Privacy Policy

Privacy Policy of the Copytrack GmbH

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with the provisions of the Basic Data Protection Ordinance (GDPR). “Personal data” means any information relating to an identified or identifiable natural person. “processing” means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data.

1. Name and contact details of the controller and the company data protection officer

This data protection information applies to data processing by:

COPYTRACK GmbH
represented by the Managing Director Marcus Schmitt
Dresdener Str. 31
10179 Berlin
Germany
Email: datenschutz@copytrack.com
Telefon: +49-30-809.332.910
Fax: +49-30-809.332.999

The company data protection officer of COPYTRACK GmbH can be contacted at COPYTRACK GmbH, Datenschutzbeauftragter, Saarbrücker Str. 18, 10405 Berlin, Germany or via datenschutz@copytrack.com

2. Collection and storage of personal data as well as type and purpose of their use

2.1. When visiting the Website

When you visit our website www.copytrack.com and portal.copytrack.com, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without action on your part and stored until it is automatically deleted:

• IP address of the computer requesting access,
• Date and time of access,
• Name and URL of the retrieved file,
• Website from which access is made (referrer URL),
• Identification data of the browser and operating system used (browser type/ browser version, operating system used).
• Usage data (e.g. pages visited, interest in content, access times)

This data is processed for the purpose of enabling use of the website (connection establishment), system security, technical administration of the network infrastructure, optimisation of the internet offer and convenient use of our website as well as measuring the coverage and for marketing purposes. The IP address is only evaluated in case of attacks on COPYTRACK’s network infrastructure and for statistical purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection.

In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations under Sections 4 and 6 of this data protection declaration.

2.2. When registering as a user

If you wish to use the services offered on our website, you must register as a user at app.copytrack.com. To do this, you must provide the following information truthfully:

• your first and last name and
• your email address

You must also assign a team name. In addition to the above data, you must provide a password of your choice when setting up a customer account. This, together with your email address, is used to access your customer account. In addition, we store your IP address and the date of your first registration.

After registration, you can access the COPYTRACK app at app.copytrack.com.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR. We need the data for the fulfilment of the contract of use and the provision of contractual services.

2.3 When submitting a case

If you submit a case to COPYTRACK and instruct COPYTRACK to prosecute an infringement, you must provide the following information at the latest when submitting a case:

• Contact details (address, email address)
• Company, if available
• sales tax identification number, if available
• Bank details (IBAN/ account number, BIC/ swift code)

If additional users are created, their first and last name as well as an email address must be provided.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR. We need the data for the fulfilment of the agency contract.

2.4 Using the COPYTRACK App

During the use of the COPYTRACK app at app.copytrack.com by the registered user, we collect usage data, as well as meta and communication data (e.g. device information, IP addresses). This includes in particular the type, frequency and intensity of use of the service.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR and Art. 6 para. 1 sentence 1 lit. f GDPR. We collect the data for the purpose of providing our contractual services and for statistical and marketing purposes and to ensure the smooth functioning of our service. Our legitimate interest follows from the purposes listed above for data collection.

2.5 When using the settlement portal to provide a license

If you provide proof of a license at portal.copytrack.com, you must provide the following information truthfully:

• Your first and last name
• Contact details (address, email address)

If you have acquired the picture from a natural person, their first and last name must be indicated. Further personal information about the licensor is optional, but makes it easier to verify the validity of the license.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. We need the data to verify the legitimacy of the proven license and to verify the factual and legal situation.

2.6 When purchasing a subsequent license

If you purchase a license at portal.copytrack.com, you must provide the following information truthfully:

• Your first and last name
• Contact details (address, email address)
• Company, if available
• sales tax identification number, if available
• Bank details (IBAN/ account number, BIC/ swift code)

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR. We need the data for the fulfilment of the contract of use and the provision of contractual services.

2.7 When concluding a settlement agreement

If you enter into a settlement at portal.copytrack.com, you must provide the following information truthfully:

• Your first and last name
• Contact details (address, email address)
• Company, if available
• sales tax identification number, if available
• Bank details (IBAN/ account number, BIC/ swift code)

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR. We need the data for the fulfilment of the contract of use and the provision of contractual services.

2.8 When making contact

There are several ways to contact COPYTRACK.

If you have any questions, please contact us using the form provided on the website (http://http://3.72.104.87/de/kontakt/). The name and a valid email address are required so that we know from whom the request originates and we are able to answer it. Further information can be provided voluntarily.

Registered customers can contact us at http://http://3.72.104.87/de/support/ This requires the team or company name, the email address and a telephone number.

