PRIVACY POLICY

1. Introduction

At CONROO GmbH ("us", "we", "our" or the "Company") we value your privacy and the importance of safeguarding your data. This Privacy Policy (the "Policy") describes our privacy practices for the activities set out below. As per your rights, we inform you how we collect, store, access, and otherwise process information relating to individuals. In this Policy, personal data ("Personal Data") refers to any information that on its own, or in combination with other available information, can identify an individual.

The office locations of where CONROO GmbH can be found on our website conroo.com.

We are committed to protecting your privacy in accordance with the highest level of privacy regulation. As such, we especially follow the obligations under the below regulations:

  • the EU's General Data Protection Regulation (GDPR)
  • the German Data Protection Act
  • the German Act on Data Protection and the Protection of Privacy in Telecommunications and Digital Services

SCOPE

This policy applies to the visit of CONROO GmbH websites, domains, as well as the usage of our applications, services, and products (mobile and web applications).

This Policy does not apply to third-party applications, websites, products, services or platforms that may be accessed through (non-CONROO GmbH) links that we may provide to you. These sites are owned and operated independently from us, and they have their own separate privacy and data collection policies. Any Personal Data that you provide to these websites will be governed by the third-party’s own privacy policy. We cannot accept liability for the actions or policies of these independent sites, and we are not responsible for the content or privacy practices of such sites.

PROCESSING ACTIVITIES

This Policy applies when you interact with us by doing any of the following:

  • Make use of our application and services as an authorized and registered user
  • Visit any of our websites that link to this Privacy Statement
  • Using the Contact Form provided on our website
  • Initiating payments from our website or applications
  • Receive any communication from us including newsletters, emails, calls, or texts / SMS

2. Personal data that we collect

WHAT PERSONAL DATA WE COLLECT

When you make a purchase, or attempt to make a purchase, we collect the following types of Personal Data:

This includes:

  • Account information such as your full name and email address
  • Payment information such as your billing address, credit card, debit card or other payment methods (e.g., card holder name, card number, expiry date, full name, email address and phone number of the account holder)
  • Purchase information specifically if personalized or unique
  • Mobile device specific identifiers such as make and model, IMEI and phone number
  • Geolocation data and IP address
  • Work related information such as the name of your employer/forwarder

When you use our products and/or features (our website, mobile application on your smartphone or the web app) we collect the following types of Personal Data:

  • Account Information such as your name, phone number, email address, and password
  • Purchase information specifically if personalized or unique
  • Mobile device specific identifiers such as make and model, IMEI and phone number
  • Geolocation data and IP address
  • Certain cookies according to the cookie policy
  • Work related information such as the name of your employer/forwarder
  • Number plate of your vehicle
  • Feedback, such as customer support or product reviews
  • Product information, such as serial number, product registration, licensing information
  • Content, such as posts, comments, audio, video, screenshots, or other documents, including those you share with us for Customer Support purposes

For your identity verification, we also collect the following sensitive Personal Data:

  • Your full name
  • Your passport or ID numbers
  • Issuing authority as well as the issue and expiration dates of the above documents
  • Your photo (a front and side selfie as well as the photo on your passport or ID)
  • Your date and place of birth
  • Your nationality
  • Other information that your passport or ID may contain (i.e., your address or gender)
  • Entries in terror databases and/or entries in block lists or sanction lists

When collecting this data, we will ensure to get your explicit consent. If you disagree with collecting this data, please contact us by using the information set out in the "Contact us" section below.

The collection of this sensitive Personal Data is necessary because you can authorize access to highly sensitive infrastructure of our contractual partners (e.g. port facilities) by using our applications and our contractual partners must collect this sensitive Personal Data on the basis of the legal provisions for the collection of this sensitive Personal Data about those persons who are granted access to the highly sensitive infrastructure.

