Data protection declaration for the MALOUM website and the MALOUM web app
Data protection and the security of your data when using our website and our web app are important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and when you use our web app and for what purposes this data is used. Since changes in the law or changes to our internal company processes may make it necessary to adapt this data protection declaration, we ask that you regularly access the most recent version of this data protection declaration at https://www.maloum.com.
§ 1 Person responsible and scope
The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:
MALOUM neolime GmbH Kolonitzgasse 10/4, 1030 Vienna, Austria E-Mail: email@example.com Website: www.maloum.com
This data protection declaration applies to the website of neolime GmbH, which can be accessed under the domain www.maloum.com and all subdomains (hereinafter referred to as "our website") and for the MALOUM web app.
§ 2 What is personal data?
Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as the name, age, address, telephone number, date of birth, e-mail address or IP address of the users of our website and our web app ("our services" ). You can use our services as a creator (user who produces content such as videos or photos and makes this content available to us so that we can make it available to other users of the online content platform, whether for a fee or free of charge) or as a fan (user who produces content Consuming or following a creator, subscribing to content created by the creator, accessing content for free or for a fee). Information for which we cannot (or only with a disproportionate effort) establish a connection to your person, e.g. B. by anonymizing the information, are not personal data. The processing of personal data (e.g. collection, querying, use, storage or transmission) always requires a legal basis or the consent of the user.
§ 3 Data processing on our website and in our web app (collectively "our services")
1. Providing and Using the Website and Web App
a) Scope and purpose of data processing
When accessing and using our services, we collect personal data that your end device automatically transmits to our server. The following information is recorded without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer
- Date, time and duration of access, name and URL of the retrieved file
- Website from which access is made (referrer URL)
- browser used
- the operating system of your computer
The data mentioned are processed for the following purposes:
- Make available our services and the related functions
- Analyzing the use of our services
- Improving the functionality and performance of the web app
b) Legal basis of processing
Art 6 Para 1 lit f GDPR serves as the legal basis for the data processing mentioned under a). The processing of the data mentioned is necessary to provide our services and to enable safe and convenient use and thus protects a legitimate interest of our company. In addition, there are no higher interests of the user, so that our interest prevails.
c) Duration of storage and data deletion
In principle, we only process and store personal data for as long as is required for the purpose for which it was collected or insofar as we are legally obliged to do so.
i) Personal data processed for the purpose of fulfilling the contract with the user will be stored at least until the contract has been fulfilled.
ii) Personal data that is processed by our company to protect our legitimate interests (e.g. as part of the provision of our services, for user and customer support, for the further development of our offer, for enforcing and defending legal claims, etc.). retained for as long as is necessary to fulfill these purposes.
iii) In addition, we are permitted to store personal data for a longer period of time if the user has consented, as long as the consent is not revoked, or if this is necessary to fulfill a legal (storage) obligation (e.g. according to tax regulations) or required by order of an authority.
iv) After the retention period has expired (usually six to ten years after the end of the contract), who which your personal data will be deleted, unless our company has a legitimate interest in accordance with point ii. more available.
2. Registering a User Profile
a) Scope of data processing
In our web app and in the mobile web interface, we offer users over the age of 18 the opportunity to register by providing their personal data. With the processed data, we create an individualized user account for the respective user, with which you can use certain content and services.
The following overview shows you in detail which categories of personal user data we process when registering:
- First and Last Name
- E-mail address
- Birth date
b) The data mentioned will be processed for the following purposes:
- Use of our Services
c) Legal basis of processing
The processing and transfer of the personal data mentioned in a) is based on the declaration of consent given voluntarily by the user when registering (Art 6 Para 1 lit a GDPR). A withdrawal of consent is possible at any time with effect for the future at our contact address mentioned in § 1. With regard to the data of a creator that is to be disclosed as mentioned in a), the processing and forwarding is also based on the legal basis of the fulfillment of the contract (Art. 6 Para. 1 lit. b GDPR).
d) Duration of storage and data deletion
As soon as the registration or the user account is deleted or changed, the data processed during the registration process will be deleted. Further storage will take place in individual cases if this is required by law or is necessary to safeguard, enforce or defend legal claims.
e) Deletion/modification of your data
As a user, you have the option of deleting your user account at any time. You can have the data stored about you changed at any time. To do this, proceed as follows: send us an email to: firstname.lastname@example.org and we will immediately take care of the next steps.
