Kazpar privacy policy
Kazpar GmbH is a tied agent in accordance with § 3 (2) WpIG of Effecta GmbH, Florstadt.
Privacy policy
Status: 26 November 2024
Overview
Our interest
- General information
- Person responsible
- Recipient of your data
- Data transfer outside the EU and the EEA, risk notice
- Special processing situations
- Accessing and visiting our platform
- Communication by post, email or telephone
- Contact form
- newsletter
- Registration and use of our platform
- Data processing for the brokerage of financial instruments
- OpenPayd as payment service provider
- Further processing purposes
- Links
III Use of cookies and similar technologies
- General information on cookies
- Google Analytics
- Google Ads
- Facebook Pixel
- Other ads
- Video player
- Affiliates
- Cookie consent tool
- Information on data security and storage duration
- Data security
- Duration of data storage
- Your right of revocation
- Your right to object to data processing in special cases and to direct advertising
VII. Your further rights
VIII. Changes to this privacy policy and up-to-dateness
Our interest
Thank you for visiting or using our platform for the brokerage of financial instruments (securities, investments, etc.). Compliance with data protection regulations is not only a legal obligation for Kazpar GmbH, but also an important factor of trust. This platform is operated by Kazpar GmbH, Frankfurt am Main, a company based in Germany (hereinafter also referred to as “Kazpar” or “we”).
This privacy policy provides you with detailed information about the processing of your personal data and the rights to which you are entitled. Personal data is all data that can be attributed to you personally, e.g. name, e-mail address.
We mainly process your personal data in the following situations:
- when you access and visit our platform;
- when you communicate with us by post, e-mail or telephone;
- when you use our contact form;
- when you receive our newsletter;
- when you register and use our platform;
- to establish and fulfill a contractual relationship
- when using other functions of our platform;
- to fulfill our legal obligations.
We will inform you in detail about the handling of your personal data in the respective processing situation in sections II. and III. of this privacy policy.
I. General information
1. Responsible
The controller within the meaning of data protection legislation is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller of this platform is :
Kazpar GmbH
Address: Friedrich-Ebert-Anlage 56 60325 Frankfurt am Main
Entry in the commercial register: Frankfurt am Main Local Court, HRB 134756
Telephone: +49 (0) 40-57 30 860-0
E-mail: info@kazpar.com
Managing directors: Jörg Meiner, Patriciüs Johannes Visser
If you have any questions or comments about our privacy policy, please feel free to contact us by e-mail at any time.
2. Recipient of your data
- Within Kazpar, only those persons who need your data to fulfill our contractual and legal obligations will have access to it. Service providers and vicarious agents employed by us may also receive data for these purposes. We limit the disclosure of your personal data to what is necessary in accordance with data protection regulations. In some cases, the recipients receive your personal data as processors and are then strictly bound by our instructions when handling your personal data. In some cases, the recipients act independently under their own responsibility under data protection law and are also obliged to comply with the requirements of the GDPR and other data protection regulations. We inform you in detail about the specific recipients of your data in the following sections 2.2 ff. and in the relevant areas in sections II. and III. of this privacy policy.
- We will only disclose your data to third parties in the following situations
- if you have given your express consent to the disclosure in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR;
- if the disclosure is permitted by law and is necessary for the performance of a contractual relationship with you or the implementation of pre-contractual measures in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR
- if there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR;
- if we are legally obliged to transfer data to state authorities (e.g. tax authorities, supervisory authorities and law enforcement authorities)
- if the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary to safeguard legitimate company interests, as well as to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
- if we use external service providers, so-called processors, for processing in accordance with Art. 28 GDPR, who have been obliged to handle your data with care.
