Data protection information according to Art. 13, 14 GDPR
IMPORTANT NOTE: The German version of this document will govern our relationship – this translated version is provided for convenience only and will not be interpreted to modify the German version. For the German version, please see the German Data Privacy.
1. Responsible party
The service provider of the web application “onesome” (hereinafter the application) and the website under the URL www.onesome.de (hereinafter the website) and the person responsible under data protection law is Seneration GmbH, Maximilianstraße 43, 80538 Munich (Seneration).
2. Contact details of the data protection officer
3. Processing purposes and legal bases
3.1 Access and informational use of the website (without registration and without login to use the application).
Each time you access the website, your browser automatically sends the following data to our website server: IP address of your requesting internet-capable device; date and time of your access to the website; website/application from which the access was made (referrer URL); your browser type with version and language; operating system of your internet-capable computer; your internet service provider; the sub-websites you are visiting; files downloaded from our website (e.g. PDF or Word documents); website accessed; website previously visited.
The temporary storage of the IP address for the duration of the use of the application is necessary to provide you with the website.
In addition, further processing of the data referred to in 3.1 is carried out in order to optimise the website, to ensure the permanent functionality, security and stability of the website and connected IT systems and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
The legal basis for this data processing is Art. 6 para. 1 lit. f DS-GVO. The legitimate interest follows from the above-mentioned purposes of providing the website content accessed by the user, optimising the website and system security and stability, as well as procedures in the event of cyber attacks.
The above data will be deleted as soon as the use of the service (use of the website) ends.
We process your above-mentioned data for as long as it is necessary for the above-mentioned purposes.
3.2.1 Use of technically necessary cookies
In order to make the use of the website more pleasant for you, we use so-called essential cookies (first party cookies). These are necessary to provide the service that makes our website work. For example, essential cookies help to store the user’s preferences as they navigate the website.
The following data is processed with these cookies: Browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of the server request.
We process the aforementioned data for the purpose of recognising that you have already visited individual pages of the website, even after you have changed pages, and thus to simplify the use of the website.
Functionality or preference cookies. These cookies can, for example, store information such as the user name, language or location settings of the user. They also store the user’s personal settings on the website, with which the user optimises his or her use, such as the preferred language. These settings are saved through the use of functionality cookies and the next time the user visits the website they do not have to make these selections again. We use Visual Composer, a serviceprovidedTechMillLtd, Latvia, to give the website the “look” This stores the website’s system, a version number for updates. We also use the services ofBorlabs- Benjamin A. Bornschein, Germany, to provide the cookie banner.
The legal basis for data processing is Art. 6 para. 1 lit. f DS-GVO. The legitimate interest for data collection follows from the purpose of providing the informational function of the website called up by the user and the simplification of the website.
The following list provides more information on how to disable or manage your cookie settings in the browser you are using:
3.2.2 Use of Matomo
The website uses the web analytics service Matomo. Matomo is software produced by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Further information can be found on the website www.matomo.org.
Using this software, data is collected and stored for the statistical evaluation of the use of the website. Cookies are used for this purpose. The data is collected and stored for the purpose of statistical analysis of user behaviour. This serves the purposes of evaluating the use of the website and enabling the website to be designed in line with requirements. For these purposes, pseudonymised usage profiles can be created from the data. The collected IP addresses are automatically anonymised by making parts of the IP address unrecognisable (so-called IP masking). We do not use this data to identify the user and the data is not merged with other personal data of the user. The data is anonymised and processed on a server rented from InnoCraft Ltd. in Frankfurt am Main and also stored in Ireland as a backup. They are not transmitted to third parties. InnoCraft does not pursue its own purposes with the storage and processing of the data.The duration of the cookie can be seen in the list above.
Tracking with Matomo can be switched on or off in the cookie preferences above.
The legal basis for the use of Matomo in the case of consent is Art. 6 para. 1 sentence 1 DS-GVO. If you consent to web analysis using Matomo, the following data is collected when individual pages of the website are called up:
(1) 2 bytes of the IP address of the user’s calling system.
(2) Date and time of display
(3) Title of the displayed page (Page Title)
(4) URL of the accessed web page (Page URL)
(5) The website from which the user accessed the website (referrer URL).
(6) Screen resolution used
(7) Time in the local user’s time zone
(8) Files clicked and downloaded (Download)
(9) Links to an external domain that have been clicked on (outlink)
(10) Page generation time (the time it takes for web pages to be generated by the web server and then downloaded by the user: Page speed)
(11) Location of the user: country, region, city, approximate latitude and longitude (geolocation).
(12) Main language of the browser used (Accept-Language header)
(13) User agent of the browser used (User Agent Header)
3.2.3 Use of marketing cookies
Marketing cookies. We useHubSpotfor online marketing activitiesIn order to display personalised advertising to the user, the subpages accessed from the website called up, the time spent on the website, the frequency with which the website is called up are collected andprocessedHubspotInc.
Basis for the processing of personal data for the aforementioned purpose is the consent of the user pursuant to Art. 6 para. 1lita DSGVO The exact duration of the cookies can be found in the list above.
The user has the possibility to revoke his consent for the future at any time. However, such a revocation has no influence on the data processing based on his consent that took place before the revocation. The revocation takes place by changing the cookie preferences in the cookie settings on the page: https://seneration.com/datenschutzerklaerung/
3.3 Contact form
You can contact us via our contact form. You will be asked for the following data in the contact form: company, first name, last name, number of employees, position, e-mail, telephone (optional). You must also enter your comments (free text field) in the contact form.
If you use our contact form, your above-mentioned data will be processed by us for the purpose of processing your request or answering your enquiry.
The legal basis for this data processing is your consent, Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time by sending an email to email@example.com with effect for the future. Your revocation has no effect on data processing based on your consent that already took place before the revocation.
Your data collected as part of the contact form will be stored until you request us to delete it or the purpose for storing the data no longer applies.
To provide the contact form, we use the services of Hubspot, Inc. which acts as a processor for us. This company is based in the USA.
3.4 Newsletter dispatch
You can register to receive our newsletter via the website. If you have expressly consented in accordance with Art. 6 (1) sentence 1 lit. a DSGVO, we will use your e-mail address to send you the newsletter on a regular basis. To receive the newsletter, it is sufficient to provide your email address.
We use a dispatch service provider to send the newsletter. Personal data collected as part of the newsletter service is not passed on to third parties. The processing of your data by the dispatch service provider takes place exclusively on our behalf. This shipping service provider is MailjetGmbH, a companyGermany.
You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time by e-mail to firstname.lastname@example.org. This is a revocation of your consent to receive the newsletter. However, this revocation is only effective for the future. It has no effect on data processing based on your consent that already took place before the revocation.
You have the option of leaving a comment on a blog post. If you make use of this option, your name and email address will be collected as mandatory data. The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO. The legitimate interest for data collection follows from thepurpose of providing the comment function usedby the user.
4. Categories of recipients and transfer to third countries processors
We have carefully selected the service providers who process data on our behalf in accordance with instructions as processors and are therefore recipients of personal data, provide sufficient guarantees for appropriate technical and organisational measures and are contractually obliged by us in accordance with Art. 28 GDPR.
Seneration regularly transfers your personal data to the following processors:
Type of processing activity
Hosting and data centre services
5. data processing when using the application
5.1 Processing purposes and legal basis for the use of the Application.
The legal basis for the processing of your personal data in connection with the use of the application is the usage contract for the application that has come into existence between Seneration and you in the context of your registration and creation of a user account, Art. 6 para. 1 lit. b DSGVO.
5.2 Use of the app (after registration and login)
As part of the registration process, we collect the personal data provided in the input mask as mandatory data, which are marked with an asterisk (*):
– First and last name
– E-mail address
– Password chosen by the user
– Enter the activation code provided, if applicable.
Voluntary information includes year of birth, gender and school/training qualifications. Users also have the option of uploading their own profile picture to the app. This is also voluntary.
The mandatory and voluntary information is processed in order to provide you with Seneration’s products and services. The use of the application is also possible without registration and login, but in this case the use is limited to a few features only.
When using the app, you also enter answers to questions in the form of selection options (single-choice, multiple-choice, scale, etc.) and in free-text fields. The application is explicitly not a health app and therefore no health data is processed. These data are only information onvalues, strengths, positive beliefs (non-religious), negative beliefs (non-religious) and drivers. This data is processed by Seneration in the course of your use of the application to provide you with the products and services. The data you enter is processed by Seneration in order to provide you with personal coaching and further development in a self-organised manner within the framework of the app. You will be guided through various topics of personal development in an automated and individualised way and will be led to self-reflection and self-knowledge by means of questions. Findings are recorded and are available to you in your user profile.
6. Rights of the data subject
As a data subject, you can exercise the following rights if the legal requirements are met. Please use the contact details provided above under points 1. and 2:
Right to information about processed data according to Art. 15 DSGVO: You have the right to request information about your stored personal data from us at reasonable intervals. This information extends to the question of whether we have stored personal data of yours and, among other things, what the data is and for what purposes the data is processed. Upon request, we will provide you with a copy of the data that is the subject of the processing.
Right to rectification of inaccurate data pursuant to Art. 16 DSGVO: In addition, you have the right to request Seneration to correct incorrectly stored data.
Right to erasure according to Art. 17 DSGVO: You have the right to request that Seneration erases your personal data. We are obliged to delete your personal data if, among other things, it is no longer necessary for the purposes for which it was collected or otherwise processed, if you have withdrawn your consent or if the data was processed unlawfully.
Right to restriction of processing according to Art. 18 DSGVO: Under certain circumstances, you have the right to restrict the processing of your personal data. This includes if you dispute the accuracy of your personal data and we have to verify your objection. In that case, your data may not be further processed by us, with the exception of storage, until the question of accuracy has been clarified.
Right to data portability pursuant to Art. 20 DSGVO: Should you wish to switch to another service provider, you have the right to have us hand over the data you have provided to us on the basis of your consent or on the basis of an existing contractual relationship with you in a common, machine-readable format or – at your choice – transfer it to a third party.
Right to revoke your consent pursuant to Art. 7 (3) DSGVO: If you have given us consent to process data, you can revoke this at any time by the same means by which you gave it. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Right to object according to Art. 21 (1) DSGVO: You may object to data processing for reasons arising from your particular situation if the data processing is based on our legitimate interests.
Right to complain to a supervisory authority pursuant to Art. 77 (1) DSGVO: You have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the supervisory authority responsible for Seneration (Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach).