Privacy policy
Status January 2023
Table of contents
I. Name and address of the data controller
II. contact details of the data protection officer
III. general information on data processing
IV. Rights of the data subject
V. Use of cookies
VI. email contact
VII. contact form
VIII. Use of company presences in professionally oriented networks
IX. Hosting
I. Name and address of the person responsible
The responsible person within the meaning of the General Data Protection Regulation (DSGVO) and other data protection regulations is:
Cloudflake GmbH
Gerhart-Hauptmann-Str.11
85356 Freising
Germany
+49 8161 9699 522
info@cloudflake.com
II. Contact details of the data protection officer
The data protection officer of the data controller is:
DataCo GmbH
Dachauer Street 65
80335 Munich
Germany
+49 89 7400 45840
III General information on data processing
1 Scope of the processing of personal data
As a matter of principle, we process personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for actual reasons and the processing of the data is required by legal regulations.
2 Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) sentence 1 lit. a DSGVO serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) p. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) sentence 1 lit. d DSGVO serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) sentence 1 lit. f DSGVO serves as the legal basis for the processing.
3 Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a necessity for the continued storage of the data for the conclusion or fulfilment of a contract.
IV. Rights of the data subject
If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the data controller:
1. the right to information (Art. 15 DSGVO).
You have the right to request confirmation from us as to whether personal data relating to you is being processed.
If this is the case, you have a right of access to this data and to the following information:
o Purposes of processing
o categories of personal data
o Recipients or categories of recipients
o the planned storage period or the criteria for determining this period
o the existence of the rights of rectification, erasure or restriction or opposition
o Right to lodge a complaint with the competent supervisory authority
o If applicable, origin of the data (if collected from a third party)
o If applicable, existence of automated decision-making, including profiling, with meaningful information about the logic involved, the scope and the effects to be expected.
o If applicable, transfer of personal data to a third country or international organisation.
2. right of rectification (Art. 16 DSGVO)
If your personal data is inaccurate or incomplete, you have the right to request that the personal data be corrected or completed without delay.
3. right to restriction of processing (Art. 18 DSGVO)
If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:
o You dispute the accuracy of your personal data, for a period of time that allows us to verify the accuracy of the personal data.
o In the context of unlawful processing, you object to the erasure of the personal data and request instead the restriction of the use of the personal data.
o We no longer need your personal data for the purposes of processing, but you need your personal data to assert, exercise or defend your legal rights; or
o after you have objected to the processing, for the duration of the examination as to whether our legitimate grounds outweigh your grounds.
4. right to erasure ("right to be forgotten") (Art. 17 DSGVO).
If one of the following reasons applies, you have the right to request immediate erasure of your personal data:
o Your data is no longer necessary for the processing purposes for which it was originally collected.
o You withdraw your consent and there is no other legal basis for the processing.
o You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) DSGVO.
o Your personal data are processed unlawfully.
o Erasure is necessary for compliance with a legal obligation under Union law or the law of the member state to which we are subject.
o The personal data has been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.
Please note that the above grounds do not apply insofar as the processing is necessary:
o For the exercise of the right to freedom of expression and information;
o For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
o For reasons of public interest in the field of public health.
o For archival, scientific or historical research purposes in the public interest or for statistical purposes.
o For the assertion, exercise or defence of legal claims.
5. right to data portability (Art. 20 DSGVO).
You have the right to receive your personal data in a structured, common and machine-readable format or to request that it be transferred to another controller.
6. right to object to certain data processing (Art. 21 DSGVO)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e or f DSGVO. This also applies to profiling based on these provisions.
If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
7. right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. A list of the supervisory authorities with local jurisdiction in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html.
You have the right to complain about the processing of your personal data to a data protection supervisory authority. Austrian Data Protection Authority Barichgasse 40-42 1030 Vienna Telephone: +43 1 52 152-0 E-mail: dsb@dsb.gv.at.