- Our platform is hosted by several external service providers. We use external hosting to fulfill a contract or to carry out pre-contractual measures on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, external hosting is used to provide you with a technically functioning and user-friendly platform and to ensure the security, efficiency and speed of our systems (legitimate interest) on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. To ensure the protection of your personal data collected on our platform, we have concluded order processing contracts with the external hosting service providers. Your data will only be processed to the extent necessary to fulfill the hosting service and our instructions regarding your data will be followed. The hosting is provided by:
- IONOS SE, Elgendorfer Str. 57, 56410 Montabaur. Information from IONOS SE: https://www.ionos.de/terms-gtc/datenschutzerklaerung/ and
- MS Azure, information Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, USA. Information from Microsoft Corporation: https://www.microsoft.com/de-de/privacy/privacystatement
We use external service providers, in particular for IT security, marketing measures and payment processing. The recipients of your personal data are obliged to comply with the requirements of the GDPR and other data protection regulations.
- We act as a contractually bound intermediary within the meaning of Section 3 (2) WpIG in the brokerage of financial instruments pursuant to Section 2 (2) No. 3 WpIG exclusively for the account and under the liability of Effecta GmbH, Florstadt (hereinafter also referred to as “Effecta”). Kazpar is registered with BaFin as a tied agent: BaFin register of tied agents (register number: 80179836). We pass on the personal data required for the establishment and fulfillment of contracts for financial instruments (securities, investments, etc.) to Effecta and the respective issuer of the financial instrument and, if applicable, to banks, custodians of the digital safe deposit box (wallet), custodian institutions or other custodians and/or trustees and, if applicable, crypto securities registrars. We are authorized to pass on data in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, Kazpar, as a contractually bound intermediary, is obliged to grant Effecta access to the business documents at any time, insofar as this is required by supervisory law. Furthermore, as a contractually bound intermediary, Kazpar has granted Effecta a comprehensive right to issue instructions in order to ensure management and control options in accordance with Section 40 WpIG and Section 80 WpHG. As a contractually bound intermediary, Kazpar is also obliged to grant Effecta access to personal data for Effecta’s internal auditing and compliance purposes. The crypto securities registrar is ecrop GmbH (Untere Nabburger Str. 10, 92224 Amberg) Information on the handling of data can be found at the following link: https://www.ecrop.de/datenschutz.
- We are obliged to tolerate audits and inspections of our business premises by the German Federal Financial Supervisory Authority (BaFin) at any time and to cooperate in these audits, during which BaFin may also inspect personal data at any time and review processes.
3. Data transfer outside the EU and the EEA, risk notice
- We sometimes use service providers who process your personal data outside the European Union (EU) and the European Economic Area (EEA) (in so-called third countries). We will inform you in detail about the external service providers we use and the third countries in which personal data is processed in the relevant area in sections II. and III. of this privacy policy.
- Some of the service providers we use process your personal data in the USA. The EU has concluded a data protection framework with the USA (EU-US Data Privacy Framework / EU-US Privacy Shield), which came into force on July 10, 2023. This means that a comparable level of protection for personal data is offered in the USA as in the EU if the service provider participates in the self-certification process of the US Department of Commerce. You can find out whether a service provider we use is certified by clicking on the following link: https://www.dataprivacyframework.gov/s/participant-search. If the service providers we use are not certified, there is a risk that your personal data will be processed in the USA without adequate legal protection. In this case, we will transfer your personal data to the USA on the basis of your express consent in accordance with Art. 49 para. 1 lit. a GDPR.
II Special processing situations
1. Calling up and visiting our platform
- For the purpose of the technical provision of our platform, it is necessary for us to process certain automatically transmitted information so that our platform can be displayed to you and you can use it. This information is automatically collected each time you visit our platform and automatically stored in so-called server log files.These are:
- Browser type and browser version;
- Operating system used;
- Website from which access is made (referrer URL);
- Host name of the accessing computer;
- Date and time of access;
- IP address of the requesting computer.
- The storage of the aforementioned access data is necessary for technical reasons in order to provide a functional platform and to ensure system security. This also applies to the storage of your IP address, which is necessary and can enable an assignment to your person. In principle, you are not obliged to provide us with your personal data. However, if you do not do so, we will not be able to make our platform available to you without restriction.
- In addition to the above-mentioned purposes, we use server log files exclusively for the needs-based design and optimization of our website purely statistically and without drawing any conclusions about your person. This data is not merged with other data sources, nor is it analyzed for marketing purposes.
