Privacy Policy | Pam App

We take the protection of your data very seriously and treat your data confidentially and according to the legal regulations and the following privacy policy. This applies to our website https://www.pam-app.de/.

Below, we inform you according to Art. 13 General Data Protection Regulation (GDPR) about nature and scope as well as the purpose of the processing of personal data (hereinafter "data") by us. Regarding the terms used, please refer to the definitions of Art. 4 GDPR. Personal data are all data with which you can be personally identified.

1. Responsible person
Responsible for data processing according to Art. 13 para. 1 GDPR:

PLR UG (limited liability)
represented by the managing director Pamela Leonie Reif
Karlstr. 41
76133 Karlsruhe
Germany
contact@pam-app.de

§ 2 Persons concerned
Visitors and users of our online offer are affected by the data processing carried out by us.

§ 3 Types of data processed
In the case of simply calling up our online offer, i.e. without providing any other information, only the data transmitted by the respective user's browser (so-called "server log files") to our server are collected. The following data is affected by this:
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
IP address used
Usage data (e.g. so-called cookies, websites visited, interest in content, access times)
Meta/communication data (e.g. software information, IP/MAC addresses, operating system used as well as browser).

§ 4 Purpose of the processing
The processing of data takes place
for the provision of the online offer including its functions and contents,
to respond to contact requests and communication with users,
to ensure safety measures,
for range measurement,
for marketing purposes
to ensure the permanent functionality of our information technology systems and the technology of our website, as well as
to provide information necessary for law enforcement in the event of a cyberattack.

§ 5 Legal basis
According to Art. 13 para. 1 lit. c GDPR we are obliged to inform you about the legal basis of our data processing.
The following applies to users within the scope of the General Data Protection Regulation (GDPR), which covers the European Union (EU) and the European Economic Community (EEC), with the proviso that no other legal basis is mentioned in the data protection declaration:
Art. 6 para. 1 lit. a and Art. 7 GDPR is the legal basis for the processing of data covered by consent.
Art. 6 para. 1 lit. b GDPR is the legal basis for the processing of data for the fulfillment of our owed services, for the implementation of pre-contractual measures as well as answering inquiries.
Art. 6 para. 1 lit. c GDPR is the legal basis for processing to fulfill our legal obligations.
Art. 6 para. 1 lit. d GDPR is the legal basis for processing of personal data that is necessary due to vital interests of the data subject or another natural person.
Article 6 para. 1 lit. e GDPR is the legal basis for processing for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller to the extent necessary for that purpose.
Art. 6 para. 1 lit. f GDPR is the legal basis for processing to protect our legitimate interests.
Art. 6 para. 4 GDPR concerns the processing of data for purposes other than those for which they were collected. Such processing is only possible under the conditions specified here.
Art. 9 para. 2 of the GDPR imposes specific requirements on the processing of special categories of data (corresponding to Art. 9 para. 1 of the GDPR).

6. Rights of the data subjects
Right of information: You have the right to request information about whether data concerning you is being processed. In addition, you have the right to receive further information and a copy of the data in accordance with the legal requirements.

Right of rectification: You have the right to complete the data concerning you and to correct any inaccurate data concerning you.

Right of deletion: You have a right to immediate deletion of the data concerning you in accordance with the legal requirements. Alternatively, you have the right to restrict the processing of the data within the scope of the legal requirements. (see also right of objection)

Right of data portability: You have a right, in accordance with the law, to be provided with the data concerning you that you have made available to us, and you may also request that it will be transferred to other responsible persons.

Right of restriction of processing: You have a right to request the responsible person to restrict processing in accordance with the law.

Right of appeal to a data protection supervisory authority: You have the right to file a complaint with the competent supervisory authority.

7 Right of revocation
You can revoke your consent at any time with effect for the future.

8. Right of objection
You have the right to object to the future processing of the data concerning you in accordance with the law. In particular, the objection may also be directed against the processing for purposes of direct marketing.

