¡El sitio web también está disponible en español!
Privacy policy
Introduction
With the following data protection declaration, we would like to inform you about the types of your personal data (hereinafter also referred to as "data" for short) that we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both as part of the provision of our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "Online Offer").
The terms used are not gender-specific.
Status: July 28, 2022
Content overview
- Introduction
- Responsible party
- Overview of processing operations
- Applicable legal bases
- Security measures
- Deletion of data
- Community functions
- Contact and inquiry management
- Web analysis, monitoring and optimization
- Online marketing
- Modification and updating of the privacy policy
- Rights of data subjects
Responsible
CanariasHub.com Plaza de la Candelaria, 1 38003 Santa Cruz de Tenerife, España
E-mail address: info@canariashub.com
Overview of processing
The following overview summarizes the types of data processed and the purposes of their processing, and refers to the data subjects.
Types of data processed
- Contact data.
- Content data.
- Usage data.
- Meta/communication data.
Categories of data subjects.
- Communication partners.
- users.
Purposes of processing.
- Provision of contractual services and customer service.
- Contact requests and communication.
- Security measures.
- Reach measurement.
- Tracking.
- Managing and responding to inquiries.
- Feedback.
- Marketing.
- Profiles with user-related information.
- Provision of our online offer and user experience.
Applicable legal bases
Below you will find an overview of the legal bases of the DSGVO, on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Furthermore, should more specific legal bases be relevant in individual cases, we will inform you of these in the data protection declaration.
- Consent (Art. 6 (1) p. 1 lit. a) DSGVO) - The data subject has given his/her consent to the processing of personal data concerning him/her for a specific purpose or purposes.
- Contractual performance and pre-contractual requests (Art. 6 (1) p. 1 lit. b) DSGVO) - Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures carried out at the data subject's request.
- Reasonable interests (Art. 6(1) p. 1 lit. f) DSGVO) - Processing is necessary for the purposes of the legitimate interests of the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
Security measures
We take appropriate technical and organizational measures in accordance with the law, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input of, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, the deletion of data, and responses to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software as well as procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
SSL encryption (https): To protect your data transmitted via our online offer, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address line of your browser.
Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data has ceased to apply or it is not required for the purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes. That is, the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person.
Our data protection notices may also contain further information on the retention and deletion of data, which will take precedence for the respective processing operations.
Community functions
The community functions provided by us allow users to enter into conversations or other exchanges with each other. In doing so, we ask you to note that the use of the community functions is only permitted in compliance with the applicable legal situation, our terms and guidelines, and the rights of other users and third parties.
- Types of data processed: Usage data (e.g. web pages visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g., website visitors, users of online services).
- Purposes of processing: Provision of contractual services and customer service; security measures.
- Legal basis: Contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b) DSGVO).
Further notes on processing operations, procedures and services:.
- Setting the visibility of posts: Users can use settings to determine the extent to which the posts and content they create are visible, or accessible, to the public or only to certain individuals or groups; Legal basis: Contract performance and pre-contractual requests (Art. 6 (1) p. 1 lit. b) DSGVO).
- Right to delete content and information: The deletion of contributions, content or information of users is permissible after proper consideration to the extent necessary insofar as there are concrete indications that they represent a violation of legal rules, our specifications or rights of third parties; Legal basis: Contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b) DSGVO).
- Protection of own data: Users themselves decide what data they disclose about themselves within our online offering. For example, when users provide information about themselves or participate in conversations. We ask users to protect their data and to disclose personal data only with caution and only to the extent necessary. In particular, we ask users to note that they must protect access data very particularly and use secure passwords (i.e., above all, character combinations that are as long and random as possible); Legal basis: Contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b) DSGVO).
Contact and inquiry management
When contacting us (e.g. via contact form, e-mail, telephone or via social media) as well as in the context of existing user and business relationships, the information of the inquiring persons is processed insofar as this is necessary to answer the contact inquiries and any requested measures.
The response to the contact inquiries as well as the management of contact and inquiry data in the context of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of legitimate interests in responding to the inquiries and maintaining user or business relationships.
- Types of data processed: Contact data (e.g. e-mail, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta/communication data (e.g. device information, IP addresses).
- Data subjects: Communication partners.
- Purposes of processing: Providing contractual services and customer service; contact inquiries and communication; managing and responding to inquiries; feedback (e.g. collecting feedback via online form); providing our online offer and user experience.
- Legal basis: Contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b) DSGVO); Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO).
Further notes on processing operations, procedures and services: **.
- Contact form: If users contact us via our contact form, e-mail or other communication channels, we process the data communicated to us in this context for the purpose of processing the communicated request. For this purpose, we process personal data in the context of pre-contractual and contractual business relationships, insofar as this is necessary for their fulfillment and otherwise on the basis of our legitimate interests as well as the interests of the communication partners in responding to the requests and our legal retention obligations; Legal basis: Contractual performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b) DSGVO), Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO).
Web analysis, monitoring and optimization
Web analytics (also referred to as "reach measurement") is used to evaluate the flow of visitors to our online offering and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can recognize, for example, at what time our online offer or its functions or content are most frequently used or invite re-use. Likewise, we can understand which areas need optimization.
In addition to web analytics, we may also use testing procedures, for example, to test and optimize different versions of our online offering or its components.
Unless otherwise stated below, profiles, i.e. data summarized for a usage process, may be created for these purposes and information may be stored in a browser, or in a terminal device, and read from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times. If users have agreed to the collection of their location data from us or from the providers of the services we use, location data may also be processed.
