Skip to content

Data privacy statement

1. Name and contact details of the controller and the company data protection officern

This privacy information applies to data processing by:

Responsible: René Herrmann, Turmstraße 55, D-10551 Berlin, Germany
Email: info@tinkerbots.com

Phone: +49 (0)30 – 23546440

You can reach the responsible data protection officer at
DSB | Bunzel Data Protection – Mommsenstraße 55, 10629 Berlin – 03088773618

office@bunzel-datenschutz.de

2. Erhebung und Speicherung personenbezogener Daten sowie Art und Zweck von deren Verwendung

a.) Beim Besuch der Website

Beim Aufrufen unserer Website www.tinkerbots.de werden durch den auf Ihrem Endgerät zum Einsatz kommenden Browser automatisch Informationen an den Server unserer Website gesendet. Diese Informationen werden temporär in einem sog. Logfile gespeichert. Folgende Informationen werden dabei ohne Ihr Zutun erfasst und bis zur automatisierten Löschung gespeichert:

  • IP-Adresse des anfragenden Rechners,
  • Datum und Uhrzeit des Zugriffs,
  • Name und URL der abgerufenen Datei,
  • Website, von der aus der Zugriff erfolgt (Referrer-URL),
  • verwendeter Browser und ggf. das Betriebssystem Ihres Rechners sowie der Name Ihres Access-Providers.

Die genannten Daten werden durch uns zu folgenden Zwecken verarbeitet:

  • Gewährleistung eines reibungslosen Verbindungsaufbaus der Website,
  • Gewährleistung einer komfortablen Nutzung unserer Website,
  • Auswertung der Systemsicherheit und -stabilität sowie
  • zu weiteren administrativen Zwecken.

Die Rechtsgrundlage für die Datenverarbeitung ist Art. 6 Abs. 1 S. 1 lit. f DSGVO. Unser berechtigtes Interesse folgt aus oben aufgelisteten Zwecken zur Datenerhebung. In keinem Fall verwenden wir die erhobenen Daten zu dem Zweck, Rückschlüsse auf Ihre Person zu ziehen.

Darüber hinaus setzen wir beim Besuch unserer Website Cookies sowie Analysedienste ein. Nähere Erläuterungen dazu erhalten Sie unter den Ziff. 4 und 5 dieser Datenschutzerklärung.

b.) Bei Anmeldung für unseren Newsletter

Sofern Sie nach Art. 6 Abs. 1 S. 1 lit. a DSGVO ausdrücklich eingewilligt haben, verwenden wir Ihre E-Mail-Adresse dafür, Ihnen regelmäßig unseren Newsletter zu übersenden. Für den Empfang des Newsletters ist die Angabe einer E-Mail-Adresse ausreichend.

Die Abmeldung ist jederzeit möglich, zum Beispiel über einen Link am Ende eines jeden Newsletters. Alternativ können Sie sich auch jederzeit direkt über diesen Link abmelden.

c.) Bei Nutzung unseres Kontaktformulars

Bei Fragen jeglicher Art bieten wir Ihnen die Möglichkeit, mit uns über ein auf der Website bereitgestelltes Formular Kontakt aufzunehmen. Dabei ist die Angabe einer gültigen E-Mail-Adresse erforderlich, damit wir wissen, von wem die Anfrage stammt und um diese beantworten zu können. Weitere Angaben können freiwillig getätigt werden.

Die Datenverarbeitung zum Zwecke der Kontaktaufnahme mit uns erfolgt nach Art. 6 Abs. 1 S. 1 lit. a DSGVO auf Grundlage Ihrer freiwillig erteilten Einwilligung.

Die für die Benutzung des Kontaktformulars von uns erhobenen personenbezogenen Daten werden nach Erledigung der von Ihnen gestellten Anfrage automatisch gelöscht.

3. Transfer of Data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

you have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, and
this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR.

4. Cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware.

Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we are immediately informed of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our services for you (see section 5). These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined time.

The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.

5. Analysis tools

a.) Tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified in the sense of the aforementioned regulation.

