data privacy statement Conversario
Conversario is a service by ferret go GmbH
Privacy Statement for the Conversario - Website
Note: Data processing that takes place in the context of the use of the Conversario software is legitimized by a contract for data processing on behalf and is not the subject of this data protection notice.
The provider (in the following also referred to as “we”) collects, uses and stores your personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Data Protection Act (“Bundesdatenschutzgesetz”) and the German Telemedia Act (“Telemediengesetz”). Personal data means any information relating to an identified or identifiable natural person. Below we inform you about the type, extent and purpose of the collection and use of personal data.
1. Who is responsible for data processing and who can you contact?
The party responsible for data processing is:
ferret go GmbH Brauerstraße 14 16321 Bernau Germany
The internal responsible person for all issues related to data privacy is our data privacy coordinator:
Daniel Köllner Phone: +49 3338 358 00 69 Mail: email@example.com
Our data privacy officer is:
René Rautenberg ER Secure GmbH In der Knackenau 4 82031 Grünwald, Germany Phone: 089 55294870 Fax: 089 552 9 4 87 9 Mail: firstname.lastname@example.org
2. Which data are being processed and what are the sources of these data?
We process personal data (Art. 4 Nr. 1 GDPR) which we receive in the course of conducting our business as provider of a cloud solution for social media management (name, addresses, email-adresses, further data to technologies or communication content).
3. For what purpose and on what legal basis are the data processed?
We process personal data in order to be able to provide our services as a social media management company and in order to receive and reply your requests. We process personal data in accordance with the following data protection-related provisions:
a) Processing personal data with your consent (Art. 6 para. 1 a GDPR):
We process data according to Art. 6 para 1 a GDPR in order to communicate with you and advert for our services.
b) Processing personal data to fulfil contractual obligations (Art. 6 para. 1 b GDPR):
If we enter into a contractual relation (including the initiation of contractual relation) the processing of personal data takes place for the provision of our services as cloud software provider to Art. 6 para. 1 b GDPR.
c) Processing personal data to fulfil legal requirements (Art. 6 para. 1 c GDPR):
In the event that our company is subject to a legal obligation which requires the processing of personal data, such as for example the fulfilment of tax obligations, the processing of personal data is made pursuant to Art. 6 para. 1 lit. c GDPR.
d) Processing personal data according to Art. 6 para. 1 d GDPR:
In exceptional cases the processing of personal data may be required in order to protect the vital interests of the data subject or another natural person. This could for example be the case were a visitor will be injured in our premises and in consequence his name, age, health insurance data or other vital information need to be transmitted to a doctor, hospital or other third party. In that event the processing will be made pursuant to Art. 6 para. 1 lit. d GDPR.
e) Processing personal data according to Art. 6 para. 1 d GDPR:
Finally, data processing activities can be conducted on the basis of Art. 6 para. 1 lit. f GDPR which covers data processing activities which are do not fall under any of the before mentioned legal provisions and which covers data processing which is necessary for the purposes of the legitimate interests pursued by us or a third party and provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.
4. Legitimate interests of the controller that are being pursued by the controller or a third party
If the processing of personal data is based on Article 6 para. 1I lit. f GDPR our legitimate interest is the conduct of our business and the related communication with you (recital 47 GDPR).
For security reasons and in order to protect confidential information, such as requests submitted via our contact form, we use SSL-encryption. If an encrypted connection has been effected the address-line of your browser will show „https://“ instead of „http://“ and you might notice a locker symbol in your browser. If SSL is activated third parties cannot read data that you send to us.
6. Server Logfiles
shortended IP-adress browser type/ browser version your operating system referrer URL (or the website visited previously) date and time of the server request amount of transmitted data your internet service provider
These data will be collected and processed only for the purpose of measuring the statistics of our website performance. These data will not be connected with data from other data sources.