HOW WE COLLECT PERSONAL DATA

We collect Personal Data from the following sources:

From You. You may provide us with your account information, payment information, demographic data, purchase information, content, feedback, product information, etc. by filling in forms, using our products or services, entering information online or by corresponding with us by post, chat, phone, email or otherwise. This includes Personal Data you provide, for example, when you:

  • Create an account or purchase products on our website
  • Use and/or register for our products or services
  • Create content through our products or services
  • Express interest in our products or services
  • Downloading software and/or our mobile application
  • Subscribe to our newsletter
  • Complete a voluntary market research survey
  • Contact us with an inquiry or to report a problem (by phone, email, chat, our contact form, social media, or messaging service)

Automated technologies or interactions: As you interact with our website and our products or services or have them installed on your devices, we may automatically collect the following types of data (all as described above): device data about your equipment, usage data about your browsing actions and patterns, and contact data where tasks carried out via our website remain uncompleted, such as incomplete orders or abandoned baskets or customer service requests. We collect this data by using cookies, server logs and other similar technologies. Please refer our Cookie policy for further details.

Third parties: We may receive Personal Data about you from various third parties, including:

  • Account information and payment information from another individual when they purchase our product for you on our website
  • Device and usage data from third parties, including analytics providers such as Google
  • Account information and payment data from social media platforms when you log in to our website using such social media platforms
  • Content from communication services, including email providers and social networks, when you give us permission to access your data on such third-party services or networks
  • Account information and payment data from third parties, including organizations (such as law enforcement agencies), associations and groups, who share data for the purposes of fraud prevention and detection and credit risk reduction
  • Account information, payment data, and financial data from providers of technical, payment and delivery services.

If you provide us, or our service providers, with any Personal Data relating to other individuals, you represent that you have the authority to do so and acknowledge that it will be used in accordance with this Policy. If you believe that your Personal Data has been provided to us improperly, or to otherwise exercise your rights relating to your Personal Data, please contact us by using the information set out in the "Contact us" section below.

DEVICE AND USAGE DATA

When you visit a CONROO GmbH website, we automatically collect and store information about your visit using browser cookies (files which are sent by us to your computer),or similar technology. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help Feature on most browsers will provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you do not accept cookies, you may not be able to use some features of our website and we recommend that you leave them turned on. Please refer our Cookie policy for further details.

We also process information when you use our services and products or have them installed on your devices. This information may include:

  • Device IDs
  • Login information
  • IP Address
  • Time stamps
  • Authentication and QR-code scan records
  • Geolocation information
  • Time zone
  • Other operational data and logs

DATA WE COLLECT FROM THIRD PARTIES

We may receive your Personal Data from third parties such as companies subscribing to CONROO GmbH services, partners and other sources. This Personal Data is not collected by us but by a third party and is subject to the relevant third party’s own separate privacy and data collection policies. We do not have any control or input on how your Personal Data is handled by third parties. As always, you have the right to review and rectify this information. If you have any questions, you should first contact the relevant third party for further information about your Personal Data. Where that third party is unresponsive to your rights, you may contact the Data Protection Officer at CONROO GmbH (contact details below).

Our websites and services may contain links to other websites, applications and services maintained by third parties. The information practices of such other services, or of social media networks that host our branded social media pages, are governed by third parties’ privacy statements, which you should review to better understand those third parties’ privacy practices.

PURPOSE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We collect and use your Personal Data with your consent to provide, maintain, and develop our products and services, understand how to improve them and to enable you to use our products and services to identify yourself for, and enable access to the premises of our contractual partners (e.g. port facilities).

These purposes include:

  • Delivering of our product or service to you, including digital delivery (downloading)
  • Fulfilling orders including electronic and non-electronic shipment
  • Building a safe and secure IT environment
  • Verifying or authenticating your identity
  • Investigating and preventing security incidents such as breaches, attacks and hacks
  • Providing, developing, and improving our products and services
  • Delivering, maintaining, debugging and improving our products and services
  • Enabling you to access premises of our contractual partners (e.g. port facilities)
  • Enabling you to access CONROO GmbH services and set up accounts
  • Provide you with technical and customer support
  • Communicating with you about our products and services

Where we process your Personal Data to provide a product or service, we do so because it is necessary to perform contractual obligations. All of the above processing is necessary in our legitimate interests to provide products and services and to maintain our relationship with you and to protect our business for example against fraud. Consent will be required to initiate services with you. New consent will be required if any changes are made to the type of data collected. Within our contract, if you fail to provide consent, some services may not be available to you.