The respective data processing purposes and data categories can be taken from the corresponding tracking tools.

a1) Google Analytics

For the purpose of designing and continuously optimizing our pages according to your needs, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymised user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version,
  • the operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous, so that an assignment is not possible (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting the data by clicking on this link. An opt-out cookie is set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=de).

a2) Google Adwords Conversion Tracking

In order to statistically record the use of our website and evaluate it for the purpose of optimizing our website for you, we also use Google Conversion Tracking. Google Adwords sets a cookie (see point 4) on your computer if you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client’s website and the cookie has not yet expired, Google and the client can recognize that the user clicked on the ad and was redirected to that page.

Each Adwords client receives a different cookie. As a result, cookies cannot be tracked on the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords advertisers know the total number of users who have clicked on their ad and been redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking procedure, you can also refuse the necessary setting of a cookie – for example, by changing your browser setting that generally deactivates the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”. Google’s privacy policy on conversion tracking can be found here (https://services.google.com/sitestats/de.html).

 

 

6. Social media plug-ins

We use social plug-ins of the social networks Facebook, Twitter and Instagram on our website on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR in order to make our company more popular. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection compliant operation is to be guaranteed by their respective providers. The integration of these plug-ins by us takes place by means of the so-called two-click method in order to protect visitors to our website in the best possible way.

6a) Facebook

On our website, social media plugins from Facebook are used to make their use more personal. For this we use the “LIKE” or “SHARE” button. This is an offer from Facebook.

If you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the website by it.

Through the integration of the plugin, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet your needs. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements shown to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to the Facebook data protection information (https://www.facebook.com/about/privacy/).

6b) Twitter

On our website you will find plugins of the short message network of Twitter Inc. (Twitter) are integrated. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of tweet buttons here (https://about.twitter.com/resources/buttons).

If you call up a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while you are logged in to your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not want Twitter to be able to link your visit to our pages, please log out of your Twitter user account.

For further information, please refer to the Twitter privacy policy (https://twitter.com/privacy).

6c.) Instagram

Our site also uses social plugins (“Plugins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

The plugins are marked with an Instagram logo, for example in the form of an “Instagram Camera”.

When you access a page on our site that contains such a plug-in, your browser will establish a direct connection to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. This integration informs Instagram that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram.

This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. When you interact with the plug-ins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.

The information is also published to your Instagram account and displayed to your contacts.

If you do not want Instagram to associate the information collected through our website directly with your Instagram account, you must log out of Instagram before visiting our website.

For more information, please refer to Instagram’s Privacy Policy (https://help.instagram.com/155833707900388).

 

7. Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged storage period, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details thereof;
  • in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 GDPR to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;
    in accordance with Art. 7 para. 3 DSGVO, to revoke your consent to us at any time. As a result, we may no longer continue data processing based on this consent in the future and
  • to complain to a supervisory authority in accordance with Art. 77 DSGVO As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to our head office.

8. Right of objection

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without indicating a special situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to info@tinkerbots.com.

9. Data security

We use the common SSL (Secure Socket Layer) method in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

10. Topicality and amendment of this data protection declaration

This data protection declaration is currently valid and has the status of May 2018.

It may become necessary to amend this data protection declaration as a result of the further development of our website and offers on it or due to changes in legal or official requirements. You can access and print out the current data protection declaration at any time on the website at https://www.tinkerbots.de/data-privacy-statement/?lang=en.

Privacy Policy Software

Any collection, use, storage, deletion or other utilization (hereinafter referred to as “processing”) of data serves exclusively to provide our services. The services of Kinematics GmbH have been designed with the aim of using as little personal data as possible. In this context, “personal data” (hereinafter also referred to as “data”) is understood to mean all individual details concerning personal or factual circumstances of a specific or identifiable natural person (so-called “data subject”).

The following explanations on data protection describe what types of personal data are processed when using our “Tinkerbots Blockly”, “Tinkerbots World” and “My First Robot App” Apps, what happens to this personal data and how you can, if necessary, object to data processing.

1. general information about data processing on this app

1.1 Responsible person

is the responsible person in the sense of the EU data protection basic regulation (DSGVO):

Kinematics GmbH
Address:
Spreeallee 2
16321 Bernau

Phone: +49 (0) 3023546440
e-mail: hello@tinkerbots.com
Homepage: https://www.tinkerbots.de/

1.2 Protection of your data

We have taken technical and organisational measures to ensure that the provisions of the DSGVO are observed.

