Privacy Policy

Last Updated: [24.03.2024]

Introduction and general information

Thank you for your interest in our website and our app. The protection of your personal data is important to us. In the following, you will find information on how we handle your data that is collected through your use of our website and our app. Your data will be processed in accordance with the legal regulations on data protection.

Responsible body in the sense of data protection law

GbR mit Nora Brahm, Markus Eberhard Koch

Mannheimer Str. 195

69123 Heidelberg

Definitions

Our data protection declaration is intended to be simple and understandable for everyone. As a rule, the official terms of the General Data Protection Regulation (DSGVO) are used in this data protection declaration. The official definitions are explained in Art. 4 DSGVO.

Data processing by visiting our website

When you visit our website, it is technically necessary for data to be transmitted to our web server via your internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

Date and time of the request
Name of the requested file
Page from which the file was requested
Access status
Web browser and operating system used
(Complete) IP address of the requesting computer
Amount of data transferred

We collect the listed data to ensure a smooth connection setup of the website and to enable a comfortable use of our website by the users. In addition, the log file is used to evaluate system security and stability as well as for administrative purposes. The legal basis for the temporary storage of the data or the log files is Art. 6 para. 1 lit. f DSGVO.

For reasons of technical security, in particular to defend against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After several days at the latest, the data is anonymised by shortening several days of the IP address at domain level, so that it is no longer possible to establish a reference to the individual user.

Cookies

Our website uses cookies, which are stored on your device by your browser and contain certain settings for using the website (e.g., for the current session). Cookies are used to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called session cookies, which are automatically deleted after you close your browser. Other cookies remain stored on your device until you delete them or the storage period expires. These cookies allow us to recognize your browser on your next visit.

Some cookies are used to simplify website processes by storing settings (e.g., retaining previously selected options). If personal data is also processed by individual cookies we implement, processing is carried out in accordance with Art. 6 (1) lit. b GDPR for the performance of a contract or in accordance with Art. 6 (1) lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit. You can set your browser to inform you about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. The cookie settings can be managed for the respective browsers via the following links:

You can also manage the cookies of many companies and functions individually that are used for advertising. To do this, use the corresponding user tools, which are available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices. Most browsers also offer a "Do Not Track" function, with which you can indicate that you do not want to be "tracked" by websites. If this function is activated, the respective browser informs advertising networks, websites, and applications that you do not want to be tracked for behavior-based advertising and similar purposes. Depending on the provider of your browser, you can obtain information and instructions on how to edit this function via the following links:

Google Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en
Mozilla Firefox: https://www.mozilla.org/en-US/firefox/dnt/
Internet Explorer: https://support.microsoft.com/en-us/help/17288/windows-internet-explorer-11-use-do-not-track
Opera: http://help.opera.com/en/Windows/12.10/en/notrack.html
Safari: https://support.apple.com/en-us/guide/safari/sfri40732/mac

In addition, you can prevent the loading of so-called scripts by default. NoScript allows the execution of JavaScripts, Java, and other plug-ins only on trusted domains of your choice. You can obtain information and instructions on how to edit this function from the provider of your browser (e.g., for Mozilla Firefox at: https://addons.mozilla.org/en-US/firefox/addon/noscript/). Please note that if you deactivate cookies, the functionality of this website may be restricted.

Data transfer and recipients

We do not transfer your personal data to third parties, except if we have explicitly pointed it out in the description of the respective data processing. If you have given express consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, if the transfer is necessary pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data, in the event that there is a legal obligation to disclose pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR and this is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

In addition, we use external service providers for the operation of our website and related processing, e.g. for hosting, data backup and website analysis. These service providers are carefully selected and regularly monitored to ensure that your privacy is protected. The service providers may also be located outside the European Union or the European Economic Area. In this case, we ensure that an adequate level of data protection is guaranteed by appropriate safeguards, such as standard contractual clauses or an adequacy decision by the European Commission.

Data security

We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. This website uses SSL encryption for security reasons and to protect the transmission of confidential
SSL encryption to protect the transmission of confidential content.

Duration of storage of personal data

The duration of the storage of personal data is determined by the relevant statutory retention periods (e.g. from commercial law and tax law). After expiry of the respective period, the corresponding data is routinely deleted. If data is required to fulfil or initiate a contract or if we have a legitimate interest in continuing to store it, the data will be deleted when it is no longer required for these purposes or you have exercised your right of revocation or objection.

Data processing through the use of our app

If you use our app as an end customer, it is technically necessary for data to be transmitted to our web server. The following data is transmitted to our servers to fulfil the business purpose of the app. From Shopify, we collect information about the status of orders created through ClaimBase. No information is collected about the merchant itself. From the merchant's customers, we collect:

Date and time of the comment
Content of the comment
Username of the sender of the comment

To improve the user experience in terms of authenticating the app to the merchant's Instagram account, we use cookies. We do not use any tracking technologies. ClaimBase does not collect any information about how customers visit or navigate specific shops. We use collected information solely to provide the aforementioned services of the app and anonymised data for evaluation by the merchant. The collected data is stored for the time necessary to provide the services and then irreversibly anonymised. ClaimBase is based in Europe and only stores and processes information in data centres in Europe.

Your rights as a data subject

As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

Right to information: You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to information about these personal data and to further information listed in Art. 15 GDPR.

Right to rectification: You have the right to request the immediate correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data (Art. 16 GDPR).

Right to erasure: You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data are no longer necessary for the purposes for which they were collected (right to be forgotten).

Right to restriction of processing: You have the right to demand the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing for the duration of any verification.

Right to data portability: In certain cases, which are listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request that they be transmitted to another controller.

Right to object: If data are collected on the basis of Art. 6 para. 1 lit. f GDPR (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data, unless there are demonstrably compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

Right to revoke consent: If the processing is based on consent, you have the right to revoke the consent at any time, without affecting the legality of the processing carried out on the basis of the consent until revocation.

Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

Right to revoke consent given in accordance with Art. 7 (3) DSGVO: You have the right to revoke consent to the processing of data once given at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Right of objection

If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as this is done for reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to specify a particular situation. If you wish to exercise your right of withdrawal or objection, simply send an e-mail to contact@claimbase.app.

External links

Social networks (Facebook, Twitter, Xing etc.) are only integrated on our website as links to the corresponding services. After clicking on the integrated text/image link, you will be redirected to the page of the respective provider. User information is only transferred to the respective provider after the forwarding. For information on the handling of your personal data when using these websites, please refer to the respective data protection regulations of the providers you use.

Subject to change

We reserve the right to adapt or update this data protection declaration if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. The most current version applies to your visit.

This data protection declaration was created with the kind support of www.datenschutzexperte.de.