Data Privacy

A. GENERAL INFORMATION

In this section, you will find information about the data controller responsible for data processing, the contact person for inquiries and complaints related to data protection, and how to reach our data protection officer.

I. Controller

The controller for the collection and processing of personal data on this website, as defined in accordance with the terms used in the GDPR (General Data Protection Regulation) under Article 4, is:

Clark Holding SE
Wilhelm-Leuschner-Stra├če 17-19
60329 Frankfurt am Main

II. Contact and Data Protection Officer

If you have any questions regarding the collection and use of data or suggestions regarding data protection, you can also contact us directly via email at privacy@clark.io. 

You can reach our data protection officer directly by emailing clark@isico-datenschutz.de.

B. YOUR DATA PROTECTION RIGHTS

You can find information about your data protection rights under the GDPR (General Data Protection Regulation) in this section. These rights include, among others, the right to access the data stored about you, the right to rectify inaccuracies, and, where the legal requirements are met, the right to have your data erased. Whenever we ask for your consent to process your data, you also have the right to withdraw your consent at any time and without providing any reasons.

Right of access, Art. 15 GDPR

According to Article 15 of the GDPR (General Data Protection Regulation), you have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed and where that is the case, access to the personal data including the following information.

We will inform you about:

  • The purpose of the processing
  • The categories of personal data concerned
  • Recipients or categories of recipients of the personal data
  • The planned duration of storage (or the criteria used to determine this duration)
  • The existence of your rights regarding the processing
  • Whether we process data that we did not collect directly from you, and if so, the source of that data
  • The existence of automated decision-making

When you request information about your data, we will provide you with comprehensive details on how your data is processed, its origin, and where it is transmitted to.

Right to rectification, Art. 16 GDPR

If any data stored by us is incorrect or no longer up to date, you have the right, in accordance with Article 16 of the GDPR (General Data Protection Regulation), to request the rectification of such data. We will promptly comply with your request.

When requesting a correction, you can provide us with the accurate data, and we will take care of the rest.

Right to erasure, Art. 17 GDPR

According to Article 17 of the GDPR (General Data Protection Regulation), you can also request the erasure of your data if one of the following situations applies:

  • The data is no longer necessary for the purposes for which it was collected.
  • You have withdrawn your consent for the processing, and there is no other legal basis for the processing.
  • You have objected to the processing under Article 21 (1) or (2) of the GDPR (see below), and there are no overriding legitimate grounds for the processing.
  • Your data has been unlawfully processed.
  • The erasure of data is required to fulfill a legal obligation under the Union or Member State law.

If erasure is not possible due to other legal obligations, the data will be blocked and made available only for the purpose of fulfilling those legal obligations. 

If we have unlawfully processed data, we will promptly delete it.

Right to restriction of processing, Art. 18 GDPR

You have the right, as stated in Article 18 of the GDPR (General Data Protection Regulation), to request the restriction of the processing of your data if you believe that the data we have stored is inaccurate, the processing is unlawful, the personal data is no longer needed for its original purpose, or if you have objected to the processing.

During the evaluation of your rights mentioned above, you can choose to have the processing of your data restricted.

Right to data portability, Art. 20 GDPR

Furthermore, according to Article 20 of the GDPR (General Data Protection Regulation), you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another data controller if the processing is based on your consent (Article 6(1)(a) of the GDPR) or on a contract between us (Article 6(1)(b) of the GDPR).

If you request the transfer of the data you have provided to us, we will provide it to you in a portable format.

Right to object, Art. 21 GDPR

If we process your data based on legitimate interests according to Article 6 (1) (f) of the GDPR (General Data Protection Regulation), you have the right, under Article 21 of the GDPR, to object to the processing of your data. This right applies if there are reasons arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement even without stating specific reasons.

If you exercise your right to object, we will assess whether there are compelling legitimate grounds for the processing on our part. If there are no such grounds, we will cease processing the data.