When we work together with other companies to provide our services, this is only done after an extensive selection process. In this selection procedure, each individual service provider is carefully selected for its suitability in connection with technical and organisational data protection skills. This selection procedure is documented in writing and a contract pursuant to Art. 28 Para. 3 GDPR for the processing of personal data on behalf (ADV contract) is only concluded if it meets the requirements of Art. 28 GDPR.

Your details will be stored on specially protected servers. Access to them is only possible for a few specially authorised persons.

We would like to emphasise in particular the protection of data of underage users in the sense of the GDPR and the US Children’s Online Privacy Protection Act. Please note that for this protection, consent to data processing of minors under the age of 16 must be given by their parents. We urge parents to monitor the use of all digital media by their children.

1.3 Deletion of personal data

We process personal data only as long as necessary. As soon as the purpose of the data processing has been fulfilled, the data will be blocked and deleted in accordance with the standards of the local deletion concept, unless legal regulations contradict this.

2. data processing when using the apps

Our apps “Tinkerbots Blockly”, “Tinkerbots World” and “My First Robot App” work completely offline.

There is a robot firmware download from one of our servers (http://firmware.tinkerbots.com/) to the tablet/smartphone on which one of the three apps has been installed. However, this only becomes active if the tablet/smartphone is connected to the internet. No user data is sent to this server, only the firmware version available there is retrieved and then a firmware download is initiated if necessary.

Our apps do not collect any user data. Consequently, no data is passed on to third parties.

3. Note when using the Android version

We would like to point out that when using the Android version of our apps, the so-called “Coarse Location Permission” can be requested by the user.

This belongs to the confidential Android permissions. The user must grant this permission in order for the respective Android app to scan for Bluetooth Low Energy devices (the Tinkerbots – robots). This scan is necessary so that our customer can connect his tablet / smartphone with his Tinkerbots robot.

This authorization request is graphically displayed with a system dialog within the respective Tinkerbot app and must be granted/confirmed by the user. This is a security feature of Google. It allows the user to determine the approximate user location for a Bluetooth scan.

We do not use this permission to determine the approximate location of the user, but only for the Bluetooth scan. However, it is possible that Google may process this data.

The possible data processing for the European Economic Area and for Switzerland is carried out by:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The privacy policy of Google can be found at: https://www.google.com/policies/privacy/

3.1 Legal basis for data processing

The processing of this data is based on Art. 6 para. 1 sentence 1 lit. a) GDPR.

3.2 Purpose of data processing

The data processing by Google is for the purpose of enabling the use of the app. It serves the system security at Google.

3.3 Duration of data storage

According to Google, personal data is deleted as soon as it is no longer required for the above-mentioned purposes.

3.4 Possibility of removal by the data subject

The collection of data for the provision of the app (Android) is intended for the operation of the app by Google as a security feature. If you have any questions about privacy, you can contact Google using the following contact form: https://www.google.de/contact/.

4. Contact

4.1 Description and scope of data processing

Through our app it is possible to contact us via e-mail (support@tinkerbots.com). For this purpose, various data are required to answer the enquiry, which are automatically stored for processing.

The data will not be passed on to third parties.

4.2 Legal basis for data processing

The legal basis used here depends very much on what the reason for the user request is, which is why it is based either on Art. 6 para. 1 sentence 1 lit. a) GDPR or Art. 6 para. 1 sentence 1 lit. b) GDPR.

4.3 Purpose of data processing

We process your data exclusively to process your contact request.

4.4 Duration of data storage

Your data will be deleted by us immediately after we have answered your request. In rare cases, however, it may happen that we store your data for a longer period of time. This may result from legal or contractual obligations.

4.5 Possibility of removal by the person concerned

You can contact us at any time and object to further processing of your data. In this case we will unfortunately not be able to continue communication with you. All personal data processed by us in the course of contacting you will be deleted in this case, unless the deletion is opposed by legal obligations to store your data.

4.6 Domain Factory

4.6.1 Description and scope of data processing

With our app it is possible to contact us via e-mail.

The e-mail provider we use is Domain Factory:

domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning, Germany.

The data will not be passed on to third parties.

For further information on data protection at Domain Factory, please see the following link:

https://www.df.eu/de/datenschutz/

4.6.2 Legal basis for data processing

The legal basis used here is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest is to enable contact by e-mail with the app users.