9. Cooperation with processors, joint responsible persons and third parties
For certain services, it is necessary in the course of our processing of the data to disclose it to other persons (usually companies), i.e. to transmit data to them or otherwise grant them access to the data. These companies are, on the one hand, processors or jointly responsible persons, and on the other hand, third parties such as payment service providers. Such disclosure is only made on the basis of a legal permission or obligation, on the basis of the consent by the user or on the basis of our legitimate interests, which exist, for example, in the use of agents or web hosts. Such a legitimate interest also exists in particular when processing the data for administrative purposes.

In the event that we make data accessible to other companies in our group of companies (through disclosure, transmission or granting access in any other form), this is done in particular for administrative purposes. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. In addition, access may also be based on a legal requirement.

10. Security measures
In order to ensure a level of protection appropriate to the risk, we ensure, in accordance with
the legal requirements, taking into account the state of the art,
the implementation costs, the nature, scope, circumstances and purposes of the processing, and
the varying likelihood and severity of the risk to the rights and freedoms of natural persons
for appropriate technical and organizational measures.

These measures include, in particular, ensuring the confidentiality, integrity and availability of data through
control of physical access to data,
control of access to the data,
control of the data input, transfer, availability and separation.

In addition, we have created procedures that guarantee the exercise of data subjects' rights, deletion of data, and response to data compromise.

§ 11 Cookies
Our website uses cookies. Cookies are pieces of information that are transferred from our web server or third-party web servers to your browser and stored there for later retrieval. Cookies can be small files or other types of information storage. In cookies, information is stored that is in each case related to the specific end device used. Cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. A cookie also contains information about its origin and the storage period. This does not mean, however, that we gain direct knowledge of your identity.

We use cookies to make our website more user-friendly and secure.

There are different types of cookies. Please note that not all of the cookies listed here may be used when you visit our website. If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.

1 Necessary cookies
These are cookies that are needed to allow you to navigate our websites and operate basic website functions, such as assigning anonymous session IDs to bundle multiple related queries to a server.

2 Performance cookies
Performance cookies are used to improve the usability of a website and thus the user experience. Performance cookies collect information about how our websites are used, such as the internet browser and operating system used, the domain name of the website from which you came, the number of visits, the average time spent on the site, and the pages viewed. These cookies do not store information that allows personal identification of the user. The information collected through cookies is aggregated and therefore anonymous.

3. Analysis cookies
We use analysis cookies to improve the user-friendliness of our website. With analysis cookies, we can determine how our website is used and, for example, which preferences and search terms are used.

4. Advertising cookies
We use advertising cookies to provide you with more targeted, relevant content. They are also used to measure and control the effectiveness of advertising campaigns. Marketing cookies register whether a website is visited and which content is used. This information may be shared with third parties, such as advertisers, and is often linked to third-party site functionality (third-party cookies).

How can I delete cookies or disable tracking?
You can either delete individual cookies or remove the entire cookie inventory via your browser settings. Under "Help" or "Settings" you should find information about the management of your cookies in your browser.

In addition, you can obtain information and instructions on how to delete these cookies or block their storage in advance, depending on your browser provider, at the links below:

Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
Opera: http://www.opera.com/de/help
Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE

You can also individually manage the cookies of many companies and features that are used for advertising. To do this, use the appropriate user tools created as part of self-regulatory programs in many countries, such as the U.S. site http://optout.aboutads.info/ or the EU's Your Online Choices site http://www.youronlinechoices.com.

Most browsers also offer a do-not-track feature that allows you to indicate that you do not want to be "tracked" by websites. When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be tracked for behavioral advertising and the like. Information and instructions on how to edit this feature are available at the links below, depending on your browser provider:

Mozilla Firefox: https://www.mozilla.org/de/firefox/dnt
Internet Explorer: https://support.microsoft.com/de-de/help/17288/windows-internet-explorer-11-use-do-not-track
Google Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=de
Opera: http://help.opera.com/Windows/12.10/de/notrack.html
Safari: https://support.apple.com/kb/PH21416?locale=de_DE

§ 12 Deletion of data
In accordance with the legal requirements, we delete the data we have collected or restrict its processing. We delete the data stored by us as soon as the purpose on which the storage is based has ceased to exist and there are no legal storage obligations to the contrary and no deviating regulations have been made in this data protection declaration. Data will be deleted after 24 months at the latest. If the data cannot be deleted because it is required for other, legally permissible purposes (e.g. storage for reasons of commercial or tax law), its processing will be restricted. In this case, the data is processed exclusively for this purpose and is otherwise blocked.

