Version from: 18.09.2020
At Matchbase we are committed to providing you with the best possible service. Your privacy is very important to us.
When you use our services, you provide us with some information. Therefore, we want to be completely transparent and disclose what information we collect, how we use it, with whom we share it and what choices you have to access, update and delete your personal information.
We, the team of Matchbase GmbH, Klixstraße 3, 10823 Berlin, Germany (see imprint) (“Matchbase”), email address: firstname.lastname@example.org (“email address”), process your personal data when you use our app (“app”) or website (“website”) together (“products”, “services”). Your personal data will be processed in accordance with the German Data Protection Act (“DSGVO”) in its current version. In these data protection provisions (“Data Protection Provisions”) we would like to provide you with information about us, the type, scope and purpose of data collection and use, and provide you with insights into the processing of your personal data.
The legal person responsible for data processing is Matchbase GmbH. You can contact us by e-mail at email@example.com.
Which data we collect and process
Personal data that we collect about you:
Data that you give us voluntarily
Data that we obtain through your use of the services.
We will now explain these categories in more detail:
Data that you give us voluntarily
Information for registration
You must provide us with certain information in order to register with us:
First name and surname
Date of birth
Payment Data (Credit Card or Paypal)
We use this data to ensure that it is really you who has access to your account (authentication) and to make sure that you can use our service to its full extent. The legal basis for the collection is that you agree to provide us with this data.
Newsletter, personalization of the newsletter and evaluation of user behavior
Our Newsletter informs you about upcoming sessions and special events as well as additional information about us, special offers or our partners.
For the registration we need your valid e-mail address.
The provision of further, separately marked data is voluntary and will be used to address you personally. We would like to point out that we evaluate your user behavior, i.e. opening and clicking behavior, when the newsletter is sent. Technically, the evaluation of your user behavior is carried out by the Rocket Science Group LLC. This allows us to draw conclusions about your user behavior in order to improve our newsletters and ensure that you only receive the newsletters that interest you.
Of course, you have the possibility to unsubscribe from the newsletter at any time. You will find the unsubscribe link in the footer of every e-mail.
If you would like to stop the personalization and tracking, or if you do not agree with the processing for the mentioned purposes, you can object by sending an e-mail to firstname.lastname@example.org.
Cookies and tracking pixels
Most browsers accept cookies automatically. If you want to prevent cookies from being saved, you can select “do not accept cookies” in the browser settings. You can find out how this works in detail in the instructions of your browser distributor. You can delete cookies that are already stored on your computer at any time. However, we would like to point out that our website can only be used to a limited extent without cookies.
In addition, we use markings on our pages – so-called counting pixels – to record, for example, how often our pages are called up and clicked on each time they are loaded, also without interfering with or inferring with your computer.
Hosting of the website
We, or our hosting provider, Neue Medien Münnich, on the basis of our legitimate interests in the sense of Art. 6 Art.. 1 lit. f. GDPR save data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited site), IP address and the requesting provider.
For security reasons (e.g. to clarify misuse or fraud), log file information is stored for a maximum period of seven days and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
We use Google Analytics only with activated IP anonymization. This means that Google will shorten the IP address of users in member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by adjusting the settings to their browser software accordingly.
Google Analytics for cell phones
For apps on iOS and Android we use Google Analytics for Mobile from Google (for more information click here ). Your data will be transmitted to Google in anonymized form. Our apps use mobile device IDs, such as the Google Advertising ID (“GAID”) and the ID for Advertising for iOS (“IDFA”), and technologies similar to cookies for the use of Google Analytics for cell phones.
We only use Google Analytics with IP anonymization enabled. This means that Google will truncate the IP address of users in member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by adjusting the settings to their browser software accordingly.
We use Google Analytics to analyze and continuously improve the use of our products. The statistics enable us to improve our services and make them more interesting for you. In special cases where personal data is transferred to the USA, Google is certified by the EU-US data protection shield. The basis for data processing is our legitimate interests.
Facebook Marketing Services
We also use the Facebook Software Development Kit (SDK) within our app to link various Facebook services to our apps. For example, users can use the Facebook SDK to share content from our apps within their Facebook timeline or send messages to other Facebook users. For more information about the Facebook SDK for iOS, please visit https://developers.facebook.com/docs/ios. For Android, please read: https://developers.facebook.com/docs/android. Facebook App Events: We use the Facebook App Events service via the Facebook SDK to track the reach of our advertising campaigns and the use of the Facebook SDK. Facebook only provides us with an aggregated analysis of user behavior with our app. Furthermore, we have no control over the information processed by App Events through Facebook. You can disable the use of App Events for these purposes in our App Settings.