4.6.3 Purpose of data processing

The data will be processed to forward your contact request to us.

4.6.4 Duration of data storage

Your data will be deleted as soon as the purpose of the data processing has been fulfilled and no legal, official or contractual retention periods prevent deletion. This is regularly the case after 25 days.

4.6.5 Possibility of removal by the data subject

You can contact us at any time and object to further processing of your data. In this case we will unfortunately not be able to continue communication with you. All personal data processed by us in the course of contacting you will be deleted in this case, unless the deletion is opposed by legal obligations to store your data.

4.7 Zendesk

4.7.1 Description and scope of data processing

Personal data is collected when contacting us by e-mail. This data is stored on our behalf via the ticket system Zendesk, a customer service platform, in order to be used by us.

The ticket system used by us is:

Zendesk Inc. 989 Market Street #300, San Francisco, CA 94102, USA.

The following data can be transmitted:

Recipient of the e-mail,
Mail server
Report of the spam server,
Address of the recipient mail server,
Date and time of the e-mail,
E-mail address of the sender,
Subject,
Content of the email
For more information on data protection at Zendesk, please follow this link: https://www.zendesk.de/company/customers-partners/privacy-policy/

4.7.2 Legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 sentence 1 letter f) GDPR. Our legitimate interest lies in the internal organisation and structuring of customer processes.

4.7.3 Purpose of data processing

The purpose of data processing is to answer your request and the related technical administration of storage and use.

4.7.4 Duration of data storage

The data will be deleted, unless official, legal or contractual regulations prevent deletion. This takes place regularly after 24 months.

4.7.5 Possibility of removal by the data subject

If you wish to exercise your rights, in particular the right of objection, you can contact us. If you have any questions regarding Zendesk’s privacy policy, please contact Zendesk at the following e-mail address: privacy@zendesk.com.

5. Data transfer to a third country

In order to be able to provide our services, we make use of the support of service providers from Europe as well as from third countries. In order to ensure the protection of your personal data even in the event of data transfer to a third country, we conclude special contract processing agreements with each of the carefully selected service providers. All of the service providers we use have sufficient evidence that they ensure data security through appropriate technical and organizational measures. Our service providers from third countries are either located in countries that have an adequate level of data protection recognised by the EU Commission (Art. 45 GDPR) or have provided suitable guarantees (Art. 46 GDPR). Below we list the categories of service providers, the countries in which they have their headquarters and the corresponding guarantees:

EU-US Privacy Shield: The Privacy Shield is an agreement between the United States of America and the European Union, which aims to ensure compliance with European data protection standards. You can find more information at:

Google, Android Play Store provider, USA, member of the EU-US Privacy Shield:
Zendesk, Customer Service Platform, USA, Member of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG
EU standard contractual clauses: Our provider has subjected itself to the EU standard contractual clauses in order to guarantee secure data transfer. You can find more information on this at: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF

Zendesk, customer service platform, USA, EU standard contract clauses
Binding Corporate Rules: Art. 47 of the DSGVO provides for the possibility of ensuring data protection when data is transferred to a third country by means of binding internal data protection rules. These are examined and approved by the competent supervisory authorities as part of the coherence procedure under Art. 63 DSGVO. Further information can be found here:

Zendesk, Customer Service Platform, USA, Binding Corporate Rules: https://d1eipm3vz40hy0.cloudfront.net/pdf/ZENDESK%20-%20BCR%20Processor%20Policy.pdf

6. your rights

You have the following rights in relation to the personal data concerning you:

6.1 Right to revoke consent (cf. Art. 7 GDPR)

If you have given your consent to process your data, you can revoke it at any time. Such a revocation influences the permissibility of processing your personal data for the future after you have expressed it to us. It can be done verbally (by telephone) or in writing by post or e-mail to us.

6.2 Right to information (see Art. 15 GDPR)

In the event of a request for information, you must provide sufficient information about your identity and provide proof that the information is yours. The information concerns the following information:

  • the purposes for which the personal data are processed
  • the categories of personal data which are processed;
  • the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  • the planned duration of storage of the personal data relating to you or, if it is not possible to give specific details, criteria for determining the duration of storage;
  • the existence of a right of rectification or erasure of personal data concerning you, a right to have the processing limited by the controller or a right to object to such processing;
    the existence of a right of appeal to a supervisory authority;
  • any available information as to the source of the data where the personal data are not collected from the data subject;
  • the existence of automated decision-making, including profiling in accordance with Art. 22, paragraphs 1 and 4 DPA and – at least in these cases – meaningful information on the logic involved and the scope and the intended consequences of such processing for the data subject.