According to Article 7 (3), Sentence 1 of the GDPR (General Data Protection Regulation), you have the right to withdraw your consent at any time by notifying us at clark@datenschutz-isico.de. This withdrawal of consent will result in us no longer continuing the data processing based on that consent in the future. The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal, as stated in Article 7 (3), Sentence 2 of the GDPR.

If you withdraw your consent, we will cease the processing of data that was based on that consent.

Right to file a complaint, Art. 57 GDPR

Finally, you have the right to lodge a complaint with the supervisory authority that is responsible for us, as outlined in Article 77 (1) (f) of the GDPR (General Data Protection Regulation). You can exercise this right by contacting the supervisory authority in the member state where you have your habitual residence, your place of work, or the place of the alleged infringement.

C. DATA PROCESSING WHEN USING THIS WEBSITE

The use of this website requires the processing of certain data to provide you with a functional and secure user experience. Data protection is of particular importance to us. Please take a moment to carefully read the following information.

I. Data collection when using our website

When you use our website, we collect usage data, which includes:

1. Usage Data
  • Interactions on the website (clicks, etc.)
  • Visited web pages (Which pages were accessed)
  • Duration of visits on web pages (How long a page was viewed)
  • Referring page (Ref URL)
  • Time and date, for example, when accessing our website or emails

Additionally, we collect device, browser, which includes:

2. Device Data
  • Operating system of your device (e.g., Windows, Android, or iOS)
  • Model of your device (e.g. iPhone, Samsung Galaxy)
  • Settings of your device, such as screen resolution
  • Browser settings, such as language preference, time zone, installed plugins, and fonts
  • IP addresses (anonymized)

II. General information on data transfer

Following up we will inform you about the data transfers that happen with regard to the usage of this website.

1. WPEngine (Website-Host) and WordPress (CMS)

Our website is hosted by WPEngine (Beyond Aldgate, 2 Leman Street #5032, London, E1 8FA, United Kingdom). WPEngine provides us with the technical infrastructure and platform to operate our website. All data collected during the use of our website is stored in an anonymized form on WPEngine’s servers.

WPEngine is a hosting service provider committed to complying with applicable data protection laws. Your data is stored on secure servers located in European data centers. WPEngine employs modern security technologies and conducts regular security audits to protect your data against unauthorized access, loss, or misuse.

The legal basis for using WPEngine as our website hosting provider is our legitimate interest, as outlined in Article 6(1)(f) of the GDPR. As a company, we have a legitimate interest in providing a modern and secure website and ensuring a reliable infrastructure for its operation. Utilizing WPEngine as a hosting provider enables us to efficiently achieve these objectives.

Our website is powered by WordPress as a Content Management System (CMS). WordPress allows us to efficiently manage and deliver content. In our implementation of WordPress, no personal data is collected, processed, or utilized.

Please note that while we strive to provide accurate translations, the original German text remains the legally binding version.

Furthermore, in individual cases, disclosure may occur in connection with official inquiries, court orders, and legal proceedings if we are legally obligated to do so in good faith.

We may also disclose data if we have a good faith belief that it is necessary to detect, prevent, or prosecute unauthorized use of our website or other harmful or illegal activities.

In cases where there is a legitimate request based on a legal basis, we may disclose data to authorities or courts on an individual basis.

D. DURATION OF DATA STORAGE IN GENERAL

We do not store any personal data as part of using our website. Instead, we exclusively use anonymized data to enable its secure usage. These anonymized data do not contain any personal information and do not allow for any inferences to be made about individual persons.

Since anonymized data cannot be attributed to individuals, there is no specific timeframe within which we retain this data. We keep it for as long as necessary for the aforementioned purpose. Once the data is no longer needed, it will be permanently deleted.

E. FINAL PROVISIONS

Occasionally, we update this privacy policy, for example, when we make changes to our website or when there are changes in legal or regulatory requirements.

Last updated: 26/06/23