1. Name and contact details of the party responsible for processing the data and of the company Data Protection Officer
CodeCheck AG (hereinafter referred to as „CodeCheck“)
Limmatstrasse 291, 8005 Zürich, Schweiz
Tel: +41 44 450 25 41
2. Collecting and storing personal data; type and purpose, and the manner in which such is used
a) When visiting the website / mobile apps
When you access our websites, including www.codecheck.info or our mobile apps, information is automatically sent to our website’s server by the browser installed on your end device. This information is stored temporarily in a so-called log file. In the process, the following information is collected and stored without any action on your part:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the accessed file,
- website from which our website was accessed (referrer URL),
- browser type and version and other information transmitted by the browser (such as your computer’s operating system, the name of your access provider, language setting, etc.).
The aforementioned data is processed by us for the following purposes:
- to ensure that a connection can be established smoothly to our website and app,
- to ensure that our website and app are easy to use,
- to evaluate the security and stability of the system, and
- for other administrative purposes.
Art. 6 (1) f) GDPR [General Data Protection Regulation] forms the legal basis for processing the data. Our legitimate interest follows from the purposes for processing data listed above. In no event do we use the collected data for the purpose of identifying you.
b) When registering as a user
You also have the option of setting up a password-protected user account with us. This offers you additional functions and allows us to tailor the range of functions and offers available on our website and in our mobile app to your personal interests.
If you would like to set up a password-protected user account with us, you will only need to provide us with a valid email address or Facebook or Google access.
To set up a user account, you will also have to a enter a password that you have chosen yourself. You will then be able to use this password together with your email address to log in to your user account. In your user account, you can view and change the data stored under your name at any time.
We shall store your personal data in a user account only if you have given us your voluntary consent to do so pursuant to Art. 6 (1) a) GDPR.
Where you have withdrawn your consent or your user account has been deleted, your data shall be automatically deleted for further use, unless you have consented to having your data stored above and beyond this pursuant to Art. 6 (1) a) GDPR.
c) When registering for our newsletter
Where you have given us your express consent to do so pursuant to Art. 6 (1) a) GDPR, we shall use your email address to send you our customized newsletter at regular intervals. Providing us with your name and email address shall be sufficient to receive the newsletter.
For our newsletter service we use MailChimp, a newsletter dispatch platform operated by the US corporation Rocket Science Group // 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, US. You can view MailChimp’s data privacy regulations here: https://mailchimp.com/legal/privacy/.
You may unsubscribe at any time, e.g. via a link at the bottom of each newsletter. Alternatively, you can unsubscribe by sending an email at any time to firstname.lastname@example.org.
d) When using our contact form
If you have any questions, you also have the option of contacting us via a form provided for this purpose on the website. You will need to enter the following information in this case:
- first name, last name,
- address, and
- a valid email address.
We need your details to determine who asked the question and to be able to answer it. You may also provide your telephone number on a voluntary basis.
Data processing shall be performed on the basis of your request and, within the context of the question submitted on the contact form, shall be based on the legitimate interests pursued by us pursuant to Art. 6 (1) f) GDPR.
The personal data collected by us upon your use of the contact form shall be deleted after your question has been answered.
3. Disclosure of data to third parties
In addition, we shall disclose your personal data to third parties only where:
- you have given us your express consent to do so pursuant to Art. 6 (1) a) GDPR,
- there is a legal obligation to disclose said data pursuant to Art. 6 (1) c) GDPR, and
- the disclosure of said data pursuant to Art. 6 (1) f) GDPR is necessary for the purpose of asserting, exercising or defending legal claims and there is no reason to assume that you have an overriding and legitimate interest in not allowing your data to be disclosed.
Information obtained from the specifically used end device is stored on the cookie. However, this does not mean that we are immediately informed of your identity.
The purpose of using cookies, on the one hand, is to make is easier for you to use our website. We use so-called session cookies to let us know that you have visited certain pages of our website before.
To make our website more user-friendly, we also use temporary cookies that are stored on your end device for a specific period of time. If you visit our website again to use our services, our system automatically recognizes you from your last visit and can tell what information you entered and what settings you used so that you don’t have to repeat these steps.
The data processed by cookies is necessary to safeguard our legitimate interests and those of third parties pursuant to Art. 6 (1) f) GDPR for the specified purposes.
5. No personalized advertising in the apps
If you don’t want personalized advertising in the apps, you can disable it in the mobile device’s settings (Android: Settings > Google / Google Services > Ads; iOS: Settings > Privacy > Advertising). The ad ID will then be transferred with an appropriate addition, and providers should no longer use it for advertising purposes.
6. Analysis Tools
he tracking and targeting activities listed below and used by us are performed on the basis of Art. 6 (1) f) GDPR.
The purpose of the tracking activities is to ensure that our website is tailored to the user’s needs and that it is continuously optimized. On the other hand, we use tracking activities to statistically record how our website is used and to analyze this for the purpose of optimizing our website for you.
Our use of targeting activities aims to ensure that only those ads that reflect your actual or assumed interests are displayed on your end devices.