Further ways to contact us are by email or via the comment function in the COPYTRACK app for registered users

The processing of the personal data from the user interface, and/or from emails or comments serves only to establish contact. Other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent or in accordance with Art. 6 para. 1 lit. b) GDPR for processing the contact enquiry and its processing. User information may be stored in a Customer Relationship Management System (“CRM System”), see Section 3.1.2, or a comparable system.

3. cookies

We use cookies in our online offer. These are small files that your browser creates automatically and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do no damage to your device, do not contain viruses, Trojans or other malware.

The information stored in the cookie are small bits of data or code which identify the specific device used to connect to our website. However, this does not mean we have immediate knowledge of your identity.

The use of cookies serves to make the use of our website more comfortable for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These will be deleted automatically after leaving our site.

In addition, we also use temporary cookies that are stored on your device for a specified period of time to optimize user friendliness. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for you for the purpose of optimising our offer (Tracking) (see Section 5). These cookies enable us to automatically recognize when you return to our site that you have already been with us. These cookies are automatically deleted after a defined period of time.

We process cookies on the grounds of various legal bases. If we ask you for your consent and you agree to the use of cookies, the legal basis for the processing of your data is Art. 6 Para. 1 S. 1 lit. a GDPR. If we process data using cookies on the basis of our legitimate interests, this is in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. If the use of cookies is necessary in order to fulfil our contractual obligations, the legal basis is Art. 6 Para. 1 S. 1 lit. b GDPR.

Irrespective of the legal basis of the data processing, you can revoke your consent at any time or object to the processing of your data (hereinafter referred to as “opt-out”), regardless of whether the processing is based on consent or legal permission.

Most browsers automatically accept cookies. To disable the use of cookies, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. Complete deactivation of cookies may, however, prevent you from using all the functions of our website.

An opt-out from the use of cookies for online marketing purposes can be declared by means of a variety of services, in particular in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or in general on http://optout.aboutads.info.

If we use cookies within the scope of the consent you have provided to us, then this must be revokably granted before we process your data or have it processed. Before you’ve given your consent, only cookies whose use is permitted by law without your consent will be used.

The cookie declaration for www.copytrack.com can be found at http://3.72.104.87/cookie-declaration

The cookie declaration for app.copytrack.com can be found at https://app.copytrack.com/cookie-declaration

The cookie declaration for portal.copytrack.com can be found at https://portal.copytrack.com/cookie-declaration

4. sharing of data

Your personal data will not be transmitted to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

• you have given your express consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR,

• the disclosure pursuant to Art. 6 para. 1 sentence 1 f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

• in the event that a legal obligation exists for the transfer pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR,

• this is legally permissible and is necessary for the processing of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

We share your data with the following groups of people:

Service providers, in particular payment service providers, accounting service providers and debt collection service providers, lawyers, courts, bailiffs, debtors and former creditors.

Insofar as the transfer is necessary to assert, exercise or defend legal claims or to provide our contractually owed services, COPYTRACK also transfers personal data to third countries, Art. 49 para. 1 b), c) GDPR.

If we commission third parties with the processing of data on the basis of an order processing contract, this is done on the basis of Art. 28 GDPR.

4.1 Communication service provider

We use third party services to better understand the use of COPYTRACK.

4.1.1 Intercom

If you are a registered COPYTRACK customer or contact COPYTRACK via the contact form or support form on the website www.copytrack.com or under app.copytrack.com, see section 2.8, we will send some of your contact information and usage data (such as your first and last name, email address, the date of your first log-in, the date of your last log-in) to Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 hours. Stephen’s Green, Dublin 2, Republic of Ireland (“Intercom”) and use Intercom when you visit our website or use our product to collect data for analytical purposes.

Intercom analyses your use of our website and/or our product and tracks the development of our customer relationship so that we can improve our service for you and for analysis and statistical purposes. We also use Intercom as a medium for communication, either by email or in the form of messages within the COPYTRACK app. As part of our service agreement, Intercom collects publicly available contact information and other personal information such as your email address, gender, company, job title, photos, website URLs, social profiles and physical addresses to improve our user experience.

The basis for the processing of the data is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, or respectively our legitimate interests in being contacted by visitors to our website Art. 6 Para. 1 S. 1 lit. f, 49 Para. 1 lit. c GDPR and an order processing contract pursuant to Art. 28 para. 3 sentence 1 GDPR. Please also read our general information on cookies under section 3.

