The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is: Level28 UG (limited liability) Managing Director: Sami Lechner Blumenstr. 30 69214 Eppelheim +49 6221 5997007
We only process personal data that is essential for the functionalities of our service. Personal data is any individual information that relates to a person or that is suitable to establish a relationship to a person, such as the first name, an e-mail address, an address and the like. Personal data may therefore allow conclusions to be drawn about the identity of a person.
Art. 6 Section 1 S.1 EU General Data Protection Regulation (GDPR) serves
as the legal basis for the processing of personal data. In connection with
our processing of your data, you have the following rights:
(1) Right to information pursuant to Art. 15 GDPR about the processing of
your personal data by us for processing purposes, categories of data
processed, recipients or categories of recipients, duration of storage or
criteria for determining the duration, right to rectification, erasure,
restriction of processing or objection to processing, right of appeal to
the supervisory authority, if applicable information about the origin of
the data and the existence of automated decision-making and, if
applicable, information about guarantees pursuant to Art. 46 GDPR in the
event of transmission to a third country or international organizations;
(2) Right to immediate rectification of incorrect or completion of
incomplete personal data pursuant to Art. 16 GDPR;
(3) Right to erasure of stored personal data pursuant to Art. 17 GDPR if
the data is no longer necessary for the purposes for which it was
collected or otherwise processed, if consent has been revoked and there is
no other legal basis, if objection to processing has been filed and the
data may no longer be processed pursuant to Art. 21 Para. 1 or 2 GDPR, if
the data has been processed unlawfully, if the erasure is necessary to
fulfill a legal obligation, or if the data has been collected in relation
to services offered by an information society pursuant to Art. 8 Para. 1
GDPR. This does not apply to the extent that processing is necessary for
the exercise of the right to freedom of expression and information,
compliance with a legal obligation, reasons of public interest or for the
establishment, exercise or defense of legal claims. If you wish to request
the deletion of your personal data, you can do so in the Unypan Mobile
App.
(4) Right to restriction of processing pursuant to Art. 18 GDPR if you
dispute the accuracy of the data (namely for the duration required to
verify the accuracy), if the processing is unlawful, but you refuse the
erasure and instead request the restriction of use, if we no longer need
the data for the purposes of processing, but you need the data for the
establishment, exercise or defense of legal claims, or if you have
objected to processing pursuant to Art. 21 Para. 1 GDPR, as long as it has
not yet been determined whether our legitimate grounds outweigh your
legitimate grounds;
(5) Right to object to the processing of your personal data pursuant to
Art. 21 Para. 2 GDPR (if the data is processed for the purpose of direct
advertising) or pursuant to Art. 21 Para. 1 GDPR (if the processing is
carried out pursuant to Art. 6 Para. 1 S. 1 e) or f) GDPR, for reasons
arising from your particular situation, unless we have compelling
legitimate grounds for processing that outweigh your interests, or the
processing serves the establishment, exercise or defense of legal claims).
For more information on the right to object, please also refer to Section
23. below;
(6) Right to data portability pursuant to Art. 20 GDPR, i.e. to receive
the personal data concerning you that you have provided to us in a
structured, commonly used and machine-readable format or to transmit it to
another controller;
(7) Right to revoke consent at any time pursuant to Art. 7 Para. 3 GDPR.
The revocation has the consequence that we may no longer carry out the
data processing for the future from the time of the revocation. See also
Section 24. below;
(8) Right to lodge a complaint with a supervisory authority pursuant to
Art. 77 GDPR. The supervisory authority responsible for us can be found
under Section 4. above. The right to lodge a complaint is without
prejudice to other administrative or judicial remedies.
(9) Please send all information requests, requests for information or
objections to data processing by e-mail to info@level28.de or to the
address specified in point 1 para. 2.
Automated decision-making is not applied here.
The address of the supervisory authority responsible for us is:
The Heidelberg Commissioner for Data Protection and Freedom of Information
Rohrbacherstraße 12,
69115 Heidelberg
E-mail: datenschutz@heidelberg.de
Homepage: http://www.heidelberg.de
(1) Each time our website is accessed, access data is stored in a log file on the server of our provider. (2) This data is collected for technical reasons. An evaluation takes place exclusively for statistical purposes (number of visitors and page popularity) and without personal reference. The processing is based on Art. 6 Para. 1 lit. f GDPR, whereby our legitimate interest lies in gaining knowledge about the use of our website and our services in order to optimize them and adapt them to the needs of users. (3) Deletion takes place automatically after 31 days at the latest. (4) Information on the provider and hosting can be found under point 6.6.
