking, an Analysis service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). If you have reached our website via a Google-switched ad, Google AdWords, not us, will store a so-called "conversion cookie" on your computer. The conversion tracking cookie is set when a user clicks on a Google-enabled AD. These cookies expire after 30 days and are not intended for personal identification. Every AdWords customer and so we also get a different cookie from Google. As a result, cookies cannot be tracked through the websites of different advertisers.
If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to that page. Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through the websites of AdWords customers and therefore not through our website. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers will see the total number of users who clicked on your ad and were redirected to a conversion tracking tag page. However, you do not receive any information that allows users to identify themselves personally.
The processing is carried out on the basis of article 6 (1) lit. F DSGVO from the legitimate interest in targeted advertising and the analysis of the impact and efficiency of this advertising.
If you do not want to participate in the tracking, you can reject the required setting of a cookie – e.g. via a browser setting, which generally deactivates the automatic setting of cookies or set your browser so that cookies from the domain " Googleleadservices.com ". Please keep in mind that disabling the setting of cookies may cause the webpage to stop displaying correctly.
For more information about the usage and privacy policies for this product, see
Here: http://www.google.com/policies/technologies/ads/ and http://www.google.com/intl/de/policies/privacy/
Using Google remarketing
This website uses the remarketing function of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). The purpose of this feature is to present web page visitors with interest-related ads within the Google network. A so-called "cookie" is stored in the browser of the visitor to the website, which makes it possible to recognize the visitors when they visit websites that belong to the Google advertising network. On these pages, visitors can be presented with advertisements that refer to content that the visitor has previously accessed on Web pages that use the remarketing feature of Google.
Your data will also be transmitted to the USA if necessary. A decision of adequacy by the European Commission exists for data transfers to the United States.
The processing is carried out on the basis of article 6 (1) lit. F DSGVO is of the legitimate interest to target visitors to our web site with advertising by providing personalized, interest-related ads when they visit other websites on the Google display network. You have the right at any time to use this on article 6 (1) lit. (f) DSGVO the processing of the relevant personal data relating to them.
Use of finAPI Services