For more information on Intercom’s privacy practices, please visit http://docs.intercom.io/privacy, for compatibility with the GDPR https://docs.intercom.com/pricing-privacy-and-terms/data-protection/how-were-preparing-for-gdpr. Intercom’s services are governed by Intercom’s Terms of Use. You can find them at http://docs.intercom.io/terms.

Intercom is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.intercom.com/de/terms-and-policies#eu-us). Privacy Policy: https://www.intercom.com/de/terms-and-policies.

4.1.2 Zendesk and Zopim

We use the web-based ticket system Zendesk and the chat plug-in Zopim of Zendesk, Inc. 1019 Market St., San Francisco, California 94103, USA (“Zendesk”). The service manages requests made via the contact form on copytrack.com.

COPYTRACK transfers service data to Zendesk, i.e. the email address of the person concerned and the name specified in the email. COPYTRACK uses Zendesk to enable and coordinate communication with users of our service.

The basis for the processing of the data is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. If you do not agree to Zendesk’s data processing, please use alternative, analogue contact options, e.g. by telephone or post. Please also read our general information on cookies under section 3.

We use Zopim for marketing purposes and to simplify the use of our website. Zopim allows us to interact with visitors to our website in real time.

When using Zopim, the IP address and the page visited are also recorded. The IP address is anonymized. Zopim also uses cookies. The information generated by cookies about the use of these websites (including the anonymised IP address) is transmitted to a Zendesk server in the USA and stored there. Performed chats are logged and saved.

The storage of cookies on the computer can be prevented by a corresponding setting in the internet browser, see item 3 of the data protection declaration. However, we would like to point out that in this case certain functions may not be used to their full extent.

Further information about Zopim can also be found in Zendesk’s privacy policy.
https://www.zendesk.com/company/customers-partners/#privacy-policy

Zendesk is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://help.zendesk.com/hc/en-us/articles/229138227-Privacy-and-Data-Protection-How-Zendesk-Protects-Personal-Data-). Privacy Policy https://www.zendesk.com/company/customers-partners/privacy-policy/

4.1.3 MailChimp

Information sent to registered customers is partly handled by the mail service provider “MailChimp”, a newsletter delivery platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The mail service provider is used on the basis of our legitimate interests according to Art. 6 Para. 1 letter f GDPR and an order processing contract according to Art. 28 Para. 3 S. 1 GDPR.

The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The data protection regulations of the shipping service provider can be viewed here: https://mailchimp.com/legal/privacy/.

4.1.4 Survey Monkey

In order to continuously improve our service and to adapt it to our customers’ wishes, we conduct surveys of our customers. We use the SuveyMonkey service of SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland.

SurveyMonkey does not share any personal information with us. The evaluation of the survey is exclusively anonymous.

SurveyMonkey’s privacy statement is available here: https://www.surveymonkey.de/mp/legal/privacy-policy/?ut_source=footer

SurveyMonkey Inc. is certified under the Privacy Shield Agreement, providing a guarantee to comply with European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000Gn7zAAC).

5. web analysis services

5.1 Tracking Tools

The tracking measures listed below and used by us are carried out on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 a GDPR. Please also read our general information on cookies under section 3.

With the tracking measures used, we want to ensure that our website is designed to meet requirements and is continually optimised. We also use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

5.1.1 Google Analytics

We use Google Analytics, a web analysis service of Google Inc., on www.copytrack.com, app.copytrack.com and portal.copytrack.com for the purpose of demand-oriented design and continuous optimisation of our pages. (https://www.google.de/intl/de/about/) (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; hereinafter “Google”).

When using Google Analytics, pseudonymised user profiles are created and cookies (see point 3) are used. The information generated by the cookie about your use of this website such as

• Browser type/version,
• the operating system used,
• Referrer URL (the previously visited page),
• Host name of the accessing computer (IP address),
• Time of the server request,

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the internet for the purposes of market research and demand-oriented design of these internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking).

We use Google Analytics only after you have agreed to its use, ; the legal basis for the use of Google Analytics is therefore Art. 6 Para. 1 lit. a. GDPR. Please also read our general information on cookies under section 3.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Google Inc. is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://support.google.com/analytics/answer/7105316?hl=en). Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

We have concluded a contract with Google regarding the processing of commissioned data and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics.

5.1.2 Google RE/Marketing Services

We use the marketing and remarketing services (“Google Marketing Services”) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, (“Google”) at www.copytrack.com and app.copytrack.com.

