Privacy Policy – Klangchat App

Privacy Policy by Klangchat GmbH, date: February 1, 2019

Your data will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly product including its content, the services offered there and its related sites (“Services”).

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (“GDPR”), “Processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data (“Data”) , whether by automated means or not.

The following Privacy Policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our Services and improve the user experience which may result in said third parties also processing data they collect and control.

1. Information About Us As Controllers Of Your Data

The party responsible for these Services for purposes of data protection law is (“Controller”):

Klangchat GmbH

Glogauer Str. 7

10999 Berlin

Germany

E-Mail: privacy [at] klangchat [dot] com

2. The Rights Of Users And Data Subjects

With regard to the Data Processing users and data subjects have the right:

  • to confirmation of whether Data concerning them is being processed, information about the Data being processed, further information about the nature of the Data Processing, and copies of the Data (Art. 15 GDPR);
  • to correct or complete incorrect or incomplete Data (Art. 16 GDPR);
  • to the immediate deletion of Data concerning them (Art. 17 GDPR), or, alternatively, if further Processing is necessary (Art. 17 para. 3 GDPR), to restrict said Processing (Art. 18 GDPR);
  • to receive copies of the Data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (Art. 20 GDPR);
  • to file complaints with the supervisory authority if they believe that Data concerning them is being processed by the Controller in breach of data protection provisions (Art. 77 GDPR).

In addition, the Controller is obliged to inform all recipients to whom it discloses Data of any such corrections, deletions, or restrictions placed on processing the same (Art. 16, 17 para. 1, 18 GDPR). However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, you have a right to information about these recipients.

Likewise (Art. 21 GDPR), users and data subjects have the right to object to the Controller’s future processing of their Data (Art. 6 para. 1 lit. f) GDPR). In particular, an objection to Data Processing for the purpose of direct advertising is permissible.

3. Information About The Data Processing

Your Data processed when using our Services will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.

3.1    Order Processing

The Data you submit when ordering goods and/or services from us will have to be processed in order to fulfill your order. Please note that orders cannot be processed without providing this Data. The legal basis for this Processing is Art. 6 para. 1 lit. b) GDPR. After your order has been completed, your Data will be deleted, but only after the retention periods required by tax and commercial law.

In order to process your order, we will share your Data with the company responsible for delivery to the extent required to deliver your order and/or with the payment service provider to the extent required to process your payment. The legal basis for the transfer of this data is Art. 6 para. 1 lit. b) GDPR.

3.2 Third Party Services

We use tools for the analysis of the general usage behaviour of our customers. These tools are mainly provided by third parties, and use standard IT to combine access data generated during the use of our services into pseudonymised user profiles and to evaluate them for us. We do not receive any personal data about our users, only statistical, anonymous data and reports (for example to learn which contents of the Services are particularly popular, at which times our Services are used, in which order the content is typically retrieved, to what extent our users find us via certain search engines / advertisements, which devices and operating systems our users use and from which countries, regions and cities our Services are accessed). The legal basis for the usage analysis is Art. 6 para. 1 lit. f) GDPR. Our justified interest results from the fact that we would like to adapt our Services to the interests, needs and habits of our users, and carry out more effective online advertising.

a) Facebook

We use the Software Development Kit (“SDK”) from Facebook Inc., 1 Hacker Way, 94025 Menlo Park, CA, USA, Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).

The SDK enables us to evaluate anonymised user behaviour, and to measure active users and their behaviour (for example posts, replies, votes).

For more information:

https://developers.facebook.com/docs/ios

Facebook’s privacy policy:

https://www.facebook.com/about/privacy/

b) Google Firebase

We use the services of Google Firebase, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Firebase uses tracking technologies that allow us to analyze how users use our Services. This information is transmitted to Google and stored there. Google uses the advertiser ID of the end device for this purpose. Further information on Google Firebase and data protection can be found at https://www.google.com/policies/privacy/ and https://firebase.google.com/. Google is Privacy Shield certified. You can limit the use of the advertiser ID in the device settings (iOS: Privacy/ Advertising/ No Ad Tracking; Android: Account/ Google/ Ads).

We also use Google Firebase to send push messages or in-app messages. A pseudonymized push reference is assigned to the mobile device, which serves as the target for the messages. You can activate or deactivate the receipt of push messages at any time as follows: (1) After installation of the app under “Settings”/”Apps”, where you can change the receipt of messages under “Notifications”. (2) You can also change the receipt of messages on your terminal device under the menu item “Settings”/”Notifications”.

c) Google Fonts

Our Services use Google Fonts to display external fonts. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Through certification according to the EU-US Privacy Shield:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU’s data protection regulations when Processing Data in the United States.

To enable the display of certain fonts in our Services, a connection to the Google server in the USA is established whenever our Services are accessed. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our Services.

When you access our Services, a connection to Google is established from which Google can identify the website from which your request has been sent and to which IP address the fonts are being transmitted for display.

Google offers detailed information at:

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

in particular on options for preventing the use of Data.

d) Google AdWords with Conversion Tracking

Our Services use Google AdWords and conversion tracking. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Through certification according to the EU-US Privacy Shield:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU’s data protection regulations when processing Data in the United States.

We use conversion tracking to provide targeted promotion of our Services. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our Services.

If you click on an ad placed by Google, the conversion tracking we use stores a cookie on your device. These so-called conversion cookies expire after 30 days and do not otherwise identify you personally.

If the cookie is still valid and you visit a specific part of our Services, both we and Google can evaluate that you clicked on one of our ads placed on Google and that you were then forwarded to our Services.

The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our Services and what visitors do once there. In addition, we receive information about the number of users who clicked on our advertisement(s) as well as about the parts of our Services that are subsequently visited. Neither we nor third parties who also use Google AdWords will be able to identify you from this conversion tracking.

You can also prevent or restrict the installation of cookies by making the appropriate settings in your browser. Likewise, you can use the browser to delete cookies that have already been stored. However, the steps and measures required vary, depending on the browser you use. If you have any questions, please use the help function or consult the documentation for your browser or contact its maker for support.

In addition, Google provides further information with regard to its data protection practices at:

https://services.google.com/sitestats/de.html

http://www.google.com/policies/technologies/ads/

http://www.google.de/policies/privacy/

in particular information on how you can prevent the use of your Data.

e) Mixpanel

We use Mixpanel to compile statistics on the use of our Services. Mixpanel is operated by Mixpanel, Inc., 405 Howard St, Floor 2, San Francisco, CA 94105, USA. Mixpanel places a persistent cookie on your device, which records your use of our Services. This data is then analyzed by Mixpanel and forwarded to us. This gives us insight into the way our Services are used overall, and we can then decide whether changes to them are necessary or appropriate. The legal basis for this use is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest in the use of this service is the optimisation of our marketing measures.

If you would like to find out more about how Mixpanel handles this information, you find Mixpanel’s privacy policy here:

https://mixpanel.com/privacy/