8. GoogleAdWords Conversion Tracking
This website uses “Google AdWords Conversion Tracking” feature of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”), pursuant to Art. 6 para. 1 f) GDPR. Google AdWords Conversion Tracking uses so-called “cookies”, text files that are stored on your computer and that allow you to analyze the use of the website by you if you have clicked on a Google ad. The cookies are valid for a maximum of 90 days. Personal data is not stored. As long as the cookie is valid, Google and we as the website owner can see that you’ve clicked an ad and reached a specific landing page (e.g., order confirmation page, newsletter signup). These cookies can not be tracked across multiple websites by different AdWords participants. The cookie generates conversion statistics in Google AdWords. These statistics include the number of users who have clicked on one of our ads. In addition, it counts how many users have come to a landing page that has been tagged with a “conversion tag”. However, the statistics do not contain any data that identifies you.
9. Google Analytics
We have activated the functionality IP anonymization. In case of activation of the IP anonymization, Google will shorten the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area before sending it to the USA. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On our behalf Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website provider.
Google will not associate your IP address with any other data held by Google.
Opposition to the data collection
You can prevent the collection of your data by Google Analytics by setting an opt-out cookie will be set which prevents the collection of your data on future visits to this website.
10. Conversario Tool
Registration is not required for viewing the Conversario website.
In order to explore all of Conversarios features you must register for a free trial testversion or a full account. For the registration process we need:
Your company address
Your business email address
Your telephone number
Your Data will be stored and processed according to the legal regulation of Art. 6 Abs. 1, lit b DSGVO- in compliance with our contractual obligations towards clients acquiring our services. Data is not disclosed to or shared with third parties. All requested information is solely used to provide our service to you.
11. Facebook Connect
In order to interact with clients Facebook pages, clients need to authorize access with minimal permissions via ‘Facebook Connect’. The inherent storage and processing of personal data aligned with the regulations according to Art. 6 Abs. 1, lit b DSGVO- in compliance with our contractual obligations towards clients acquiring our services. Conversario obtains access and authorisations as followed:
Public profile Administration authorization of your Site Comment authorisation in the name of your site
Authorisations are revocable at any given time threw deletion of ‘Facebook Connect’ (Page: https://www.facebook.com/settings?tab=applications) by the account administrator. Further information to agreement procedures, guidelines on consent and how to withdraw from such can be found in Facebook's data protection declaration: https://www.facebook.com/about/privacy/your-info-on-other
12. YouTube Applications
12.1. About Conversario YouTube Applications
This Privacy Notice describes how Conversario processes any personal data that we receive through the Conversario application(s) for YouTube.
Our obligation is to process your personal data at all times in accordance with our agreement(s), the YouTube terms, conditions and policies, and apply appropriate measures to secure your data.
By “personal data”, we mean any information which relates to an identified or identifiable individual.
By ‘Conversario application(s) for YouTube’ (hereinafter the “app”), we mean any software applications developed by Conversario, which facilitates the exchange of data between the Conversario Services and your YouTube account(s) by using the Youtube API Services.
The use of the app requires a subscription for the Conversario Services. The app is aimed at commercial use, and is not for personal use for consumers. Unless otherwise agreed in writing between the parties, the Conversario Services are subject to the Terms and Conditions found at https://www.conversar.io/en/terms.
12.2. Descriptions of processing activities
12.2.1 – Delivery of services
Personal data is collected in order for Conversario to:
Provide you with the Conversario services Management, moderation and analytics for your user comments on social media network of YouTube Operate and ensure proper functionality of your Conversario Services
220.127.116.11 Category of personal data
We process the following categories of personal data from you:
Channel(s) information and content which originates from your channel(s), for example:
Content/Videos, hereunder: ID, title, link, description, category, created date, modified date, name of sender, ID of sender, comments, favorite count, view count, number of likes and dislikes Comments/posts, hereunder: message, created date, updated date, reply count, channel ID, Google+ User ID, author’s profile url, author’s profile image url. comments/post associated data such as name/username, unique user ID, meta-data such as comments/posts and contents date, time, sentiment and user ratings.