- The access data collected as part of the use of our platform is only stored for the period for which this data is required to achieve the aforementioned purposes.
- If you visit our platform to find out about our range of products and services or to use them, the basis for the temporary storage and processing of access data is Art. 6 para. 1 sentence 1 lit. b GDPR (legal basis), which permits the processing of data for the performance of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to be able to provide you with a technically functioning and user-friendly platform and to ensure the security of our systems.
2. Communication by post, e-mail or telephone
- If you contact us by post, e-mail or telephone, your request and other personal data (e.g. name, address, e-mail address, telephone number) will be processed for the purpose of handling your request. You provide us with your data voluntarily. However, we cannot communicate with you and carry out pre-contractual or contractual measures without the provision of your data.
- This data is processed on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR) and/or on our legitimate interests in the effective processing of the inquiries addressed to us and external communication (Art. 6 para. 1 sentence 1 lit. f GDPR).
- The personal data you send to us by post, email or telephone will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
3. Contact form
- If you send us inquiries via the contact form, your message/message (comment) including the contact data you provide there (e.g. your e-mail address, your first name and surname) will be stored and processed by us for the purpose of processing and answering the inquiry and in the event of follow-up questions. We do not pass this data on to third parties unless this is necessary in the context of processing and responding to your contact request (e.g. to the respective issuer) or you have given us your consent to do so.
- If you contact us as part of an existing contractual relationship or contact us in advance for information about our range of services or our other services, the data and information you provide will be processed for the purpose of processing and responding to your contact request in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR (legal basis). In addition, we process the personal data to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR for the appropriate response to customer/contact inquiries.
- The data you enter in the contact form will remain with us until the purpose for data storage/processing no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
- In principle, you are not obliged to provide us with your personal data. However, if you do not do so, we will not be able to respond to your request. Personal data that we absolutely need to communicate with you is marked accordingly as mandatory information in the contact form.
4. Newsletter
- With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting news, offers and information on investment offers and the possibility of subscribing to financial instruments (securities, investments, etc.) as well as events from us and our partner companies. Your e-mail address and your first and last name are required to receive the newsletter. Your name will be used to address you personally in the newsletter. After your confirmation, we store the above-mentioned data to send you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR. We can also link the data collected in this way to any user account you have created on our platform. This allows you to manage and change details in the protected customer area.
- We use the so-called double opt-in procedure to register for our newsletter. This means that after you have registered, we will send you an email to the email address you have provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be blocked and then automatically deleted. In addition, we store the IP addresses used and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data (legitimate interest) on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
- You can revoke your consent to the sending of the newsletter at any time for the future and unsubscribe from the newsletter. You can also object to the processing of your email address at any time. You can declare your revocation or objection by clicking on the link provided in every newsletter e-mail, by e-mail to info@kazpar.com or by sending a message to the contact details given in the imprint. Your e-mail address will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe. Storage of the email address and other data in connection with another processing situation described in Section II. of this privacy policy remains unaffected by this.
- Our newsletter contains so-called counting pixels. This means that a small graphic is embedded in the HTML code of the email to enable log file recording or log file analysis. Using this pixel, we can recognize whether and when our newsletter emails are opened and when links in the newsletter are opened by you. With the data obtained in this way, we can evaluate the success of our newsletter, optimize it in the future and make it even more interesting for you. The legal basis is your consent in accordance with Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR.
- We use the external service provider Twilio Sendgrid, Denver, Colorado, United States (“SendGrid”) to provide and send the newsletter. SendGrid processes the following personal data, among others Your e-mail address, information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your e-mails and other information about hardware and internet connection as well as usage data). Data is transferred to the USA (so-called third country). In order to ensure the protection of your personal data and an adequate level of data protection, we have concluded an order processing contract with SendGrid using the standard contractual clauses of the EU Commission within the meaning of Art. 46 para. 2 lit. c GDPR. SendGrid will only process your data to the extent necessary to send you the newsletter and follow our instructions with regard to your data. In addition, you give us your consent to data processing in the USA in accordance with Art. 49 para. 1 lit. a GDPR. For information on the handling of your personal data by our external service provider, please refer to the privacy policy directly on the SendGrid website. Information from the third-party provider: https://www.twilio.com/en-us/legal/privacy?_gl=1*1kbach*_gcl_au*MTg5ODc4NTc0OC4xNzI4MjkxOTg2*_ga*Mjk3MjQ0Mi4xNzI4MjkyNDIz*_ga_8W5LR442LD*MTcyODI5MjQyMi4xLjEuMTcyODI5MjY5MS4wLjAuMA.