The Google marketing services allow us to target ads for and on our site in order to present users only with ads that potentially match their interests. For example, if a user sees ads for products he has been interested in on other websites, this is referred to as “remarketing”. For these purposes, when our and other websites on which Google marketing services are active are accessed, Google directly executes a code from Google and (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies).

Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. In this file it is noted which websites the user visits, which contents he is interested in and which offers he has clicked on, furthermore technical information about the browser and operating system, referring websites, visiting time as well as further information about the use of the online offer. The IP address of the users is also recorded, whereby we inform within the framework of Google Analytics that the IP address is shortened within member states of the European Union or in other signatory states of the European Economic Area Agreement and only in exceptional cases completely transmitted to a Google server in the USA and shortened there. The IP address is not combined with the user’s data within other Google offers. The above information may also be linked by Google to such information from other sources. If the user then visits other websites, ads tailored to his interests can be displayed.

Users’ data is processed pseudonymously within the framework of Google marketing services. This means that Google does not store and process, for example, the names or email addresses of users, but processes the relevant data cookie-related within pseudonymous user profiles. This means from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymisation. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.

One of the Google marketing services we use is the online advertising program “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. Cookies cannot therefore be traced through the websites of AdWords customers. The information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.

These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user has clicked on the ad and has been redirected to this page.

We use Google-Marketing-Services only after you have agreed to their use, the legal basis for the use of Google-Marketing-Services is therefore Art. 6 Para. 1 lit. a. GDPR. Please also read our general information on cookies in section 3.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the “www.googleadservices.com” domain. Google’s privacy policy for conversion tracking can be found here (https://services.google.com/sitestats/de.html).

We can also use the “Google Tag Manager” to integrate and manage Google analysis and marketing services into our website.

Further information on Google’s use of data for marketing purposes can be found on the overview page: https://www.google.com/policies/technologies/ads, Google’s data protection declaration can be accessed at https://www.google.com/policies/privacy

If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

5.1.3. Facebook pixels, custom audiences and Facebook conversion

Within our online offer we use on www.copytrack.com and app.copytrack.com the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

With the help of the Facebook pixel, Facebook is able to determine the visitors to our online offer as a target group for the presentation of ads (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads we post only to Facebook users who have also shown an interest in our online offering or who have certain features (e.g. interests in certain topics or products that are determined by the websites visited) that we transmit to Facebook (so-called “custom audiences”). We also want to use the Facebook pixel to ensure that our Facebook ads meet the potential interest of users and are not a nuisance. The Facebook pixel also helps us understand the effectiveness of Facebook ads for statistical and market research purposes by showing whether users have been redirected to our website after clicking on a Facebook ad (so-called “conversion”).

We only use the Facebook pixels once you have agreed to its use. The legal basis for the use of the Facebook pixel is therefore Art. 6 para. 1 lit. a. GDPR. Please also read our general information on cookies in section 3.

Facebook processes the data in accordance with Facebook’s Data Usage Policy. Accordingly, general information on the display of Facebook ads can be found in the Facebook Data Usage Policy: https://www.facebook.com/policy.php. For specific information and details about the Facebook pixel and how it works, please visit the Facebook Help section: https://www.facebook.com/business/help/651294705016616.

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To set what types of ads you see within Facebook, you can visit the page set up by Facebook and follow the instructions on usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

You may also object to the use of cookies for range measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). Privacy Policy: https://www.facebook.com/policy.php.

5.1.4 LinkedIn Conversion Tracking

We use on www.copytrack.com and app.copytrack.com the retargeting tool LinkedIn conversion tracking of the LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland (“LinkedIn”) within our online offer.

This enables LinkedIn to collect statistical, pseudonymous data about your visit and the use of our website and to provide us with corresponding aggregated statistics on this basis. This information is also used to display interest-specific and relevant offers and recommendations. 

We do not use LinkedIn Conversion Tracking until you have agreed to its use, legal basis for the use of the LinkedIn Conversion Tracking is therefore Art. 6 Para. 1 lit. a. GDPR. Please also read our general information on cookies in section 3.

The information required for evaluation is stored in a cookie. You can prevent cookies from being stored on your computer through the settings of your internet browser or via this opt-out link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For more information about cookies, please see paragraph 3 of this Privacy Policy.

LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). 

Privacy Policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy. Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

5.1.5.   Twitter Pixel

Within our services offered on www.copytrack.com and app.copytrack.com we use conversion tracking with the Twitter pixel, a tool of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

This enables us to statistically record the use of our website in order to optimize it. Conversion tracking uses Twitter to set a cookie on your device when you visit our site by clicking on a Twitter ad.