These interests are thus legitimate within the meaning of the aforementioned regulation.
The respective purposes of data processing and relevant data categories are indicated in the corresponding tracking and targeting tools.
a) Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc., (1600 Amphitheatre Parkway, Mountain View, CA 94043, US; hereinafter referred to as “Google”) to tailor our web pages to the user’s needs and to continuously optimize them. In this context, pseudonymized user profiles are created and cookies used (see Section 4). The information gathered by the cookie on how you use the website such as
- browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of server request,
is transmitted to a Google server in the US and stored there. Google is subject to the EU-US Privacy Shield, meaning that an adequate level of data protection is guaranteed.
This information is used to evaluate how the website is used, to compile reports on site activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and to tailor these websites to the user’s needs. This information will also be forwarded to third parties if necessary, insofar as this is legally stipulated or insofar as third parties process this data on behalf of Google. In no event will Google link your IP address with other Google data. The IP addresses are anonymized, to prevent identification (IP masking).
You can prevent the installation of cookies by adjusting your browser software accordingly; in this case, however, we must point out that not all functions of this website may be available to you in their full capacity.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing a browser add-on.
Alternatively to the browser add-on, particularly with regard to browsers on mobile end devices, you can prevent Google Analytics from collecting your data by clicking on the following link. This sets an opt-out cookie, which prevents your data from being collected when you visit this website in future. The opt-out cookie applies only to this browser and only to our website, and is set on your device. If you delete the cookies in this browser, you will have to reset the opt-out cookie.
You can find further information on data privacy in connection with Google Analytics in, for example, the Google Analytics Help Center.
Google Analytics SDK
On this website, information on the surfing habits of the website visitors is collected and stored for marketing purposes in anonymized form using Criteo GmbH technology. Cookies are used for this purpose (see Section 4). Criteo uses an algorithm to analyze the surfing habits and can then display specific personalized banner ads or other ads on other websites (so-called publishers). In no event can the collected data be used to personally identify the person visiting this website. The collected data is used only to improve our website. This information shall not be used for any other purpose or forwarded to third parties.
You can object to the anonymized analysis of your surfing habits on this page by clicking on this link.
If you have opted-out of this (opt-out cookie) and you would like to have personalized Criteo banners displayed again, please, click here.
These technologies enable us to show you ads that are individually tailored to your interests. The cookies used collect, for example, details on our products that you have shown an interest in. Using this information, we can also display ads on other websites that are specifically geared towards your interests, identified on the basis of your previous user conduct. Information on your user conduct is collected and evaluated completely pseudonymously, which makes it impossible for us to identify you. This information, in particular, is not combined with any other data that relates to you personally.
The cookie is deleted automatically after 30 days.
You can also adjust settings to show interest-based ads via the Google Ads Settings manager.
d) Google Adwords Remarketing
We use Google remarketing tags. These are services provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, US; hereinafter referred to as “Google”). Google uses “cookies” (see Section 4), which are stored on your computer and enable an analysis of how you use the site. The information collected by the cookie on your use of this website (including your IP address) is transmitted to a Google server in the US and stored there. The last three characters of the IP address are then truncated by Google so that the IP address can no longer be linked to a specific person. Google complies with the data privacy regulations of the US Safe Harbor agreement and is registered with the Safe Harbor program run by the US Department of Commerce. Google will use this information to evaluate how you use the website, to compile reports on site activities for the website operators, and to provide further services connected with the use of the website and the Internet.
Google will also forward this information to third parties if necessary, insofar as this is legally stipulated or insofar as third parties process this data on behalf of Google. Third-party providers, including Google, display ads on websites on the Internet. Third-party providers, including Google, use stored cookies to display ads on the basis of previous visits by a user to this website. On no account will Google link your IP address with other Google data. You may object to the collection and storage of data at any time with effect for the future. You can prevent Google from using cookies by accessing the page that enables you to deactivate Google ads.
We must point out, however, that in this case, not all functions of this website may be available to you in their full capacity. By using this website, you thereby consent to the processing of the personal data collected by Google relating to you in the manner described above and for the purpose specified above. Further information on Google’s regulations is available here.
On the basis of Art. 6 (1) f) GDPR, we use social plug-ins on our website to promote our company. The underlying promotional purpose shall be deemed a legitimate interest within the meaning of the GDPR. The respective provider shall be responsible for guaranteeing compliance with data privacy laws. We integrate these plug-ins by way of the double-click method in order to offer visitors to our website the best possible protection.
So-called plug-ins from the social network Facebook, a service operated by Facebook Inc., are used on our website. The Facebook plug-ins are marked with a Facebook logo or the addition “Like” or “Share”. You can find an overview of the Facebook plug-ins and what they look like at https://developers.facebook.com/docs/plugins.
If you call up a page of our website that contains such a plug-in and activate this plug-in yourself, your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted directly to your browser by Facebook and integrated into the page.
By way of this integrated content, Facebook receives the information that your browser has accessed the respective page of our website even if you do not have a Facebook profile or are currently not logged into Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the US and stored there.
