Logo_PHOTOFUTURE_black

Privacy Policy of the Copytrack GmbH & the PHOTOFUTURE event

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with the provisions of the Basic Data Protection Ordinance (GDPR). “Personal data” means any information relating to an identified or identifiable natural person. “Processing” means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data.

1. Name and contact details of the controller and the company data protection officer

This data protection information applies to data processing by:

COPYTRACK GmbH
represented by the Managing Director Marcus Schmitt
Dresdener Strasse 31
10179 Berlin
Germany

Email: datenschutz@copytrack.com
Phone: +49-30-809.332.910
Fax: +49-30-809.332.999

The company data protection officer of COPYTRACK GmbH can be contacted at COPYTRACK GmbH, Datenschutzbeauftragter, Oranienburger Str. 4, 10178 Berlin, Germany or via datenschutz@copytrack.com.

2. Collection and storage of personal data as well as type and purpose of their use

2.1 When visiting the Website

When you visit our website www.copytrack.com and portal.copytrack.com, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without action on your part and stored until it is automatically deleted:

IP address of the computer requesting access,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
Identification data of the browser and operating system used (browser type/ browser version, operating system used),
Usage data (e.g. pages visited, interest in content, access times)

This data is processed for the purpose of enabling use of the website (connection establishment), system security, technical administration of the network infrastructure, optimization of the internet offer and convenient use of our website as well as measuring the coverage and for marketing purposes. The IP address is only evaluated in case of attacks on COPYTRACK’s network infrastructure and for statistical purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection.

In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations under Sections 4 and 6 of this data protection declaration.

2.2 Booking tickets

For the purpose of booking tickets, your name and e-mailaddress will be saved in order to send booked ticket as well as information about the current and future events. The data is saved on our server.

3. Cookies

We use cookies in our online offer. These are small files that your browser creates automatically and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do no damage to your device, do not contain viruses, Trojans or other malware.

The information stored in the cookie are small bits of data or code which identify the specific device used to connect to our website. However, this does not mean we have immediate knowledge of your identity.

The use of cookies serves to make the use of our website more comfortable for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These will be deleted automatically after leaving our site.

In addition, we also use temporary cookies that are stored on your device for a specified period of time to optimize user friendliness. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for you for the purpose of optimizing our offer (see Section 5). These cookies enable us to automatically recognize when you return to our site that you have already been with us. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can prevent you from using all functions of our website.

4. Sharing of data

Your personal data will not be transmitted to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

  • you have given your express consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • in the event that a legal obligation exists for the transfer pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR,
  • this is legally permissible and is necessary for the processing of contractual relationships with you pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

Insofar as the transfer is necessary to assert, exercise or defend legal claims or to provide our contractually owed services, COPYTRACK also transfers personal data to third countries, Art. 49 para. 1 b), c) GDPR.

If we commission third parties with the processing of data on the basis of an order processing contract, this is done on the basis of Art. 28 GDPR.

4.1 Communication service provider

We use third party services to better understand the use of COPYTRACK.

4.1.1 MailChimp

Information sent to registered customers is partly handled by the mail service provider “MailChimp”, a newsletter delivery platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The mail service provider is used on the basis of our legitimate interests according to Art. 6 Para. 1 letter f GDPR and an order processing contract according to Art. 28 Para. 3 S. 1 GDPR.

The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The data protection regulations of the shipping service provider can be viewed here: https://mailchimp.com/legal/privacy/.

5. Web analysis services

5.1 Tracking Tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 f GDPR. With the tracking measures used, we want to ensure that our website is designed to meet requirements and is continually optimized. We also use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

5.1.1 Google Analytics

We use Google Analytics, a web analysis service of Google Inc., on www.copytrack.com, app.copytrack.com and portal.copytrack.com for the purpose of demand-oriented design and continuous optimization of our pages. (https://www.google.de/intl/de/about/) (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; hereinafter “Google”).

When using Google Analytics, pseudonymised user profiles are created and cookies (see point 3) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version,
  • the operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request,

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the internet for the purposes of market research and demand-oriented design of these internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking).

We have a legitimate interest in the analysis, optimization and economic operation of our online offer; the legal basis for the use of Google Analytics is therefore Art. 6 Para. 1 lit. f. GDPR.