Conversion tracking is used to generate statistics and not to identify you. Rather, we only want to know which Twitter ads or interactions users use to reach us on our website. Further information can be found under business.twitter.com/en/help/campaign-measurement-and-analytics/conversion-tracking-for-websites.html.

We use the Twitter pixel only with your explicit consent according to Art. 6 para. 1 a) GDPR. Please also read our general information on cookies in section 3. You can prevent the storage of cookies by setting your browser accordingly. In addition, you can configure settings in your personal Twitter account regarding advertising you receive: twitter.com/settings/personalization.

Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law: www.privacyshield.gov/participant.

Twitter Privacy Policy: twitter.com/en/privacy

Opt-Out: twitter.com/settings/personalization

6. Social Networks

6.1 Company pages

COPYTRACK maintains company sites on various social networks and platforms in order to make contact with customers, interested parties and users and for marketing purposes. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services.

If user data is processed by the platform operators outside the EU, this can entail risks, e.g. the enforcement of user rights can be made more difficult.  COPYTRACK generally only works with providers that are certified under the privacy shield.  These providers undertake to comply with EU data protection standards.

The user data collected on the platforms is regularly processed for advertising and market research purposes.  Thus, for example, user profiles are created on the basis of user behavior and the resulting interests of the user.  These usage profiles make it possible, for example, to place advertisements tailored to the presumed interests of the user inside and outside the platform.  For this purpose, cookies are stored on the user’s computer, which provide information about the user’s behavior and thus the user’s interests.  In addition, data can also be stored in the user profiles that are independent of the devices used by the users, for example if you are a member of the relevant platforms and are logged in to them.

Pursuant to Art. 6 para. 1 lit. f.  GDPR, your personal data is processed on the basis of our legitimate interests in effective communication with users or our legitimate interests in user information.  If you are asked by the platform operator for consent to data processing, Art. 6 para. 1 lit. a., Art. 7 GDPR is the legal basis for processing.

Of course you can ask us for more information.  Please note, however, that only the platform operator has access to your user data and can take the necessary measures and provide information, which is why it makes more sense to contact the platform operator directly.

You will find detailed information on data protection and possible objections in the information provided by the platform operators linked below.

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.

Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000000TORzAAO&status=Active.

LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy Policy https://www.linkedin.com/legal/privacy-policy Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

6.2 Social Media Plug-ins

We use social plug-ins from the social networks Facebook, Twitter, Pinterest and LinkedIn on our website on the basis of art. 6 par. 1 p. 1 lit. a GDPR on www.copytrack.com to make our company better known.. Your data will be transferred to the operators of the social plug-ins only if you have agreed to the transfer. Responsibility for data protection-compliant operation must be guaranteed by the respective provider. The integration of these plug-ins by us takes place in the way of the so-called two-click method around visitors of our web page in the best possible way to protect.

6.2.1 ShareThis

The social media plug-ins are provided to us by ShareThis, Inc, 4005 Miranda Avenue, Suite 100, Palo Alto, CA 94304-1227, USA (“ShareThis”). ShareThis collects personal data when using the social media plug-ins provided and provides its users with relevant, targeted advertising, analysis and data modeling based on social sharing. For this purpose, cookies, see point 3 of the data protection declaration, are set on your computer or pixel tags, HTTP headers (or other communication protocols) and browser identifiers are used. The data is processed pseudonymised.

We use the service of ShareThis on the basis of your consent within the meaning of Art. 6 para. 1 lit. a. GDPR. Please also read our general information on cookies in section 3.

You can prevent the storage of cookies either by the settings of your internet browser or under the following opt-out link: https://www.sharethis.com/privacy/.

ShareThis is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L1HMAA0&status=Active). 

Privacy Policy: https://www.sharethis.com/privacy/.

6.2.2 Facebook

We use on our website www.copytrack.comSocial Plugins (“Plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), if you have agreed to this use. The use is made on the legal basis of Art. 6 para. 1 lit. a) GDPR. Please also read our general information on cookies in section 3. We use the “LIKE” or “PART” button. This is an offer from Facebook. 

When you access a page of our website that contains such a plugin, and have agreed to the transfer of your data, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated into the website.

By integrating the plugins, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and demand-oriented design of Facebook pages. To this end, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to associate the information collected through our website with your Facebook account, you must log out of Facebook before visiting our website or do not agree to the transfer of your data.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights and setting options for the protection of your privacy can be found in the data protection information (https://www.facebook.com/about/privacy/) of Facebook.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). 

Privacy Policy: https://www.facebook.com/policy.php.