THIRD PARTY TOOLS

We use these third-party tools to store your information:

Google Analytics

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of our website. You can also opt-out of Google storing the data generated by the cookie and associated with your use of our website (including your anonymized IP address) and opt-out of Google using this data by downloading and installing the Google Analytics Opt-out Browser Add-on available here.

Further information about Google Analytics can be found on their terms page and their policies page.

As personal data is transferred to the USA, further protection mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavor to obtain additional regulations and assurances from the recipient in the USA.

Intercom

We use the contact platform of the service provider Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Republic of Ireland. If you contact us via the contact form, email, messaging service, or chat, the information from the contact form or e-mail or well as some information about your activity (e.g., the time when you were first seen, signed up, last seen, last contacted, last heard from) will be stored by us for the purpose of processing the request and in the event of follow-up questions. An e-mail address is required to contact you.

Additionally, if you contact us via messaging service, or chat from your smartphone, the following information will be stored by us for the very same purpose:

  • Information about you as a user of our product and services, e.g.:
    • ID
    • Email address and email domain
    • Phone number
    • Identity verification status
    • Gate-Pass license status
  • Information about your device, e.g.:
    • CONROO mobile app version
    • Device verification status
    • Device model
    • Device ID
    • Operating system version
    • Permission overview (notifications, location data, etc.)
    • Geolocation
    • Last seen on the device

We will never pass on this data without your consent. The legal basis for processing the data is our legitimate interest in responding to your request. We use the Intercom tool to answer your request.

Intercom only processes the data on our behalf. This data will be deleted 9 months after your last communication with us via Intercom, provided that there are no legal storage obligations to the contrary. You can object to the processing of your personal data at any time in accordance with Art. 6 para. 1 lit. f GDPR.

Since personal data may be transferred to the USA, further protective mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we endeavor to obtain additional regulations and assurances from the recipient in the USA.

For further information, please refer to Intercom's privacy policy here.

Sales Viewer

On our website, the provider Sales Viewer GmbH, Universitätsstraße 60, 44789 Bochum, Germany, collects and stores data for marketing, market research and optimization purposes on the basis of the legitimate interests of the website operator (Art. 6 para. 1 lit. f GDPR). 

For this purpose, a javascript-based code is used to collect company-related data and use it accordingly. The data collected with this technology is encrypted using a non-reversible one-way function (so-called hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website. 

The stored data is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. 

You can object to the collection and storage of data at any time with effect for the future by clicking on this link to prevent Sales Viewer from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click this link again.

You can find more information here.

Stripe

We use the payment service provider Stripe, Stripe Inc, 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA, to process payments for our services.

If you use chargeable components of our services, the data required for payment processing will be collected from you (name, address, bank details, credit card number and expiration date).

The use of Stripe is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable payment processing possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art.6 para. 1 lit. a GDPR.

Stripe processes the data only on our behalf. The data will be deleted as soon as you delete your customer account with us, provided that there are no legal storage obligations to the contrary.

Since personal data may be transferred to the USA, further protective mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we endeavor to obtain additional regulations and assurances from the recipient in the USA.

For further information, please refer to Stripe's privacy policy.

Webflow

We host our website with Webflow. The provider is Webflow, Inc, 39811th Street, 2nd Floor, San Francisco, CA 94103, USA. When you visit our website, Webflow collects various log files including your IP addresses.

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that may be required to display the page, to provide certain website functions and to ensure security.

The use of Webflow is based on Art. 6 para. 1 lit. f GDPR. We have alegitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG.

Consent can be revoked at any time.

Since personal data may be transferred to the USA, further protective mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we endeavor to obtain additional regulations and assurances from the recipient in the USA.

For further information, please refer to Webflow's privacy policy.