We have concluded a contract with Google regarding the processing of commissioned data and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Disable Google Analytics

Google Inc. is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://support.google.com/analytics/answer/7105316?hl=en). Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

We can also use the “Google Tag Manager” to integrate and manage Google analysis and marketing services into our website.

Further information on Google’s use of data for marketing purposes can be found on the overview page: https://www.google.com/policies/technologies/ads, Google’s data protection declaration can be accessed at https://www.google.com/policies/privacy

If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

6. Social networks

6.1 Company pages

COPYTRACK maintains company sites on various social networks and platforms in order to make contact with customers, interested parties and users and for marketing purposes. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services.

If user data is processed by the platform operators outside the EU, this can entail risks, e.g. the enforcement of user rights can be made more difficult.  COPYTRACK generally only works with providers that are certified under the privacy shield.  These providers undertake to comply with EU data protection standards.

The user data collected on the platforms is regularly processed for advertising and market research purposes.  Thus, for example, user profiles are created on the basis of user behavior and the resulting interests of the user.  These usage profiles make it possible, for example, to place advertisements tailored to the presumed interests of the user inside and outside the platform.  For this purpose, cookies are stored on the user’s computer, which provide information about the user’s behavior and thus the user’s interests.  In addition, data can also be stored in the user profiles that are independent of the devices used by the users, for example if you are a member of the relevant platforms and are logged in to them.

Pursuant to Art. 6 para. 1 lit. f.  GDPR, your personal data is processed on the basis of our legitimate interests in effective communication with users or our legitimate interests in user information.  If you are asked by the platform operator for consent to data processing, Art. 6 para. 1 lit. a., Art. 7 GDPR is the legal basis for processing.

Of course you can ask us for more information.  Please note, however, that only the platform operator has access to your user data and can take the necessary measures and provide information, which is why it makes more sense to contact the platform operator directly.

You will find detailed information on data protection and possible objections in the information provided by the platform operators linked below.

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.

Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000000TORzAAO&status=Active.

LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy Policy https://www.linkedin.com/legal/privacy-policy Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

6.2 Social Media Plug-ins

We use social plug-ins from the social networks Facebook, Twitter, Pinterest and LinkedIn on our website on the basis of art. 6 par. 1 p. 1 lit. f GDPR on www.copytrack.com to make our company better known. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation must be guaranteed by the respective provider. The integration of these plug-ins by us takes place in the way of the so-called two-click method around visitors of our web page in the best possible way to protect.

6.2.1 ShareThis

The social media plug-ins are provided to us by ShareThis, Inc, 4005 Miranda Avenue, Suite 100, Palo Alto, CA 94304-1227, USA (“ShareThis”). ShareThis collects personal data when using the social media plug-ins provided and provides its users with relevant, targeted advertising, analysis and data modeling based on social sharing. For this purpose, cookies, see point 3 of the data protection declaration, are set on your computer or pixel tags, HTTP headers (or other communication protocols) and browser identifiers are used. The data is processed pseudonymised.

We use the service of ShareThis on the basis of our legitimate interests, i.e. in the interest of the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR.

You can prevent the storage of cookies either by the settings of your internet browser or under the following opt-out link: https://www.sharethis.com/privacy/.

ShareThis is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L1HMAA0&status=Active). Privacy Policy: https://www.sharethis.com/privacy/.

6.2.2 Facebook

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Social Plugins (“Plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). We use the “LIKE” or “PART” button. This is an offer from Facebook.

When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated into the website.

By integrating the plugins, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and demand-oriented design of Facebook pages. To this end, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to associate the information collected through our website with your Facebook account, you must log out of Facebook before visiting our website.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights and setting options for the protection of your privacy can be found in the data protection information (https://www.facebook.com/about/privacy/) of Facebook.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). Privacy Policy: https://www.facebook.com/policy.php.

6.2.3 Twitter

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) on our website (Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, (Twitter. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).

When you access a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate the visit of our pages with your user account. We would like to point out that, as the provider of the pages, we are not aware of the content of the data transmitted or how it is used by Twitter.

If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.

Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization. For more information, please see Twitter’s privacy policy ((https://twitter.com/privacy).

6.2.4 Pinterest

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) on our website plugins from pinterest.com. Pinterest.com is a service of Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA.

The integrated “Pin it” button on our site informs Pinterest that you have accessed the corresponding page of our website. If you are logged in to Pinterest, Pinterest can associate this visit to our site with your Pinterest account and link the data. The data transmitted by clicking the “Pin it” button is saved by Pinterest.

For the purpose and scope of data collection, processing and use, as well as your rights and setting options for the protection of your privacy, you will find further information in the Pinterest data protection information, which you can access at http://pinterest.com/about/privacy/

To prevent Pinterest from associating your visit to our site with your Pinterest account, you must log out of your Pinterest account before visiting our site.

6.2.5 LinkedIn

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) on our website functions and contents of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland.

This may include, for example, content such as images, videos or texts and buttons with which users can express their appreciation of the content, subscribe to the authors of the content or our contributions.

If the users are members of the LinkedIn platform, LinkedIn can assign the call of the above contents and functions to the profiles of the users there. To prevent LinkedIn from associating your visit to our site with your LinkedIn account, you must log out of your LinkedIn account before visiting our site.

LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Privacy Policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy. Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

6.2.6 Google Fonts

We integrate the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy:

https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

7. Publication of job advertisements / online job applications

If you apply to COPYTRACK via our website form or by email, your application data will be processed by COPYTRACK for the purpose of handling the application procedure. If your application is followed by the conclusion of an employment contract, your transmitted data may be stored in your personnel file for the purpose of the usual organizational and administrative process in compliance with the relevant legal regulations of COPYTRACK.

The legal basis for data processing is Art. 6 para. 1 lit. a GDPR, i.e. the consent given by you when sending the documents to COPYTRACK, or Art. 6 para. 1 sentence 1 lit. b GDPR, if an employment contract is concluded.

8. Rights of the persons concerned

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
  • in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect or complete personal data stored by us;
  • to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • in accordance with Art. 18 GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible;
  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future and
  • to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters. The address of the supervisory authority responsible for our company:

Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219
10969 Berlin, Germany

9. Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 letter f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an email to datenschutz@copytrack.com.

10. Data security

Our website meets the high requirements of the Payment Card Industry Data Security Standard (PCI) and are certified as such.

COPYTRACK uses technical and organizational security measures to protect your personal data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

For security reasons and to protect the transmission of confidential content, such as requests you send to COPYTRACK as the site operator, copytrack.com uses SSL encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

11. Duration of storage

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

Your data will be kept for three years after the termination of a user contract with COPYTRACK. After that time, COPYTRACK will check if your data is still needed or while there is any legitimate reason to do so.

The personal data from the user interface of the contact form and those sent by email will not be deleted.

Data collected by Google Analytics when visiting the website is automatically deleted after a period of 14 months.

If your application for a position is rejected, the data you have submitted for application will automatically be deleted two months after notification of rejection. This does not apply if longer storage is necessary due to legal requirements (e.g. the burden of proof according to the General Equal Treatment Act) or if you have expressly agreed to longer storage in our database of interested parties.

The data collected via Fullstory is automatically deleted after one month.

12. Consequences of failure to provide data

There are no legal or contractual obligations for the provision of personal data to COPYTRACK. The specification of your first and last name, email address, postal address, bank details and your tax number when concluding a license, settlement, usage or agency agreement is mandatory for the conclusion and execution of the agreement with COPYTRACK. If you do not provide this data, you will not be able to use COPYTRACK’s services or conclude contracts with COPYTRACK.

13. Up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and is effective as of May 2018.

Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website under http://https://www.copytrack.com/privacy

Information pursuant to Art. 13 GDPR for registered users

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with Art. 13 of the General Data Protection Regulation (GDPR). Personal data is all information relating to an identified or identifiable natural person. Data of legal entities are not subject to the scope of the GDPR.

Identity of the controller

COPYTRACK GmbH, represented by Managing Director Marcus Schmitt, Dresdener Str. 31, 10179 Berlin

Contact details of the data protection office
COPYTRACK GmbH, Datenschutzbeauftragter
Oranienburger Str. 4 10178 Berlin
datenschutz@copytrack.com

Transfer to third countries

As far as the transfer is necessary for asserting, exercising or defending legal claims, COPYTRACK may also transfer personal data to third countries.