V. Use of cookies
1. description and scope of data processing
When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the body that sets the cookie. Below we describe the types of cookies we use:
We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.
The following data is stored and transmitted by the technically necessary cookies:
o Frequency of page views
2. purpose of data processing
The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.
We require the technically necessary cookies for the following applications:
o Matomo tracking code
3. legal basis for data processing
The provisions of the Telecommunications Telemedia Data Protection Act (TTDSG) are relevant for the storage of information in the end user's terminal equipment and/or access to information already stored in the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is carried out on the basis of § 25 para. 2 no. 2 TTDSG. This storage of and access to the information in your terminal equipment serves to facilitate your use of our website and to be able to offer you our services as you have requested. Some functions of our website also do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted after the session ends (e.g. logging out or closing the browser) or after the expiry of a specified duration. Information on different storage periods for cookies can be found in the following sections of this data protection declaration.
VI. email contact
1 Description and scope of data processing
On our website, it is possible to contact us via the email address provided. In this case, the user's personal data transmitted with the email will be stored.
The data is used exclusively for processing the conversation.
2 Purpose of the data processing
In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.
3. legal basis for data processing
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) lit. f DSGVO. Our legitimate interest is to optimally answer your enquiry that you send by e-mail.
If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
4 Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
5. possibility of objection
If the user contacts us by email, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued.
I consent to my personal data being transmitted to Cloudflake GmbH for the purpose of contacting me. I can revoke my consent at any time by sending an email to info@cloudflake.com. All further information, in particular on the rights under Chapter III of the GDPR, can be found in the privacy policy.
All personal data stored in the course of contacting me will be deleted in this case.
VII Contact form
1 Description and scope of data processing
Our website contains a contact form which can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask is transmitted to us and stored.
At the time the message is sent, the following data is stored:
o Email address
o surname
o First name
o date and time of contact
2. purpose of data processing
The processing of personal data from the input mask of the contact form or via the e-mail address provided serves us solely to process the contact.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
3. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 p. 1 lit. a DSGVO. Consent can be revoked at any time without reason. The data will not be used for any other purpose.
4 Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which consent was given. The consent of the e-mail sender to the processing of his/her personal data is of course not final. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
5. possibility of revocation
If the user contacts us via the input mask in the contact form, he can revoke his consent to the storage of his personal data at any time.
All personal data stored in the course of contacting us will be deleted in this case.
VIII. Use of company presences in professionally oriented networks
1. scope of data processing
We use the possibility of company appearances in job-oriented networks.
We maintain a company presence on the following profession-oriented networks:
LinkedIn:
LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland.
On our site, we provide information and offer users the opportunity to communicate.
The company website is used for job applications, information/PR and active sourcing.
We have no information on the processing of your personal data by the companies jointly responsible for the company website. For more information, please see the privacy policy of:
LinkedIn:
https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
If you carry out an action on our company website (e.g. comments, posts, likes, etc.), you may make personal data (e.g. your full name or a photo of your user profile) public.
2. Legal basis for data processing
The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) sentence 1 lit. f DSGVO. Our legitimate interest here is to answer your enquiry in the best possible way or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for processing is Art. 6 (1) lit. b DSGVO.
3. Purpose of data processing
The purpose of our corporate website is to inform users about our services. In doing so, every user is free to publish personal data through activities.
4. duration of storage
We store your activities and personal data published via our company website until you revoke your consent. In addition, we comply with the statutory retention periods.
5. possibility of objection
You can object at any time to the processing of your personal data that we collect in the course of your use of our corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.
Further information on how to exercise your rights can be found here:
LinkedIn:
https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
IX. Hosting
The website is hosted on servers by a service provider contracted by us.
Our service provider is:
ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:
- Browser type and browser version
Operating system used
- Referrer URL
- Host name of the accessing computer
- Date and time of the server request
- IP address
This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. Our legitimate interest for processing this data is to display our website without errors and to optimise its functions.
The location of the website's server is geographically in Germany.
This privacy policy was created with the support of DataGuard.