5. Registration and use of our platform
- If you wish to use our platform to subscribe to a financial instrument (security, investment, etc.), you must register by providing your name, e-mail address, telephone number, date of birth and a password of your choice. We use the so-called double opt-in procedure for registration, i.e. your registration is not complete until you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If you do not confirm this, your registration will be automatically deleted from our database. In addition, we store the IP addresses used and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data (legitimate interest) on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
- The provision of the aforementioned data for registration is voluntary. However, we cannot allow you to use the area of our platform that requires registration without this personal data. You can also provide us with further information voluntarily by using our platform.
- The registration and use of our platform also serves to prepare the acquisition of a financial instrument (security, investment, etc.). When you subscribe to a financial instrument (security, investment, etc.), you conclude an investment brokerage agreement with Effecta GmbH, Florstadt, represented by Kazpar as a contractually bound intermediary. On the other hand, by subscribing you conclude a contract for the financial instrument (security, investment, etc.) with the respective issuer. When you register, data is therefore already collected in order to identify you and to obtain information about your knowledge and experience in relation to transactions with certain types of financial instruments or investment services. We inform you in detail about the handling of your personal data in section II.6.
- If you use our platform, we will store your data required to fulfill the platform usage contract until you permanently delete your access. Furthermore, we store the additional voluntary data you provide for the duration of your use of the platform, unless you delete it beforehand. You can manage and change all data in the protected customer area. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, we process your data for the implementation of pre-contractual measures with Effecta GmbH, Florstadt and the respective issuer on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR.
6. Data processing for the brokerage of financial instruments
- If you subscribe to a financial instrument (security, investment, etc.), we process the following personal data about you in the pre-contractual area and upon conclusion of the contract:
- Surname, first name
- Date of birth, place of birth
- Residential address, business address
- telephone number
- Fax number
- IP address
- Nationality
- Sex and gender
- Occupation and professional function
- Educational qualification
- IBAN and BIC
- Securities account number and BIC
- Tax identification number
- Status as a politically exposed person (PeP), family member of a politically exposed person, person or a person known to be a close associate within the meaning of the Money Laundering Act
- Listing in a sanctions list (UN, HMT, etc.)
- Economic authorization within the meaning of the Money
- Laundering Act
- Information on the planned investment behavior
- Origin of funds
- Information on income and assets and, if applicable, proof thereof
- Wallet addresses
- Identity card data, passport data
- Capacity as representative of a company.
- When you subscribe to a financial instrument (security, investment, etc.), you conclude an investment brokerage agreement with Effecta GmbH, Florstadt, represented by Kazpar as a contractually bound intermediary. We pass on the personal data required for identification and conclusion of the contract to Effecta GmbH, Florstadt. You provide us with the personal data required for your identification via the secure procedure of Deutsche Post AG). This external service provider commissioned by us will only process your data to the extent that this is necessary for your identification and to prove that the identification has been carried out and will follow our instructions with regard to your data. Further information on the handling of your data can be found on the website of Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn: https://www.deutschepost.de/de/p/postident/postident-datenschutzhinweise.html.
- By commissioning Kazpar for the first time to broker a financial instrument in the form of token-based securities, you can open and use a digital safe deposit box in the form of a non-custodial wallet. We will provide you with the app required for this. You store and keep your private cryptographic key (“private key”) yourself. We have no access to it. We would like to point out that we do not provide any service with regard to the safekeeping, administration and securing of tokens or other crypto assets or the cryptographic keys.