IDnow

When using our services, your Personal Data will be collected and shared with IDnow GmbH, Auenstrasse 100, 80469 Munich, Germany, or its’ affiliates. In order to help us to verify your identity as part of our services and to fulfil our contractual obligations, IDnow will be processing the data by virtue of contractual agreements including a data processing agreement. For further information with regard to processing and storing of your Personal Data by the above companies, please visit the relevant company’s website and proceed to the relevant company’s privacy policy section which can be currently found here.

If you do not wish to have your identity digitally verified through IDnow, please reach out to our Support team by clicking here to send us a message. We will arrange an alternative identity verification process and provide you with the necessary support and information. Please be aware that this alternative method will be conducted in an analogue format, and associated fees will apply to cover the costs of manual processing.

dbH Logistics

We also share your collected Personal Data with dbh Logistics IT AG, Martinistr. 47-49, 28195 Bremen, Germany. We use this service provider to check your identity against current sanctions’ lists, and ensuring our compliance with the relevant legal requirements and obligations in order to fulfil our contractual and statutory obligations. Compliance with data protection requirements is ensured by relevant contractual agreements including a data processing agreement. For information with regard to processing and storing of your Personal Data by dbh Logistics IT AG, please contact its data privacy officer whose contact data can be currently found here.

INTERNATIONAL DATA TRANSFER AND STORAGE

Where possible, we store and process data on servers within the general geographical region where you reside (note: this may not be within the country in which you reside). Specifically, for European based companies, we have servers in the European Economic Area (EEA). Your Personal Data may also be transferred to, and maintained on, servers residing outside of your state, province, country or other governmental jurisdiction where the data laws may differ from those in your jurisdiction. We will take appropriate steps to ensure that your Personal Data is treated securely and in accordance with this Policy as well as applicable data protection law. Data may be kept in other countries that are considered adequate under your laws. In regions that are not considered adequate, we will enter into EU standard contractual clauses (or equivalent measures) with parties outside the EEA and ensure adequate controls are in place for the security of your data. More information about these clauses can be found here.

SHARING AND DISCLOSURE

We will share your Personal Data with third parties only in the ways set out in this Policy or set out at the point when the Personal Data is collected.

If you use our services to identify yourself to third parties for access authorization to highly sensitive infrastructure (e.g., port facilities), we must forward the personal data collected from you to the parties responsible for the respective infrastructure on the basis of the statutory provisions(e.g., the ISPS regulations).

GATE-PASS-RELATED DATA PROCESSING

If you use our digital identification solution for access to terminals (the so-called Gate Pass), we process your personal data under joint control with the respective terminal operator(s) that you have selected as the destination terminal in your Gate Pass. The joint control with regard to the processing of your personal data includes the registration and creation of the Gate Pass through access control at the terminal using a QR code.

According to our joint control agreement with the terminal operators, we are responsible for responding to requests for information in accordance with Art. 15 GDPR in relation to the Gate Pass and for informing data subjects in accordance with Art. 13 and 14 GDPR. Our contact details can be found at the end of the privacy policy under "Contact". Irrespective of this internal allocation of tasks, you can exercise your data subject rights against any controller (i.e. CONROO or the respective terminal operators).

EUROGATE GmbH & Co. KGaA, EUROGATE Container Terminal Bremerhaven GmbH, EUROGATE Container Terminal Hamburg GmbH and EUROGATE Container Terminal Wilhelmshaven GmbH & Co. KG are jointly responsible for the use of the Gate Pass for access to port terminals of the EUROGATE Group. The EUROGATE Group can be contacted either by post at EUROGATE GmbH & Co. KGaA, Präsident-Kennedy-Platz 1A, 28203 Bremen or by e-mail (compliance@eurogate.eu). You can contact the EUROGATE Group's data protection officer by e-mail (info@jhcon.de).

When creating the Gate Pass, we process the master data, contact data and work-related data you provide in order to store them in the Gate Pass. At the same time, we check the accuracy of your details by comparing an ID document you have uploaded with your master data and also collect your date of birth, document type and number and a photo you have taken. When comparing your details, the live photo you have taken is checked for a match with the biometric image on your ID document to rule out the possibility that the person creating a Gate Pass is using someone else's ID.

The purpose of this processing is to establish your identity beyond doubt for the creation of the Gate Pass and, in the event of a random check at the terminal, to be able to check whether the actual user and authorised holder of a Gate Pass match. For identity verification, we use our service provider IDnow, which acts for us as a data processor bound by our instructions. Further information on IDnow can be found in the section "THIRD PARTY TOOLS".

The processing in the context of identity verification and the transmission of data necessary for access control to terminal operators is based on your consent (Art. 6 para. 1 lit. a GDPR, Art. 9 para. 2 lit. a GDPR). Your consent is voluntary and can be withdrawn at any time with effect for the future. If you do not wish to have your identity verified by processing your biometric data, you can refuse to give your consent. In this case, please contact the CONROO support team here for identification via PostIdent, as described above in the section "THIRD PARTY TOOLS" under "IDnow".

If you have selected a port terminal as your destination terminal that is subject to the "International Ship and Port Facility Security Code" (ISPS Code) (port terminals in which ships for international voyages are also handled), we will also check whether you are on a relevant terror list or blacklist and store the corresponding result (yes/no) in your Gate Pass. The purpose of this processing is to fulfil the requirements of the ISPS Code and to increase security in ISPS port terminals and is based on the legitimate interest of the terminal operators in complying with the ISPS Code and ensuring security (Art. 6 para. 1 lit. f GDPR) and is also necessary for the terminal operators to fulfil their legal obligations (Art. 6 para. 1 lit. c GDPR in conjunction with Art. 3 para. 1 Regulation (EC) No 725/2004).

On the basis of your consent given during the identity check, we transmit the data from the Gate Pass required to carry out access control to the terminal operators that you have selected as the destination terminal in your Gate Pass. As part of access control, your authorisation is checked by the terminal operator by scanning the QR code generated in the Gate Pass via the app and, in the case of random checks, by checking your person based on the information stored about you. The purpose of this processing is to ensure that only identified and authorised persons enter the terminal premises and serves the according legitimate interest of the terminal operators (Art. 6 para. 1 lit. f GDPR). In the case of ISPS port terminals, the processing of personal data for the purpose of access control is necessary to fulfil a legal obligation (Art. 6 para. 1 lit. c GDPR in conjunction with Art. 3 para. 1 Regulation (EC) No 725/2004).

We store and process your personal data contained in the Gate Pass for as long as you use the Gate Pass or for as long as we are legally obliged to retain certain personal data. We delete the data collected solely for the purpose of identity verification when the Gate Pass is created 90 days after collection in order to be able to clarify any queries by then or to be able to resume cancelled identity verifications.

You are not obliged to provide your personal data. However, without the provision of data, the Gate Pass cannot be used for access control in practice. Automated decision-making does not take place.

LEGAL REQUIREMENT

We may use or disclose your Personal Data in order to comply with a legal obligation, in connection with a request from a public or government authority, or in connection with court or tribunal proceedings, to prevent loss of life or injury, or to protect our rights or property. Where possible and practical todo so, we will tell you in advance of such disclosure.

SERVICE PROVIDERS AND OTHER THIRD PARTIES

We may use a third-party service provider, independent contractors, agencies, or consultants to deliver and help us improve our products and services. We may share your Personal Data with marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others but only to maintain and improve our products and services. For further information on the recipients of your Personal Data, please contact us by using the information set out in the "Contact us" section below.

3. Cookies

WHAT ARE COOKIES?

A cookie is a small file with information that your browser stores on your device. Information in this file is typically shared with the owner of the site in addition to potential partners and third parties to that business. The collection of this information may be used in the function of the site and/or to improve your experience?

HOW WE USE COOKIES
  • To give you the best experience possible, we use the following types of cookies:
  • Strictly Necessary. As a web application, we require certain necessary cookies to run our service.
  • Preference.
  • We use preference cookies to help us remember the way you like to use our service.
  • Some cookies are used to personalize content and present you with a tailoredexperience. For example, location could be used to give you services and offersin your area.
  • Analytics. We collect analytics about the types of people who visit our site to improve our service and product.
  • Marketing. We share cookies with third party advertisers and/or partners to help provide you with a personalized marketing experience.
  • We also allow third party partners to put their own cookies on our website.

HOW TO CONTROL YOUR COOKIES

So long as the cookie is not strictly necessary, you may opt in or out of cookie use at anytime. To alter the way in which we collect information from you, visit our Cookie Manager.

4. Data retention and deletion

We will only retain your Personal Data for as long as necessary for the purpose for which that data was collected and to the extent required by applicable law. When we no longer need Personal Data, we will remove it from our systems and/or take steps to anonymize it.

5. Merger or acquisition

If we are involved in a merger, acquisition or asset sale, your personal information maybe transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy. Under certain circumstances, we may be required to disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

6. How we keep your data safe

We have appropriate organizational safeguards and security measures in place to protect your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.

The communication between your browser and our website uses a secure encrypted connection wherever your Personal Data is involved.

We require any third party who is contracted to process your Personal Data on our behalf to have security measures in place to protect your data and to treat such data in accordance with the law.

In the unfortunate event of a Personal Data breach, we will notify you and any applicable regulator when we are legally required to do so.

7. Your rights for your personal data

STORAGE PERIOD

Unless a shorter storage period is specified in this Privacy Policy, we will storepersonal data for (i) as long as necessary to provide the services to you and/or (ii) as long as necessary for the performance of the contract; thereafter, the data will only be stored if and to the extent that we are required to do so by law. If we no longer need the corresponding personal data for the purposes described above, this personal data will only be stored for the duration of the respective statutory retention obligations and will not be processed for other purposes.

YOUR RIGHTS FOR YOUR PERSONAL DATA

Depending on your geographical location and citizenship, your rights are subject to local data privacy regulations. These rights may include:

  • Right to Access (PIPEDA, GDPR Article 15, CCPA/CPRA, CPA, VCDPA, CTDPA,UCPA, LGPD, POPIA)
    You have the right to learn whether we are processing your Personal Data and to request a copy of the Personal Data we are processing about you.
  • Right to Rectification (PIPEDA, GDPR Article 16, CPRA, CPA, VCDPA,CTDPA, LGPD, POPIA)
    You have the right to have incomplete or inaccurate Personal Data that we process about you rectified.
  • Right to be Forgotten (right to erasure) (GDPR Article 17, CCPA/CPRA,CPA, VCDPA, CTDPA, UCPA, LGPD, POPIA)
    You have the right to request that we delete Personal Data that we process about you, unless we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
  • Right to Restriction of Processing (GDPR Article 18, LGPD)
    You have the right to restrict our processing of your Personal Data under certain circumstances. In this case, we will not process your Data for any purpose other than storing it.
  • Right to Portability (PIPEDA, GDPR Article 20, LGPD)
    You have the right to obtain Personal Data we hold about you, in a structured, electronic format, and to transmit such Personal Data to another data controller, where this is(a) Personal Data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you or the third party that subscribes to services.
  • Right to Objection (GDPR Article 21, LGPD, POPIA)
    Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the Personal Data for the establishment, exercise or defense of a legal claim.
  • File a Complaint (GDPR Article 77, LGPD, POPIA)
    You have the right to bring a claim before their competent data protection authority.
    If you are based in the EEA, please visit this website (https://edpb.europa.eu/about-edpb/about-edpb/members_en) for a list of local data protection authorities.

WITHDRAWING CONSENT

If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to opt out from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us by using the information set out in the "Contact us" section below.

HOW TO EXERCICE YOUR RIGHTS

You can make a request to exercise any of these rights in relation to your Personal Data by contacting us by using the information set out in the "Contact us" section below.

For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.

8. Changes

We may modify this Policy at any time. If we make changes to this Policy, then we will post an updated version of this Policy at this website. When using our services, you will be asked to review and accept our Privacy Policy. In this manner, we may record your acceptance and notify you of any future changes to this Policy.

9. Contact

To request a copy for your information, unsubscribe from our email list, request for your data to be deleted, or ask a question about your data privacy, we've made the process simple:

To us, please contact us through our chat tool here.

Write to us at:

Data Privacy Officer of CONROO GmbH

Zollhof 7, 90443 , Nürnberg , Bayern