6.2.3 Twitter

On the basis of your consent in the meaning of Art. 6 Abs. 1 lit. a. GDPR , we use on our website www.copytrack.complugins from Twitter (Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA). You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons). Please also read our general information on cookies in section 3. 

When you access a page of our website that contains such a plugin, and have agreed to the transfer of your data, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate the visit of our pages with your user account. We would like to point out that, as the provider of the pages, we are not aware of the content of the data transmitted or how it is used by Twitter.

If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.

Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). 

Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization. 

For more information, please see Twitter’s privacy policy ((https://twitter.com/privacy).

6.2.4 LinkedIn

On the basis of your consent within the meaning of Art. 6 para. 1 lit. a. GDPR), we use on our website functions and contents of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. Please also read our general information on cookies in section 3.

This may include, for example, content such as images, videos or texts and buttons with which users can express their appreciation of the content, subscribe to the authors of the content or our contributions.

If the users are members of the LinkedIn platform, LinkedIn can assign the call of the above contents and functions to the profiles of the users there. To prevent LinkedIn from associating your visit to our site with your LinkedIn account, you must log out of your LinkedIn account before visiting our site.

LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). 

Privacy Policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy. Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

6.2.5 Google Fonts

We integrate the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy:

https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

6.2.6 Vimeo 

We embed videos from the platform “Vimeo” of the provider Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA, on app.copytrack.com and in the communication via Intercom, see above. 

Privacy Policy: https://vimeo.com/privacy. 

Vimeo uses Google Analytics. The data protection declaration (https://www.google.com/policies/privacy) and opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for data use for marketing purposes (https://adssettings.google.com/.) can be found under the links provided.

7. Other services 

7.1 ReCaptcha 

In all our web offers we embed the function \”ReCaptcha\” of the service provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://www.google.com/recaptcha/ . Data processing is therefore carried out on the basis of a legitimate interest within the meaning of Art. 6 Para. 1 letter f. GDPR. Please also read our general information on cookies in section 3. 

The use of Recaptcha prevents bots from entering data on our online offers. In order to verify that the website visitor is a human being, the behavior data of the user (e.g. mouse movements or queries) is evaluated in order to distinguish people from bots. 

Google is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). 

Privacy policy: https://policies.google.com/privacy; 

Opt-Out: Opt-Out-Plugin: http://tools.google.com/dlpage/gaoptout?hl=de, Settings for the display of advertisements: https://adssettings.google.com/authenticated. 

7.2 Cookiebot

On our website www.coptrack.com, app.copytrack.com and portal.copytrack.com we use the Cookiebot service of Cybot A/S Havnegade 39, 1058 Copenhagen, Denmark to save your cookie preference and only use cookies according to your choice. The data processing is therefore carried out on the basis of a legitimate interest within the meaning of Art. 6 Para. 1 lit. f. DSGVO. Please also read our general information on cookies in section 3.

If you consent to the use of cookies on one of our websites, the following data is automatically logged by Cybot:

 – Your IP number in anonymous form (the last three digits are set to ‘0’).

– Date and time of consent.

– User agent of your browser

– The URL from which the consent was given.

– An anonymous, random and encrypted key value.

The key and consent state is also stored in your browser in the first-party cookie “CookieConsent” so that the website can automatically read and respect the user’s consent for all subsequent page views and future user sessions for up to 12 months.

The key serves as proof of consent and to check whether the consent status stored in your browser is unchanged from the original consent to Cybot.

If Bulk Consent is enabled, whereby a single consent can be given by you for multiple websites, a separate random, unique ID with your consent is stored in encrypted form in the third-party cookie ‘CookieConsentBulkTicket’ in your browser.

Cybot A/S Privacy Policy: https://www.cookiebot.com/de/privacy-policy/

Opt-out : To object to your consent, it is sufficient to delete the cookies “CookieConsent” and “CookieConsentBulkTicket”.

7.3 Google Maps 

We include on our website www.copytrack.com the maps of the service “Google Maps” of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The data processed may include, but is not limited to, user IP addresses and location data, which is not collected without the user’s consent (usually as part of the settings of their mobile devices).

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Privacy Policy: https://policies.google.com/privacy;

Opt-out: Opt-out plug-in: http://tools.google.com/dlpage/gaoptout?hl=de

8. publication of job advertisements / online job applications

If you apply to COPYTRACK via our website form or by email, your application data will be processed by COPYTRACK for the purpose of handling the application procedure. If your application is followed by the conclusion of an employment contract, your transmitted data may be stored in your personnel file for the purpose of the usual organisational and administrative process in compliance with the relevant legal regulations of COPYTRACK.

