Privacy Policy

Privacy Policy

Last updated: January 6, 2025

Table of Contents

Controller

Suhaas Mairal, Luis Özdem
Osterholder Allee 4b
25421, Pinneberg
Germany

Email address: info@zonoexchange.com

Overview of Processing Operations

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of Data Processed

  • Inventory data
  • Contact data
  • Content data
  • Usage data
  • Meta, communication, and procedural data
  • Log data

Legal Bases

Legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the GDPR regulations, national data protection requirements may apply in your or our country of residence or domicile. Furthermore, should more specific legal bases be relevant in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6(1)(a) GDPR) - The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Legitimate interests (Art. 6(1)(f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Security Measures

We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

Transfer of Personal Data

In the course of our processing of personal data, it may happen that the data is transferred to or disclosed to other entities, companies, legally independent organizational units, or persons. Recipients of this data may include IT service providers or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.

International Data Transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosure or transfer of data to other persons, entities, or companies, this will only take place in accordance with legal requirements.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the underlying consents are revoked or there are no further legal grounds for processing. This applies to cases where the original purpose of processing ceases to exist or the data is no longer needed. Exceptions to this rule exist when legal obligations or special interests require longer retention or archiving of the data.

Rights of Data Subjects

Rights of data subjects under the GDPR: As a data subject under the GDPR, you have various rights, particularly arising from Articles 15 to 21 GDPR:

  • Right to object
  • Right to withdraw consent
  • Right of access
  • Right to rectification
  • Right to erasure and restriction of processing
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

Use of Cookies

Cookies are functions that store information on end devices of users and read this information. Cookies can be used for various purposes, such as functionality, security, and comfort of online offerings, as well as the creation of analyses of visitor flows. We use cookies in accordance with legal regulations. We obtain consent from users when required. If consent is not necessary, we rely on our legitimate interests.

Newsletter and Electronic Communications

We send newsletters, emails, and other electronic notifications (hereinafter "newsletters") only with the consent of recipients or a legal basis. The content of the newsletters is binding for users' consent when registering for the newsletter service.

Online Marketing

We process personal data for online marketing purposes, which particularly includes the marketing of advertising space or the display of advertising and other content based on potential interests of users and the measurement of their effectiveness.

Social Media Presence

We maintain online presences within social networks and process user data in this context to communicate with users active there or to offer information about us. Please note that user data may be processed outside the European Union. This may result in risks for users because, for example, the enforcement of user rights could be made more difficult.

Created with free Privacy Policy Generator by Dr. Thomas Schwenke