§ 4 Data transfer to third parties
*1. Legal bases
We only pass on your personal data processed in connection with the use of our services to third parties if
a) you have given your express consent to this (Art 6 Para 1 lit a GDPR), or b) which is necessary to fulfill a contractual relationship with you (Art 6 Para 1 lit b GDPR); or c) there is a legal obligation to pass on pursuant to Art. 6 Para. 1 lit. c GDPR, or d) the disclosure pursuant to Art. 6 Para. 1 lit It is assumed that you have an overriding legitimate interest in not disclosing your data. In principle, no personal data is passed on to third parties outside the European Union and the European Economic Area.
If this is necessary for the above purposes, we will transmit your personal data to the following recipients or categories of recipients:
a) To IT service providers and/or providers of data hosting solutions or similar services; b) To other service providers, providers of tools and software solutions who also support us in providing our services; c) To our legal representative, if this is necessary in connection with legal proceedings or to assert or defend claims; d) To courts, authorities and other third parties, insofar as we are obliged to do so due to legal obligations, official or judicial decisions; e) To company buyers and insolvency administrators, insofar as this is necessary in connection with changes under company law (company sale, merger, restructuring, dissolution or similar events) or in the event of insolvency.
We make sure that our service providers and other recipients of personal data ensure the highest data protection standards that correspond to those of the Data Protection Act and the GDPR. In principle, we do not transfer any personal data to recipients outside the European Union and the European Economic Area. Should this be necessary in exceptional cases, the data transfer must be subject to suitable guarantees to protect the fundamental rights and interests of the data subject (through the conclusion of standard contractual clauses issued by the European Commission).
1. Type and scope of data processing
a) Transient cookies: These cookies are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. This allows various requests from your browser to be assigned to a session and it is possible for us to recognize your end device on subsequent website visits within a session. b) Persistent cookies: Persistent cookies are cookies that are stored in your browser for a longer period of time and transmit information to us. The respective storage period differs depending on the cookie. You can delete persistent cookies independently via your browser settings. c) Required cookies: These cookies are required for technical reasons so that you can visit our website and use the functions we offer. d) Performance-related cookies: These cookies enable us to analyze website usage and improve the performance and functionality of our website. For example, information is collected about how our website is used by visitors, which pages are accessed most frequently, or whether error messages are displayed on certain pages. In addition, these cookies contribute to the safe and correct use of the website.
3. Duration of storage
As soon as the data transmitted to us via the cookies is no longer required to achieve the purposes described above, this information will be deleted. Further storage will take place in individual cases if this is required by law.
4. Configuration of browser settings
Most browsers accept cookies by default. However, you can configure your browser in such a way that it only accepts certain cookies or no cookies at all. In this case, you may no longer be able to use all the functions of our website if cookies are deactivated through your browser settings on our website.
Insofar as the data processed by us according to § 3 of this data protection declaration and listed above should be necessary to fulfill the contractual relationship with you, we can no longer provide our services after deletion and in the event of refusal to provide this data.
§ 6 Tracking and analysis tools on our website
Our website uses Hotjar from the provider Hotjar Ltd. (Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe). Hotjar is a service for analyzing your user behavior on our website. With Hotjar we can e.g. Record your mouse and scroll movements and clicks. Hotjar can also determine how long you stayed on a certain spot with the mouse pointer. Hotjar uses this information to create so-called heat maps, which can be used to determine which website areas are viewed by website visitors. We can also determine how long you stayed on a page and when you left it. We can also determine at which point you canceled your entries in a contact form (so-called conversion funnels). In addition, direct feedback from website visitors can be obtained with Hotjar. This function serves to improve the web offers of the website operator. While you surf through our website, Hotjar automatically collects information about your user behavior. In order to be able to collect this information, we have installed our own tracking code on our website. The following data can be collected via your computer or browser:
- IP address of your computer (collected and stored in an anonymous format)
- screen size
- Browser information (which browser, which version on etc.)
- Your location (but only the country)
- Your preferred language setting
- Visited websites (subpages)
- Date and time of access to one of our subpages (websites)
The use of Hotjar and the storage of Hotjar cookies is based on Art 6 Para 1 lit f GDPR. We have a legitimate interest in analyzing user behavior in order to optimize both our website and our advertising.
If you want to deactivate data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/opt-out. Please note that Hotjar must be deactivated separately for each browser or device.
§ 7 Plugins and Tools
1. Social Media Plugins
Social plugins from the following networks are included on our website, in our web app and in our social media presence:
a) Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Dublin, Ireland) b) Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) c) Pinterest ( Pinterest Europe Ltd., Palmerston House, 2nd Floor Fenian Street, Dublin 2, Ireland) d) Snapchat (Snap Group Ltd., 77 Shaftesbury Avenue, London, W1D 5DU, United Kingdom)
These services are offered by the respective companies ("Providers"). The social plugins are identified by the respective buttons belonging to the service. Based on the data transmitted to the respective service provider via the social plugins, they can assign you to your account. In order to increase the protection of your data, the social plugins are integrated on our website using the "2-click solution". This ensures that no automatic connection to the servers of the respective provider is established when our website is accessed. To activate a social plugin, you must first click on the link on our website or web app. This activates the social plugin and your browser establishes a connection to the provider's servers. With a second click, you can interact with the social plugin and, for example, submit your recommendation. If you are already logged in to one of the providers' social networks, the providers can immediately assign your visit to this website to your profile. The information may also be published on the social network and displayed there among your contacts. If you want to prevent your data collected via our website from being directly assigned to your profile, you must log out of your account with the respective provider before visiting our website. The scope and purpose of the data collection by and to the respective provider as well as the further processing and use of your data there can be found in the data protection notices directly on the website of the service. There you will receive further information about your data protection rights and setting options to protect your privacy.
2. Adobe Fonts
Unsere Website verwendet den Dienst Typeform des Anbieters TYPEFORM, S.L. (Bac de Roda 163, 08018 Barcelona, Spanien). Weitere Informationen zum Umgang mit Nutzerdaten finden Sie in der Datenschutzerklärung von Typeform: https://admin.typeform.com/to/dwk6gt.
Our website uses the IXOpay service from the provider IXOPAY GmbH (Mariahilfer Straße 77 - 79, 1060 Vienna, FN 451099g, Vienna Commercial Court). IXOpay is used to carry out payments when using paid content. This enables us to fulfill contractual obligations within the meaning of Art 6 Para 1 lit b GDPR.
§ 8 Hyperlinks
On our Our website and our web app contain hyperlinks to websites of other providers. If you click on these hyperlinks, you will be forwarded directly to the website of the other provider. We cannot be responsible for the protection of your privacy on these websites as we have no control over the content of these companies. Please visit these websites directly for information on how these companies handle your personal data.
§ 9 Your rights as a data subject
As a data subject, you have rights within the meaning of the GDPR:
a) The right to information about your stored personal data, its origin and recipient and the purpose of data processing (Article 15 GDPR). b) The right to obtain a copy of the processed personal data in a machine-readable format. c) The right to check, correct and transfer your data to another person responsible and to object to the processing, to restrict the processing or to delete processed data (Article 16 et seq. GDPR). d) In cases of transfer of User Personal Data abroad, the right to access or be referred to the appropriate or reasonable guarantees and the possibility of knowing how a copy thereof can be obtained or where they are available. e) If you believe that the processing of your personal data violates the applicable data protection law or your data protection rights have been violated in any other way, you can complain to the responsible supervisory authority. In Austria, this is the data protection authority (e-mail: email@example.com).
Your request for information, deletion, correction, objection and/or data transfer should be sent to the e-mail address firstname.lastname@example.org. Exercising your user rights is free of charge and will be processed by us as soon as possible, at the latest within one month. If you believe that the processing of your personal data violates the applicable data protection law or your data protection rights have been violated in any other way, you can complain to the responsible supervisory authority. In Austria, the data protection authority is responsible (e-mail: email@example.com; address: Barichgasse 40-42, 1030 Vienna).
§ 10 Data security and security measures
We will treat your personal data confidentially. In order to avoid manipulation, loss or misuse of your data stored by us, we take extensive IT-technical and organizational security precautions on our website (e.g. SSL encryption) and in our web app, which are regularly checked and adapted to technological progress . However, we cannot prevent the data protection regulations from being disregarded by persons or institutions outside our area of responsibility. In particular, unencrypted data could be read by third parties. We have no technical influence on this. It is your responsibility as a user to protect the data you have made available against misuse by encryption or in some other way.
§ 11 Changes
Changes in the law or changes to our internal company processes may make it necessary to adapt this data protection declaration. We therefore reserve the right to update this data protection declaration from time to time and ask you to regularly access the most recent version of this data protection declaration at https://www.maloum.com/privacy.