If you are logged into Facebook, Facebook can directly link your visit to our website with your Facebook profile. If you interact with plug-ins, for example by pressing the “Like” button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and is then visible to your Facebook friends.
You can also completely prevent Facebook plug-ins from being uploaded by installing add-ons in your browser.
So-called plug-ins from the social network Google Plus, a service operated by Google Inc., are used on our website. The plug-ins can be recognized, for example, by the “+1” button on a white or colored background. You can find an overview of the Google plug-ins and what they look like here: https://developers.google.com/+/plugins
If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Google servers. The content of the plug-in is transmitted directly to your browser by Google and integrated into the page. By way of this integrated content, Google receives the information that your browser has accessed the respective page of our website even if you do not have a Google Plus profile or are currently not logged into Google Plus. This information (including your IP address) is transmitted directly from your browser to a Google server in the US and stored there. If you are logged into Google Plus, Google can directly link your visit to our website with your Google Plus profile.
If you interact with plug-ins, for example by pressing the “+1” button, this information is also transmitted directly to a Google server and stored there. The information is also published on Google Plus and is then visible to your contacts.
If you do not want Google to directly link the information collected on your visit to our website with your Google Plus profile, you must log out of Google Plus before visiting our website. You can also completely prevent Google plug-ins from being uploaded by installing add-ons in your browser, e.g. the script blocker “NoScript” (http://noscript.net/).
For our apps we use the analysis technology “Adjust.io“, a system of Adeven GmbH, Saarbrücker Straße 36, 10405 Berlin / Germany. Adeven uses IP addresses and device identifiers of the users (in anonymous form only) for the analysis. Data collection can be objected to at any time with effect for the future. Please click here: email@example.com.
e) Survey Town
f) Programmatic marketer Yieldlove
For the advertising pop-ups, we work together with the company Yieldlove GmbH, Kehrwieder 9, 20457 Hamburg / Germany, which cooperates with other third-party providers. Here you will find a list of the third-party providers used by Yieldlove and the respective opt-out options.
8. Social Login
To make it easier to register on our website and in the mobile apps, at the start of the registration process we offer you the option of using the so-called Single Sign-On solution (e.g. via Facebook or Google) to register.
Your personal data will be transmitted to us during registration via the provider insofar as you have given your express consent pursuant to Art 6. (1) a) GDPR for the provider (Facebook, Google) to do so.
This data is used
- to set up your user account and
- to check the plausibility of the information provided
You can then again disconnect the link within your account.
Information on the purpose and scope of data collection, the further processing and use of the data by Google or Facebook, your rights with regard to the above and settings to protect your privacy can be found in the Data Privacy Policies of Google and Facebook.
9. Rights of the data subject
You have the right:
- pursuant to Art. 7 (3) GDPR, to withdraw at any time any consent given. This means that, in future, we shall not be permitted to continue with the processing of the data for which this consent was granted;
- pursuant to Art. 15 GDPR, to request information on your personal data that is being processed by us. In particular, you may request information on the purposes for which the data is processed, the category of the personal data, the categories of those persons to whom your data has been / will be disclosed, the intended length of storage, the existence of the right to have the data corrected or deleted, the right to have data processing restricted or the right of objection, the existence of a right of complaint, the origin of your data where this has not been collected by us, and the existence of an automated decision-making process including profiling and, where applicable, detailed information on the particulars of this;
- pursuant to Art. 16 GDPR, to request that incorrect data be corrected or that your personal data stored by us be completed;
- pursuant to Art. 17 GDPR, to request that your personal data stored by us be deleted, insofar as the processing of such is not necessary for exercising the right to freedom of expression and information, meeting a legal obligation, for reasons of public interest or for asserting, exercising or defending legal claims;
- pursuant to Art. 18 GDPR, to request that the processing of your personal data be restricted, insofar as the accuracy of the data is contested by you, the processing is unlawful, but you refuse to have the data deleted and we no longer need the data, but you need these for asserting, exercising or defending legal claims or, pursuant to Art. 21 GDPR, you have entered an objection to the processing of the data;
- pursuant to Art. 20 GDPR, to receive the personal data provided to us by you in a structured, commonly used and machine-readable format or to request that the data be transmitted to another responsible party and
- pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a general rule, you can address this complaint to the competent supervisory authority at your usual place of residence or business or at our place of business.
10. Right of objection
Provided that your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f) GDPR, you have the right to enter an objection to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are reasons for this which arise from your particular situation or where the objection refers to direct marketing. In the latter case, you have a general right of objection that will be implemented by us without reference to a particular situation.
If you would like to make use of your right of objection, an email to firstname.lastname@example.org shall suffice.
11. Data security
All data personally provided by you is transmitted in encrypted form by way of the commonly used, secure TLS (Transport Layer Security) standard. TLS is a secure and well-tested standard, which is also used, for example, in online banking. You can recognize a secure TLS connection, for example, by the letter s added to the http (https://..) in the address bar of your browser or by the lock symbol located at the bottom of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are constantly revised in line with technological advancements.
This Data Protection Policy is currently valid and was last updated in March 2019.