The IP addresses of the users are also stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. Generally, in the context of web analysis, A/B testing and optimization, no clear data of the users (such as e-mail addresses or names) are stored, but pseudonyms. This means that we as well as the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g., website visitors, users of online services).
- Purposes of processing: Reach measurement (e.g. access statistics, recognition of returning visitors); profiling with user-related information (creation of user profiles); tracking (e.g. interest/behavior-related profiling, use of cookies); provision of our online offer and user experience.
- Security measures: IP masking (pseudonymization of the IP address).
- Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a) DSGVO).
Further notes on processing processes, procedures and services:
- Google Analytics: Web analytics, reach measurement as well as measurement of user flows; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a) DSGVO); Website: https://marketingplatform.google.com/intl/de/about/analytics/; Data protection statement: https://policies.google.com/privacy; Processing agreement: [https://business.safety.google/adsprocessorterms](https://business. safety.google/adsprocessorterms); Standard contractual clauses (ensuring level of data protection in case of processing in third countries): https://business.safety.google/adsprocessorterms; Opt-out: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, Ad display settings: https://adssettings.google.com/authenticated; Further information: https://privacy.google.com/businesses/adsservices (types of processing as well as data processed).
Online marketing
We process personal data for online marketing purposes, which may include, in particular, the marketing of advertising space or display of promotional and other content (collectively, "content") based on potential user interests and the measurement of its effectiveness.
For these purposes, so-called user profiles are created and stored in a file (so-called "cookie") or similar procedures are used, by means of which the information about the user relevant to the presentation of the aforementioned content is stored. This information may include, for example, content viewed, websites visited, online networks used, but also communication partners and technical information, such as the browser used, the computer system used and information on usage times and functions used. If users have consented to the collection of their location data, this may also be processed.
The IP addresses of users are also stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored as part of the online marketing process, but pseudonyms. This means that we, as well as the providers of the online marketing procedures, do not know the actual identity of the users, but only the information stored in their profiles.
The information in the profiles is usually stored in the cookies or by means of similar procedures. These cookies can later generally be read on other websites that use the same online marketing procedure and analyzed for the purpose of displaying content as well as supplemented with further data and stored on the server of the online marketing procedure provider.
Exceptionally, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing procedure we use and the network links the users' profiles with the aforementioned data. We ask to note that users may make additional arrangements with the providers, e.g., by giving consent as part of the registration process.
In principle, we only receive access to summarized information about the success of our advertisements. However, in the context of so-called conversion measurements, we can check which of our online marketing processes have led to a so-called conversion, i.e., for example, to a conclusion of a contract with us. The conversion measurement is used solely to analyze the success of our marketing measures.
Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.
- Types of data processed: Usage data (e.g. web pages visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g., website visitors, users of online services).
- Purposes of processing: Reach measurement (e.g. access statistics, recognition of returning visitors); tracking (e.g. interest/behavior-based profiling, use of cookies); marketing; profiling with user-related information (creation of user profiles).
- Security measures: IP masking (pseudonymization of the IP address).
- Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a) DSGVO). Possibility of objection (opt-out): We refer to the data protection notices of the respective providers and the objection options specified for the providers (so-called "opt-out"). If no explicit opt-out option has been specified, you have the option of disabling cookies in your browser settings. However, this may restrict functions of our online offer. We therefore recommend the following additional opt-out options, which are offered in summary form for the respective regions: a) Europe: https://www.youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA: https://www.aboutads.info/choices. d) Cross-territory: https://optout.aboutads.info.
Additional notices regarding processing, practices and services:.
- Google Adsense with personalized ads: We use the service Google Adsense with personalized ads, with the help of which ads are displayed within our online offer and we receive remuneration for their display or other use; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a) DSGVO); Website: https://marketingplatform.google.com; Data protection statement: https://policies.google.com/privacy; Further information: Types of processing as well as data processed: https://privacy.google.com/businesses/adsservices; Google Advertising Products Data Processing Terms: Information on Services Data Processing Terms between Controllers and Standard Contractual Clauses for Third Country Transfers of Data: https://business.safety.google/adscontrollerterms.
- Google Adsense with non-personalized ads: We use the service Google Adsense with non-personalized ads, with the help of which ads are displayed within our online offer and we receive remuneration for their display or other use; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a) DSGVO); Website: https://marketingplatform.google.com; Data protection statement: https://policies.google.com/privacy; Further information: Types of processing and data processed: https://privacy.google.com/businesses/adsservices; Google Ads Controller-Controller Data Protection Terms and standard contractual clauses for data transfers to third countries: https://business.safety.google/adscontrollerterms.
Modification and update of the privacy policy
We ask you to regularly inform yourself about the content of our privacy policy. We adapt the data protection declaration as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.
Insofar as we provide addresses and contact information of companies and organizations in this data protection declaration, we ask you to note that the addresses may change over time and ask you to check the information before contacting us.
Rights of data subjects
As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:
- Right of objection: you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions. If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing..
- Right to revoke consent: You have the right to revoke any consent given at any time.
- Right of access: You have the right to request confirmation as to whether or not data in question is being processed and to obtain information about such data, as well as further information and a copy of the data in accordance with the law.
- Right to rectification: You have the right, in accordance with the law, to request that data concerning you be completed or that inaccurate data concerning you be rectified.
- Right to erasure and restriction of processing: You have the right, in accordance with the law, to request that data concerning you be erased without delay, or alternatively, in accordance with the law, to request restriction of the processing of the data.
- Right to data portability: You have the right to receive data relating to you that you have provided to us in a structured, common and machine-readable format, or to request that it be transferred to another controller, in accordance with the law.
- Complaint to supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the requirements of the GDPR.
Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke