DATA PROTECTION

This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as “data”) in the context of the provision of our services and within our online offer and the websites, functions and content associated with it as well as external online presences, such as e.g. our social media profile (hereinafter jointly referred to as “online offer”). With regard to the terms used, such as “processing” or “person responsible”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

RESPONSIBLE

Scoopas GmbH
Pappelallee 78/79 · 10437 Berlin · Germany
info@scoopas.com · www.scoopas.com
Owner Garry M. Davison

TYPES OF DATA PROCESSED

• Inventory data (e.g., personal master data, names or addresses).
• Contact information (e.g., e-mail, telephone numbers)
• Content data (e.g., text input, photographs, videos)
• Usage data (e.g. websites visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)

CATEGORIES OF PERSONS CONCERNED

Visitors and users of the online offer (in the following we refer to the persons concerned collectively as “users”).

PURPOSE OF PROCESSING

• Provision of the online offer, its functions and content.
• Answering contact requests and communicating with users.
• Safety measures.
• Reach measurement/marketing

TERMS USED

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features, are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” is any process or series of processes carried out with or without the aid of automated processes in connection with personal data. The term is broad and encompasses practically every handling of data.

“Pseudonymization” means the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures that ensure that the personal data not assigned to an identified or identifiable natural person.

“Profiling” any type of automated processing of personal data, which consists in using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects related to work performance, economic situation, health, personal Analyze or predict that natural person’s preferences, interests, reliability, behavior, whereabouts or relocation.

The “responsible person” is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data.

“Processor” means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the person responsible.

GOVERNING LAW

In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. The following applies to users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, unless the legal basis is mentioned in the data protection declaration: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 GDPR; The legal basis for processing to fulfill our services and carry out contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b GDPR; The legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR; In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR as the legal basis. The legal basis for the processing required to perform a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible is Art. 6 para. 1 lit. e GDPR. The legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR. The processing of data for purposes other than those for which they were collected is determined by the provisions of Art 6 Para. 4 GDPR. The processing of special categories of data (according to Art. 9 Para. 1 DSGVO) is determined according to the specifications of Art. 9 Para. 2 GDPR.

SECURITY MEASURE

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk. The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, transfer, securing availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, deletion of data and reaction to data threats. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.

COOPERATION WITH PROCESSORS, JOINT CONTROLLERS AND THIRD PARTIES

If, as part of our processing, we disclose data to other people and companies (processors, joint controllers or third parties), transmit it to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, is required to fulfill the contract), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we disclose or transmit data to other companies in our group of companies, or otherwise grant them access, this is done in particular for administrative purposes as a legitimate interest and, moreover, on a basis that corresponds to the legal requirements.

TRANSFERS TO THIRD COUNTRIES

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or this within the scope of using third-party services or disclosure or transmission of data to other persons or companies If this happens, this will only happen if it is to fulfill our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or leave the data in a third country if the legal requirements are met. This means that the processing takes place, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to that of the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations.

RIGHTS OF DATA SUBJECTS

You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with the statutory provisions. RIGHTS OF THE PERSONS CONCERNED You have accordingly. In accordance with legal requirements, you have the right to request the completion of the data concerning you or the correction of incorrect data concerning you. In accordance with the legal requirements, you have the right to request that the data in question be deleted immediately, or alternatively to request a restriction of the processing of the data in accordance with the legal requirements. You have the right to request that you receive the data that you have provided to us in accordance with the legal requirements and to request that they be transmitted to other responsible parties. You also have the right, in accordance with the legal requirements, to lodge a complaint with the competent supervisory authority.

RIGHT OF WITHDRAWAL

You have the right to revoke your consent with effect for the future.

RIGHT TO OBJECT

You can object to the future processing of the data concerning you at any time in accordance with the legal requirements. The objection can be made in particular against processing for direct advertising purposes.

COOKIES AND THE RIGHT TO OBJECT TO DIRECT ADVERTISING

“Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login status can be saved. “Permanent” or “persistent” refers to cookies that remain stored even after the browser is closed. For example, the login status can be saved if users visit it after several days. The interests of the users can also be stored in such a cookie, which are used for range measurement or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the person responsible for operating the online offer (otherwise, if they are only their cookies, we speak of “first-party cookies”). We can use temporary and permanent cookies and explain this in our data protection declaration. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser’s system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer. A general objection to the use of cookies for online marketing purposes can be raised for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that in this case not all functions of this online offer can be used.

DELETION OF DATA

The data processed by us will be deleted in accordance with the legal requirements or their processing will be restricted. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage requirements. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

CHANGES AND UPDATES TO THE PRIVACY POLICY

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes in the data processing we carry out make this necessary. We will inform you as soon as the changes require your participation (e.g. consent) or other individual notification.

BUSINESS PROCESSING

In addition, we process
• Contract data (e.g. subject of the contract, term, customer category).
• Payment data (e.g. bank details, payment history)
from our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

HOSTING AND E-MAIL DELIVERY

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online offer. We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to this online offer on the basis of our legitimate interests in making this online offer available efficiently and securely in accordance with Art. Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of order processing contract).

With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to receive it and the procedures described. We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or legal permission. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the consent of the user. In addition, our newsletters contain information about our products and accompanying information (e.g. safety instructions), offers, campaigns and our company. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the shipping service provider are also logged.

Termination/Revocation – You can terminate the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We can store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time.

YOUTUBE

We embed the videos from the “YouTube” platform provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

VIMEO

We can embed videos from the “Vimeo” platform provided by Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy. We would like to point out that Vimeo can use Google Analytics and refer to the data protection declaration (https://policies.google.com/privacy) and opt-out options for Google Analytics (http://tools.google.com /dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/).

GOOGLE FONTS

We integrate the fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

WEBCHATS, WHATSAPP BUSINESS API & VARIOUS MESSENGER

These texts on the data protection declaration are intended as an aid for integration into your own data protection declaration on your website. This is not legal advice, we assume no responsibility or liability for the completeness or accuracy of the texts. The text templates were created together with lawyers and data protection officers. If in doubt, please always consult a lawyer or data protection officer yourself.

CONSENT

By opening and using the messenger, I agree that the following providers may use my personal data (e.g. telephone number) for communication regarding the preparation and execution of any orders as well as for sending advertising information using the messenger “WhatsApp” from WhatsApp Ireland Limited, 4 Grand Canal Square, Dublin (Ireland).

USE OF WHATSAPP

If you have given your consent, we will process the personal data you have provided or provided (e.g. name, telephone number, e-mail address, messenger ID, profile picture, messages) for communication regarding the preparation and execution of any orders as well as for sending advertising information (e.g. Offers, newsletter) using the instant messaging service “WhatsApp” from WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. An existing messaging account is required to use this service. We would like to point out that WhatsApp Ireland Limited may also pass on personal data (in particular communication metadata) to WhatsApp Inc., which is also processed on servers in countries outside the EU (e.g. USA) which do not have an adequate level of data protection . WhatsApp may share this data with other companies within and outside the Facebook group of companies. For more information, see the WhatsApp Business (https://www.whatsapp.com/legal/business-policy/) and WhatsApp (https://www.whatsapp.com/legal/#privacy-policy) privacy policies. We have neither precise knowledge nor influence on the data processing by WhatsApp Ireland Limited or WhatsApp Inc., which is responsible for data protection in this respect. In addition to the recipients specifically named above, we use the help of other service providers (processors) to fulfill our obligations. We would like to point out that you can revoke your consent at any time without giving reasons for the future by sending us your revocation via Whatsapp with a message with the note REVOCATION or by e-mail to the address in this data protection declaration or our imprint stated e-mail address of the corresponding processing of their personal data. The above data will be deleted by us in accordance with the legal requirements as soon as your consent to processing is revoked or if the purpose of processing this data no longer applies or it is not required for the purpose. If the data is not deleted because it is required for other, legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Responsible provider of the WhatsApp Messenger service: • WhatsApp Messenger, WhatsApp, Inc., 1601 Willow Road, Menlo Park, California 94025, USA; the privacy policy is available at whatsapp.com/legal/business-policy/

MORE INFORMATION ABOUT USING WHATSAPP

By visiting the website {company website}, the chat widget is loaded in the form of a JavaScript file. No data is transferred before you open the chat.

You have two options to open the web chat:
1 Manual click on the button in the directory entry
2 Manual click on the chat icon at the bottom right of the webpage

The moment you open the web chat, your chat is created as an object in the background and the chat ID and a token are saved in the browser’s local storage. The ID and the token are unique features that allow you to clearly recognize your chat (chat ID) and you as a user (token) even if you visit again and to be able to show you communication history that has already been carried out. As soon as you return to our website, the history of the chat is restored with the saved data in the local storage. You have to open the chat manually.

In addition, the history of web chats is saved. Every message you send is saved. This serves the purpose of being able to display your chat history even if the communication that has started is continued, for example if a company answers you with a delay.

If the company writes to you and you are no longer online, you will receive an email with a link that will take you back to the chat so that you can continue communicating with the company there. If you click on the link in your email, the chat will open automatically. You have the option to interrupt the chat at any time, but your data will not be automatically deleted in this case. If you no longer wish to receive a message from the company (opt-out), simply send “Stop” as a message in the web chat. After that, you will no longer receive messages from the company in the chat and you will no longer be informed by e-mail. Your chat history and data will be automatically deleted 6 months after the stop message.

Your chat history and data will be automatically deleted 6 months after the stop message. Your data and saved chat histories will then be deleted immediately.

WEBCHAT

Scoopas uses a web chat on the website www.scoopas.com. The web chat serves as another communication option on our website and enables online conversations with Scoopas. The conversation is conducted using a chat bot (virtual assistant, software) that answers users’ questions, assists with your request or provides you with information.

Which personal data are processed?
When using the web chat, the following personal data will be processed and stored:
• date and time of the call,
• IP address,
• URL of the previously visited website,
• First name Name
• E-mail address
• Chat ID and user token (stored in the browser’s local storage)

For what purposes and on what legal basis is the data processed?
We use the above data to offer the web chat, to address users personally, to answer user inquiries and to provide the user with information and/or content.
Legal basis: Our legitimate interest in providing a web chat (Art. 6 Para. 1 S. 1 lit. f. GDPR).

How long is personal data stored? 12 months Who is data passed on to?
A transfer to third parties takes place exclusively in the context of business fulfillment in order to be able to process and answer your request. For this purpose, your data will be passed on to Inbox Solutions GmbH (Pretzfelder Straße 7 – 11, 90425 Nuremberg, Germany) as the technical operator of the web chat and Sellwerk GmbH & Co. KG (Pretzfelder Straße 7 – 11, 90425 Nuremberg, Germany) as an intermediary to the company and to the company you have contacted via the web chat.

FACEBOOK MESSENGER

Responsible provider of the Facebook Messenger service: • Facebook Messenger, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA; the privacy policy is available at facebook.com/about/privacy

INSTAGRAM DIRECT MESSAGES

Responsible provider of the Instagram Direct Messages service: • Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, the
Privacy Policy is available at https://help.instagram.com/519522125107875

CHATWERK

Responsible provider of the ChatWerk platform/service:
• Inbox Solutions GmbH, Pretzfelder Strasse 7 – 11, 90425 Nuremberg, Germany. The privacy policy is available at https://chatwerk.de/datenschutzerklaerung/

SIGN UP FOR OUR NEWSLETTER

Do you always want to be informed about Scoopas in the future? Then send us an email to newsletter@scoopas.com with the subject »News« or scan our QR code, select a messenger (Whatsapp, Facebook or Instagram) and send us the word »News« if you would like to receive our newsletter in this way.