(1) When using the website for informational purposes only, i.e. if you do not register to use the website, register or otherwise transmit information to us, we do not collect any personal data, with the exception of the data mentioned under 6.1, which your browser transmits in order to technically enable you to visit the website. (2) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you usually have to provide further personal data that we use to provide the respective service. If additional voluntary information is possible, this is marked accordingly. (3) When you contact one of our employees by e-mail or via the contact form, your e-mail address and, if you provide it, your name will be stored by us in order to answer your questions and provide you with the best possible service. (4) The legal basis for this data processing of the personal data of interested parties and customers is Art. 6 Para. 1 S. 1 based on a) your consent, b) for the fulfillment of contractual obligations, c) based on legal requirements or in the public interest and f) the processing to protect the legitimate interests of the controller. Our legitimate interest lies in providing optimal support to our customers, efficiently managing our business operations and further developing our services and products. In addition, processing may also be necessary to pursue legal claims or defend against such claims.
Your personal data will be stored by us for as long as it is required for the respective purposes underlying the processing. In addition, we only store data to the extent that we are legally obliged to do so, e.g. due to statutory retention obligations.
(1) Description and Scope of Data Processing We use cookies in the
operation of our website. Cookies are small files that make it possible to
store specific information related to you on your PC or other end devices.
In the settings of the web browser used, you can set how cookies are
handled and deactivate, restrict and control the use of cookies. On our
website, in addition to the necessary cookies, we use performance and
functional cookies. Please note that deactivating cookies may affect the
full functionality of our website and we cannot guarantee full
functionality.
(2) Type of Storage
The user data collected by cookies is stored independently of the master data
and cannot be assigned to a specific user. When you access our website, consent
for the processing of personal data and the setting of cookies is obtained
and reference is made to the privacy policy.
(3) Purpose of Data Processing
The purpose of using technically necessary cookies is to simplify the use of
websites for users. Some functions of our website cannot be offered without
the use of cookies. For these, it is necessary that the browser is recognized
even after a page change.
(4) Legal Basis for Data Processing
The legal basis for the processing of personal data using technically necessary
cookies is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest lies in
providing a functional and convenient website.
(5) Duration of Storage, Possibility of Objection and Removal
Cookies are stored on the respective device of the user. The user has the possibility
to control the cookies that are set on the device through the settings of his
browser.
Our website is hosted on the servers of STRATO AG in Germany. STRATO AG,
Pascalstraße 10, 10587 Berlin, Germany https://www.strato.de/impressum/
(2) We do not store automated log files when using our website.
We secure our website and other systems through suitable technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Despite regular controls, complete protection against all hazards cannot be 100% guaranteed. Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can recognize whether an encrypted transmission is taking place by the closed key/lock symbol in the display of your browser.
We use Matomo, an open-source web analytics platform, on our website and mobile app to track and analyze our user activity. This allows us to improve our services and offerings and provide a better experience for our users. We have self-hosted Matomo to ensure that your data is safe and secure. We do not transfer your data to third parties. We do not store IP addresses and guarantee that all information we collect is anonymized. We ensure that the use of Matomo is fully compliant with the data protection provisions of the EU General Data Protection Regulation (GDPR) and that no personal data is collected for this purpose.
(1) When the mobile application communicates with the backend systems,
anonymized access data is stored.
(2) This data is used to optimize our systems, statistics and detect
unauthorized requests. An evaluation takes place without personal
reference. The processing is based on Art. 6 Para. 1 lit. f GDPR, whereby
our legitimate interest lies in gaining knowledge about the use of our
systems and our services in order to optimize them and adapt them to the
needs of users.
(3) Deletion takes place automatically after 90 days at the latest.
Your personal data will be stored by us for as long as it is required for the respective purposes underlying the processing. In addition, we only store data to the extent that we are legally obliged to do so, e.g. due to statutory retention obligations.
(1) Our systems are hosted on the servers of Contabo GmbH in Germany.
Contabo GmbH, Aschauer Straße 32a, 81549 Munich, Germany
https://contabo.com/de/legal/impressum/
(2) Our databases are hosted on the servers of MongoDB, Inc. in Germany.
MongoDB, Inc. 1633 Broadway, 38th Floor New York NY 10019 USA
https://www.mongodb.com/legal/terms-of-use
(3) The legal basis for data processing is Art. 6 Para.1 S.1 lit. a and b
GDPR. Our legitimate interest lies in the above-mentioned purposes of data
processing. If the user has given consent under data protection law, the
legal basis for data processing is Art. 6 Para.1 S.1 lit. a GDPR.
We secure our backend systems and other systems through suitable technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Despite regular controls, complete protection against all hazards cannot be 100% guaranteed. Our mobile applications use the industry standard SSL (Secure Sockets Layer) for encrypted communication. This ensures the confidentiality of your personal information over the Internet.
This privacy policy is dated January 28, 2023. It is the current and valid version of our privacy policy. However, we would like to point out that from time to time, due to actual or legal changes, a revision of this privacy policy may become necessary.