We collect this information:
Directly from your account(s)/Channel(s) with YouTube
18.104.22.168 Basis for processing
We process personal data as described in this section based on the following basis:
In order for Conversario to successfully deliver the services in accordance with the commercial agreement between the parties, Conversario must receive and store the information listed above in 22.214.171.124
We will transfer your personal data to the following recipients:
Conversario Service Backend - all fully operating in the EU/EEA under the legal restrictions of this data privacy notice https://www.conversar.io/en/privacy Subcontractors (Sub-Processors) fully operating in the EU/EEA and legally bound to EU/EEA privacy regulations Hetzner Online GmbH I Industriestr. 25 91710 Gunzenhausen Deutschland I https://www.hetzner.de/rechtliches/datenschutz Your Users (employees or contractors) on the Conversario Services, in order to provide the Conversario Services.
We will store your personal data as long as is necessary for the mentioned purpose. Conversario must delete your personal data in connection with the termination of the commercial agreement between you and Conversario.
Except as set forth above in 126.96.36.199, Conversario will not disclose or share your personal data with third parties unless it is lawful, and to the extent permitted by law, notify you thereof. Conversario may disclose or share personal data if:
You instruct or consent to Conversario doing so; Conversario is required to do so by law, or as required by administrative or court order; Conversario needs to defend, protect or exercise its legal rights, or defend against legal claims or demands;
We may agree otherwise in relation to this matter in an agreement/addendum.
12.4. Transfer to countries outside of the EU/EEA
Transfers to third countries outside of the EU/EEA will not occur.
As Conversario solely processes data on your behalf, as a data processor, Conversario requires you to inform individuals of your collection practise as entailed by the use of Conversario Services. In addition to complying with the conditions for the app, you must comply with the YouTube Terms of Service found at https://www.youtube.com/t/terms when accessing your accounts through the app. For clarity, the same Terms of Service apply regardless of whether you access it through the YouTube interface orConversario Services.
You understand that the YouTube and Google services which you may access through the Conversario Services, is subject to the http://www.google.com/policies/privacy.
In addition to your right to request removal of your personal data from the app and Conversario Services, you may also revoke the Conversario’s authorization to access your data at the following link https://security.google.com/settings/security/permissions.
13. Contact Form
On our website we provide a contact form for you in order to provide you the possibility to contact us electronically. If you use our contact form we store and process the data entered in the form. These are the following data: name, email-adress, phone number, subject-line, your company name and your message. Alternatively you can contact us by email. In this case we store and process the data submitted by email. We don´t transfer personal data to third parties. Data will be used only in order to be able to reply to your request. Storing and processing your personal data in this context is based on Art. 6 para 1, lit f GDPR.
14. Facebook - Social Plugin
On our pages plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. The processing is based on Art. 6 para. 1 f) GDPR. The Facebook plugins can be recognized by the Facebook logo or the “Like-Button” (“Like”) on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.
If you do not wish Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
15. Period of Data Storage
We process and store personal data only for the period, which is required to meet the purpose of processing, or as long and to the extent as statutory laws require us to process and/or store such data.
If the purpose of processing does not apply anymore and the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the processing of data in accordance with the applicable statutory laws.
16. Rights of Data Subject
The data subject has gem. Art. 15 GDPR the right to obtain free information on request about the personal data stored about him as well as the purpose of the data processing. The data subject has also gem. Articles 16, 17 and 18 GDPR the right to correct incorrect data and block and delete his personal data. Moreover the data subject has, subject to Art. 20 GDPR, the right to receive the personal data concerning him or her, which he or she has provided to us, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from our part. According to Art. 21 (1) GDPR, the data subject shall also have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Art. 6 (1) GDPR. We will comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws. Requests for access to and rectification or erasure of personal data or restriction of processing may be directed to the email or post address stated in our website’s imprint. Each data subject has the right to lodge a complaint with a supervisory authority of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.
17. Right to involve a public authority
As affected person you have the right to involve the responsible public authority. This would be:
Die Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht Brandenburg
Stahnsdorfer Damm 77 14532 Kleinmachnow Phone: 033203 356-0 Fax: 033203 356-49 Web: http://www.lda.brandenburg.de/