Duration of storage

After termination of the user contract concluded with COPYTRACK, COPYTRACK checks after three years whether we still need your data or whether we are opposed to deletion of legal storage obligations. The periods begin at the end of the year in which the contract was terminated.

Rights of the data subject

If COPYTRACK has collected personal data from you, you have the following rights under Articles 15 to 22 GDPR if the legal conditions are met: right to information, correction, deletion, restriction of processing and data transferability. Furthermore, according to Art. 14 para. 2 lit. c in conjunction with Art. 21 GDPR, you have a right of objection to the processing based on Art. 6 para. 1 lit. f GDPR.

Complaints to the supervisory authority

Under Article 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. The address of the supervisory authority responsible for our company:

Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, Germany, https://www.datenschutz-berlin.de/

Obligation to provide personal data

The personal data processed by us is necessary for the fulfilment of the contract, in particular for the enforcement of claims and for invoicing. There is no contractual or legal obligation to provide the data. Without the personal data, however, the execution of the contract is not possible.

Profiling

COPYTRACK does not use automated decisions including profiling with legal effect against affected persons.

Information pursuant to Art. 13, 14 GDPR for image users

COPYTRACK GmbH (hereinafter COPYTRACK), as a company based in the EU, is obliged to inform you about the processing of your personal data in accordance with Art. 14 of the General Data Protection Regulation (GDPR). Personal data is all information relating to an identified or identifiable natural person. Data of legal entities are not subject to the scope of the GDPR.

Identity of the controller

COPYTRACK GmbH, represented by Managing Director Marcus Schmitt, Dresdener Str. 31, 10179 Berlin
Contact details of the data protection officer

COPYTRACK GmbH, Datenschutzbeauftragter,
Oranienburger Str. 4, 10178 Berlin
datenschutz@copytrack.com
Processing purpose and legal basis, legitimate interest

The data is processed for the purpose of clarifying the legal situation (authorization request), offering a subsequent license or for legal prosecution and receivables management. According to Art. 6 Para. 1 lit. f GDPR, the processing of your data is necessary to protect our legitimate interests or those of a third party and to verify the existence and if necessary the enforcement of a legal claim for damages. This constitutes COPYTRACK’s legitimate interest.

Data categories and data origin

We process the following categories of data: master data, communication data, receivables data and, where applicable, payment information. We collect the data via freely accessible sources, i.e. from the website where we have established a possible infringement of copyright law, from the whois data of the aforementioned website, yellow pages, commercial registers etc.. In rare cases, the data is provided to us by our clients.

Recipient

Within the scope of the post-licensing process or the enforcement of claims for damages, we may transfer your data to our clients and, if necessary, the following categories of recipients, insofar as this is necessary for the enforcement of claims: credit agencies, service providers, in particular shipping and collection service providers, third-party debtors, residents’ registration offices, courts, bailiffs, lawyers.

Transfer to third countries

As far as the transfer is necessary for asserting, exercising or defending legal claims, COPYTRACK may also transfer personal data to third countries.

Duration of storage

Your data will be kept for three years after the acquisition of a subsequent license, payment of damages or other termination of the case at COPYTRACK. After that time, COPYTRACK will check if your data is still needed or while there is any legitimate reason to do so.

Rights of the data subject

If COPYTRACK has collected personal data from you, you have the following rights under Articles 15 to 22 GDPR if the legal conditions are met: right to information, correction, deletion, restriction of processing and data transferability. Furthermore, according to Art. 14 para. 2 lit. c in conjunction with Art. 21 GDPR, you have a right of objection to the processing based on Art. 6 para. 1 lit. f GDPR.

Complaints to the supervisory authority

Under Article 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. The address of the supervisory authority responsible

for our company:

Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, Germany, https://www.datenschutz-berlin.de/

Obligation to provide personal data

There are no contractual or legal obligations of the debtor to provide COPYTRACK with data.

Profiling

COPYTRACK does not use automated decisions including profiling with legal effect against affected persons.