§ 13 Changes to the privacy policy
Legal innovations or changes in the data processing carried out by us may make it necessary to adapt this data protection declaration. For this reason, we ask you to regularly check the content of our privacy policy. If a change requires your cooperation (e.g. consent) or other individual notification, we will inform you in an appropriate form.

§ 14 Hosting and e-mail dispatch
For the operation of our online services, we rely on external hosting services. This concerns:
Infrastructure and platform services
Computing capacity, storage and database services,
E-mail dispatch services as well as
Security services and technical maintenance services.

In the context of the exercise of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of a data processing agreement), the following data in particular will be processed by us or our hosting provider:
Inventory data and contact information,
Content data and contract data as well as
Usage, meta and communication data.

This data processing concerns our customers as well as interested parties and visitors of our online offer.

We use the following web hosting provider:

1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
Privacy info: https://hosting.1und1.de/terms-gtc/terms-privacy/

§ 15 Newsletter
We provide a newsletter for you. By subscribing to our newsletter, you also agree to receive the newsletter as well as to the procedures explained. We send newsletters in the form of e-mails and other electronic notifications with promotional information only with the prior consent of the recipient or a legal permission.

If the contents of the newsletter are specifically described in the course of registration, they are decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.

Double opt-in and logging
The registration for our newsletter takes place in a so-called double opt-in process. This means that a message is sent to the e-mail address you have provided, requesting confirmation of the registration by clicking on a specific link. This confirmation is necessary to ensure that users can only register with e-mail addresses that they can access themselves and do not misuse third-party e-mail addresses. In order to be able to prove the registration process in accordance with legal requirements, every registration for the newsletter is logged. For this purpose, the time of registration and confirmation as well as your IP address are recorded. In addition, the changes to your data that are stored with the shipping service provider are recorded.

Login data
To subscribe to our newsletter, simply enter your e-mail address. In order to be able to address you personally in the newsletter, you can also enter your name. This data is processed on the basis of Art. 6 para. 1 lit. a, b GDPR for sending the newsletter and the logging of the registration process on the basis of Art. 6 para. 1 lit. f GDPR.

Termination/Revocation
You have the right to cancel our newsletter service at any time. By doing so, you revoke your consent at the same time. You will find a link to unsubscribe from our newsletter at the end of the respective newsletter. In order to be able to prove a given but later revoked consent, we are entitled to store the unsubscribed email addresses for up to three years after the revocation based on our legitimate interests.

Provider
For this purpose, we use the provider Sendinblue (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany; website: https://de.sendinblue.com/; privacy policy: https://de.sendinblue.com/legal/privacypolicy/. The data you enter for the purpose of receiving the newsletter is stored on Sendinblue's servers in Germany.

Data analysis by Sendinblue
With the help of Sendinblue, it is also possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often. We can also see whether certain pre-defined actions were performed after opening/clicking (conversion rate). Sendinblue also allows us to subdivide ("cluster") newsletter recipients based on various categories. In doing so, the newsletter recipients - insofar as you have provided this data - can be subdivided, for example, according to age, gender or place of residence, to better adapt the newsletters to the respective target groups.

If you do not want Sendinblue to analyze your data, you must unsubscribe from the newsletter, see above.

§ 16 Contact
You can reach us at the following e-mail address: contact@pam-app.de

When contacting us, your data will be processed for handling and processing the contact request. The transmission of the data is SSL- or TLS-encrypted, provided that your end device supports it. This data is processed on the basis of Art. 6 para. 1 lit. b. GDPR. With regard to other requests, Art. 6 para. 1 lit. f. GDPR is relevant. Your inquiry/data will be stored in our Customer Relationship Management System ("CRM System") or comparable inquiry organization and deleted if no longer necessary. The review of the necessity takes place every two years. Otherwise, the legal archiving obligations apply.