The legal basis for data processing is Art. 6 para. 1 lit. a GDPR, i.e. the consent given by you when sending the documents to COPYTRACK, or Art. 6 para. 1 sentence 1 lit. b GDPR, if an employment contract is concluded.

9 Hosting

We use the services of one or more web hosting providers whose servers (or servers managed by them) can access our online services. This is to enable us to provide our online services securely and efficiently. We may use computing capacity, storage space and database services, security and technical maintenance services, and infrastructure and platform services. Accordingly, data processing takes place on the legal basis of a legitimate interest pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR.

The data processed through the provision of the hosting service may include all information which relates to the users of our online service and which arises in relation to usage and communication.  As a rule, this concerns the IP address, which is required in order to be able to transmit the contents of online offers and all entries made within our online offer or from websites to browsers. Furthermore, the receipt, storage and sending of e-mails by the web hosting services used by us is recorded. For this purpose, the contents of the corresponding e-mail, the addresses of the recipients and senders as well as further information in connection with the e-mail transmission (e.g. the associated providers) are processed. The above data may also be processed to enable SPAM to be detected. Please note that e-mails on the internet are generally not encrypted. In principle, they are encrypted during transmission, but not on the servers from which they are received and sent (unless a so-called end-to-end encryption method is used). This means that we cannot assume any responsibility for the transport route of e-mails between the sender and receipt by our server.

Collection of access data and log files: For each access to the server, we ourselves or our web hosting providers collect data. The log data may include the user’s operating system, browser type and version, transferred data volumes, date and time of access, the previously visited website (referrer URL), a notification of successful access, IP addresses and the requesting provider. The purpose of using log data is to ensure the stability and proper utilization of the servers. In addition, security may also be ensured by using log data, for example to avoid server overload in the event of abusive attacks (so-called DDoS attacks).

10. rights of the persons concerned

You have the right:

• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;

• in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect or complete personal data stored by us;

• to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

• in accordance with Art. 18 GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing in accordance with Art. 21 GDPR;

• in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible;

• in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future and

• to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters. The address of the supervisory authority responsible for our company:

Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219
10969 Berlin, Germany

11. right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 letter f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an email to datenschutz@copytrack.com.

12. Data security

Our website, the COPYTRACK app and the settlement portal meet the high requirements of the Payment Card Industry Data Security Standard (PCI) and are certified as such.

COPYTRACK uses technical and organizational security measures to protect your personal data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

For security reasons and to protect the transmission of confidential content, such as requests you send to COPYTRACK as the site operator, copytrack.com uses SSL encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

13. duration of storage

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

Your data will be kept for three years after the termination of a user contract with COPYTRACK. After that time, COPYTRACK will check if your data is still needed or while there is any legitimate reason to do so.

Your data will be kept for three years after the prosecution of infringement at COPYTRACK. After that time, COPYTRACK will check if your data is still needed or while there is any legitimate reason to do so.

The personal data from the user interface of the contact form and those sent by email will not be deleted.

Data collected by Googly Analytics when visiting the website is automatically deleted after a period of 14 months.
If your application for a position is rejected, the data you have submitted for application will automatically be deleted two months after notification of rejection. This does not apply if longer storage is necessary due to legal requirements (e.g. the burden of proof according to the General Equal Treatment Act) or if you have expressly agreed to longer storage in our database of interested parties.

14. consequences of failure to provide data

There are no legal or contractual obligations for the provision of personal data to COPYTRACK. The specification of your first and last name, email address, postal address, bank details and your tax number when concluding a license, settlement, usage or agency agreement is mandatory for the conclusion and execution of the agreement with COPYTRACK. If you do not provide this data, you will not be able to use COPYTRACK’s services or conclude contracts with COPYTRACK.

15. Up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and is effective as of September 2019.

Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website under http://3.72.104.87/privacy

Information Pursuant to Art. 13 GDPR for Registered Users

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with Art. 13 of the General Data Protection Regulation (GDPR). Personal data is all information relating to an identified or identifiable natural person. Data of legal entities are not subject to the scope of the GDPR.