Facebook is certified according to the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). The legal basis for this processing is art. 6 paragraph 1 sentence 1 letter b and f DSGVO.
Facebook Custom Audience
In the context of usage-based online advertising, the product Custom Audiences from Facebook (Facebook Custom Audiences 1601 S. California Avenue, Palo Alto, CA, 94304) is also used on our website. In principle, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which can be transmitted to Facebook for analysis and marketing purposes. For this purpose, a counting pixel is placed on our website by Facebook. Information about your activities on the website (e.g. surfing behavior, sub-pages visited, etc.) is recorded. Your IP address is stored and used for the geographical distribution of advertising. Under the link (https://www.facebook.com/ads/website_custom_audiences) you have the possibility to contradict the targeting on Facebook. Alternatively, you can contact us directly by email at email@example.com.
Data transmission to third parties
We will only share your personal information with third parties if:
you have given your explicit consent,
the disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation to pass them on, and
this is legally permissible and necessary for the processing of contractual relationships with you.
In the case of data transfer outside the European Union, the high European data protection level does not exist. In the case of a transfer, it is possible that there is currently no adequacy decision by the EU Commission within the meaning of Art. 45 (1), 3 DS-GVO. This means that the EU Commission has not yet positively determined that the country-specific level of data protection is equivalent to the level of data protection in the European Union.
Possible risks that cannot be completely excluded in connection with data transmission are in particular
Your personal data could possibly be processed beyond the actual purpose.
Furthermore, it is possible that you may not be able to assert and enforce your data protection rights, such as your right to information, correction, deletion or data transferability on a long-term basis.
It is also possible that there is a higher probability that data may not be processed correctly and that the protection of personal data may not fully meet the requirements of the DS-GVO in terms of quantity and quality.
Instruction concerning rights of persons concerned
Every data subject has the right of access under Art. 15 DS-GVO, the right of rectification under Art. 16 DS-GVO, the right of deletion under Art. 17 DS-GVO, the right to restrict processing under Art.18 DS-GVO, the right of objection under Art. 21 DS-GVO and the right of data transferability under Art. 20 DS-GVO. With regard to the right of information and the right of deletion, the restrictions in §§ 34 and 35 BDSG apply.
Instruction on the possibility of complaint
You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us.
Instruction on revocation with consent
You can revoke your consent to the processing of personal data at any time in accordance with Art. 7 Para. 3 DSGVO. This also applies to the revocation of declarations of consent that were issued to us before the validity of the basic data protection regulation, as before 25 May 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
Right in case of data processing for the purpose of direct marketing
In accordance with Art. 21 Paragraph 2 of the DS-GVO, you have the right to object to the processing of personal data concerning you at any time. If you object to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes. Please note that the objection is only valid for the future. Processing that took place before the objection is not affected.
Reference to the right of objection when weighing up interests
If we base the processing of your personal data on a weighing of interests, you can object to the processing. If you do so, please explain the reasons why we should not process your personal data as we have described. In the event of your justified objection, we will examine the situation and either stop or adapt the data processing or explain to you our compelling reasons for protection.
Deletion of your data
The data processed by us will be deleted or limited in their processing in accordance with articles 17 and 18 DSGVO. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations.
If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
According to legal requirements in Germany, data is stored in particular for six years in accordance with § 257 Paragraph 1 HGB (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and for ten years in accordance with § 147 Paragraph 1 AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
In accordance with legal requirements in AuLinks to other websites
Our services are not intended for or directed to children under the age of 16. Therefore, we do not knowingly collect information from individuals under the age of 16. In some cases, this means that we may not be able to provide certain features to these users. If we require a parent or guardian’s consent as the legal basis for processing your information, we may require such consent before collecting and using that information.
You can apply to our company electronically. We will of course use your details exclusively for processing your application and will not pass them on to third parties. Please note that e-mails sent in unencrypted form are not protected against access. Unfortunately, we currently do not offer encryption for e-mail applications. Your personal data will be deleted immediately after completion of the application process, or after a maximum of 6 months, unless you have expressly given us your consent to store your data for a longer period.