6.3 Right of rectification or erasure (cf. Art. 16, 17 GDPR)

You have the right to request correction and/or completion vis-à-vis us as the responsible party, if the personal data processed concerning you is incorrect or incomplete. The data controller shall make the correction without delay.

You may also request the deletion of personal data concerning you if one of the following reasons applies to you:

  • The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  • You revoke your consent on which the processing was based in accordance with Art. 6 Paragraph 1 S.1 lit. a) or Art. 9 Paragraph 2 lit. a) GDPR, and there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to Art. 21 Para. 2 GDPR.
  • The personal data concerning you have been processed unlawfully.
  • The deletion of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data concerning you have been collected in relation to information society services provided in accordance with Article 8(1) of GDPR.

If we have made the personal data relating to you public and are obliged to delete them in accordance with Art. 17 Para. 1 GDPR, we will take all reasonable measures to inform other data controllers that you have requested the deletion of all links to these personal data or of copies or replications of these personal data.

The right to deletion does not exist insofar as the processing is necessary:

  • to exercise the right to freedom of expression and information;
  • to comply with a legal obligation requiring processing under Union or national law to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority;
  • for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
  • for archiving, scientific or historical research purposes in the public interest or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the above-mentioned law is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
    to assert, exercise or defend legal claims.

6.4 Right to restrict processing (cf. Art. 18 GDPR)

Under the following conditions, you may request us to restrict the processing of personal data concerning you:

  • if you dispute the accuracy of the personal data concerning you for a period of time which allows us to verify the accuracy of your personal data;
  • the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;
  • we no longer need the personal data for the purposes of the processing, but you need the personal data to assert, exercise or defend legal claims; or
  • if you have lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether our legitimate reasons outweigh your reasons.

If the processing of personal data relating to you has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of major public interest of the Union or a Member State.

If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

6.5 Right to information (cf. Art. 19 GDPR)

If you have asserted your right to correction, deletion or restriction of data processing towards us, we are obliged to inform all recipients of your personal data of the correction, deletion or restriction of data processing. This only applies insofar as this notification does not prove impossible or involve a disproportionate effort.

You have the right to know which recipients have received your data.

6.6 Right to data transferability (cf. Art. 20 GDPR)

You have the right to receive your personal data from us in a common, machine-readable format, in order to have it transferred to another responsible person, if necessary, provided

  • the processing is based on a consent pursuant to Art. 6 para. 1 sentence 1 letter a) GDPR or Art. 9 para. 2 letter a) DPA or on a contract pursuant to Art. 6 para. 1 sentence 1 letter b) DPA and
  • the processing is carried out using automated procedures.

When exercising your right to data transfer, you have the right to obtain that the personal data be transferred directly from us to another responsible party, as far as this is technically feasible.

The right to data transferability does not apply to processing of personal data which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

6.7 Right to object to processing (cf. Art. 21 GDPR)

Insofar as we base the processing of your personal data on a legitimate interest on our part (pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR), you may object to the processing. The same applies if we base the processing of data on Art. 6 para. 1 sentence 1 lit. e) GDPR.

In the event of such an objection, we request that you explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts of the case and either stop or adapt the data processing or show you our compelling reasons for continuing the processing that are worthy of protection.

6.8 Right to appeal to the competent supervisory authority (cf. Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are domiciled, your place of work or the place where the alleged infringement occurred, if you consider that the processing of personal data relating to you is in breach of the GDPR.

The supervisory authority to which the complaint has been submitted will inform you of the status and the results of the complaint, including the possibility of legal recourse under Art. 78 GDPR.

7 . How to exercise these rights

To exercise these rights, please contact

Kinematics GmbH

Address:

Spreeallee 2
16321 Bernau

Phone: +49 (0) 3023546440
e-mail: hello@tinkerbots.com
Homepage: https://www.tinkerbots.de/

8. subject to alterations

We reserve the right to change this data protection declaration in compliance with the legal provisions.

Status August 2019