Identity of the controller

COPYTRACK GmbH, represented by Managing Director Marcus Schmitt, Dresdener Str. 31, 10179 Berlin

Contact details of the data protection office

COPYTRACK GmbH, Datenschutzbeauftragter
Saarbrücker Str. 18 10405 Berlin
datenschutz@copytrack.com

Processing purpose and legal basis, legitimate interest

The data processing takes place for the purpose of the fulfilment of the user contract and contract for the enforcement of rights between the customer and COPYTRACK. Your data will be processed in accordance with Art. 6 para. 1 lit. b GDPR

Recipient

We transfer your data to the following categories of recipients, insofar as this is necessary to fulfil the contract: service providers, in particular shipping, printing and accounting service providers, banks or payment service providers, IT service providers, third-party debtors, courts, bailiffs, lawyers and cooperation partners for domestic and cross-border debt collection.

Transfer to third countries

As far as the transfer is necessary for asserting, exercising or defending legal claims, COPYTRACK may also transfer personal data to third countries.

Duration of storage

After termination of the user contract concluded with COPYTRACK, COPYTRACK checks after three years whether we still need your data or whether we are opposed to deletion of legal storage obligations. The periods begin at the end of the year in which the contract was terminated.

Rights of the data subject

If COPYTRACK has collected personal data from you, you have the following rights under Articles 15 to 22 GDPR if the legal conditions are met: right to information, correction, deletion, restriction of processing and data transferability. Furthermore, according to Art. 14 para. 2 lit. c in conjunction with Art. 21 GDPR, you have a right of objection to the processing based on Art. 6 para. 1 lit. f GDPR.

Complaints to the supervisory authority

Under Article 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. The address of the supervisory authority responsible for our company:

Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, Germany, https://www.datenschutz-berlin.de/

Obligation to provide personal data

The personal data processed by us is necessary for the fulfilment of the contract, in particular for the enforcement of claims and for invoicing. There is no contractual or legal obligation to provide the data. Without the personal data, however, the execution of the contract is not possible.

Profiling

COPYTRACK does not use automated decisions including profiling with legal effect against affected persons.

Information Pursuant to Art. 13, 14 GDPR for Image Users

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with Art. 14 of the General Data Protection Regulation (GDPR). Personal data is all information relating to an identified or identifiable natural person. Data of legal entities are not subject to the scope of the GDPR.

Identity of the controller

COPYTRACK GmbH, represented by Managing Director Marcus Schmitt, Dresdener Str. 31, 10179 Berlin

Contact details of the data protection officer

COPYTRACK GmbH, Datenschutzbeauftragter,
Saarbrücker Str. 18, 10405 Berlin
datenschutz@copytrack.com

Processing purpose and legal basis, legitimate interest

The data is processed for the purpose of clarifying the legal situation (authorization request), offering a subsequent license or for legal prosecution and receivables management. According to Art. 6 Para. 1 lit. f GDPR, the processing of your data is necessary to protect our legitimate interests or those of a third party and to verify the existence and if necessary the enforcement of a legal claim for damages. This constitutes COPYTRACK’s legitimate interest.

Data categories and data origin

We process the following categories of data: master data, communication data, receivables data and, where applicable, payment information. We collect the data via freely accessible sources, i.e. from the website where we have established a possible infringement of copyright law, from the whois data of the aforementioned website, yellow pages, commercial registers etc.. In rare cases, the data is provided to us by our clients.

Recipient

Within the scope of the post-licensing process or the enforcement of claims for damages, we may transfer your data to our clients and, if necessary, the following categories of recipients, insofar as this is necessary for the enforcement of claims: credit agencies, service providers, in particular shipping and collection service providers, third-party debtors, residents’ registration offices, courts, bailiffs, lawyers.

Transfer to third countries

As far as the transfer is necessary for asserting, exercising or defending legal claims, COPYTRACK may also transfer personal data to third countries.

Duration of storage

Your data will be kept for three years after the acquisition of a subsequent license, payment of damages or other termination of the case at COPYTRACK. After that time, COPYTRACK will check if your data is still needed or while there is any legitimate reason to do so.

Rights of the data subject

If COPYTRACK has collected personal data from you, you have the following rights under Articles 15 to 22 GDPR if the legal conditions are met: right to information, correction, deletion, restriction of processing and data transferability. Furthermore, according to Art. 14 para. 2 lit. c in conjunction with Art. 21 GDPR, you have a right of objection to the processing based on Art. 6 para. 1 lit. f GDPR.

Complaints to the supervisory authority

Under Article 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. The address of the supervisory authority responsible
for our company:

Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, Germany, https://www.datenschutz-berlin.de/

Obligation to provide personal data

There are no contractual or legal obligations of the debtor to provide COPYTRACK with data.

Profiling

COPYTRACK does not use automated decisions including profiling with legal effect against affected persons.