- For the purpose of paying church tax on investment income (insofar as Kazpar is obliged to pay church tax), we request the church tax details of you as a registered user from the Federal Central Tax Office so that church tax can be paid for you if necessary. You can object to the disclosure of your data by issuing a blocking notice with the Federal Central Tax Office. A blocking notice remains in place until it is revoked in writing.
- We collect and process the above-mentioned data for the purpose of executing the contract or fulfilling pre-contractual obligations. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b GDPR. We also process this data due to legal and regulatory obligations for the financial sector. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR. Furthermore, we process your data in the context of the payment of church tax on capital gains on the basis of our legal obligation pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with Section 51a para. 2c to 2e and para. 6 EStG.
- The provision of personal data is necessary for the conclusion of the contract and for the fulfillment of legal obligations to which we are subject. If the personal data is not provided, it will not be possible to conclude and execute the investment brokerage agreement and subscription agreement.
- Your data will be deleted as soon as it is no longer required for the contractual relationship. In addition, there may be statutory retention obligations, for example retention obligations under commercial or tax law. If such retention obligations exist, we will delete your data at the end of these retention obligations.
- We use the external service provider ecrop GmbH, Untere Nabburger Str. 10,92224 Amberg (“ecrop”) for the collection and processing of your personal data in the pre-contractual area, when concluding a contract and for the execution of the contract. In order to ensure the protection of your personal data, we have concluded an order processing contract with ecrop. Ecrop will follow our instructions with regard to your data. For information on the handling of your personal data by ecrop, please refer to the privacy policy directly on the website of this provider. Information from the third-party provider: https://www.ecrop.de/datenschutz.
7 OpenPayd as a payment service provider
If you decide to pay with the online payment service provider OpenPayd Financial Services Malta Limited (OpenPayd) as part of a payment transaction on our platform, we will transmit the following personal data to OpenPayd, (business address: 122 – 123 Pangea, Level 5 , Triq San Gorg, St. Julians STJ 3204, Malta): first and last name, date of birth, place of birth, nationality, address, e-mail address, information about goods/services, current accounts, credit card details if applicable, IP address.
The processing of your personal data is necessary for the processing of your subscription with the payment method you have selected, in particular to confirm your identity and to administer your payment. The legal basis for data processing during payment processing is the performance of contractual obligations pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.
OpenPayd is the controller under data protection law for the processing of your personal data in the context of payment processing. We can therefore only inform you about data processing by OpenPayd to the best of our knowledge: Under certain circumstances, OpenPayd will pass on the personal data transmitted by us to credit agencies. OpenPayd may also pass on your personal data to service providers, subcontractors or other affiliated companies if this is necessary to fulfill the contractual obligations arising from your order or if the personal data is to be processed on our behalf. You can find an overview of these third parties under the following link: https://www.openpayd.com/legal/privacy-notice/. If your personal data is transferred to a credit agency, this is done to check your identity and creditworthiness. To find out which credit agencies are involved and which data is generally processed by OpenPayd, as well as further information on the purposes and scope of data processing, please refer to OpenPayd’s privacy policy at the following link: https://www.openpayd.com/legal/privacy-notice/.
The issuers of financial instruments work together with the payment service provider Secupay. The processing of payments on the financial instruments requires the processing of your following personal data: first and last name, payment details, IBAN. For information on the purposes and scope of data processing, please refer to the privacy policy of secupay AG, Goethestrasse 6, 01896 Pulsnitz, at the following link: https://secupay.com/datenschutz
8. Further processing purposes
We also process your personal data in order to fulfill other legal obligations that may apply to us in connection with our business activities. These include, in particular, the prevention of money laundering pursuant to Section 10 (1) GWG, evaluation of your knowledge and experience pursuant to Section 63 (10) WpHG and retention periods under commercial, trade, supervisory and tax law. We process your personal data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR (legal basis) to fulfill a legal obligation to which we are subject.
We also process your personal data in order to assert our rights and enforce our legal claims. We also process your personal data in order to be able to defend ourselves against legal claims. Finally, we process your personal data insofar as this is necessary for the prevention or prosecution of criminal offenses. We process your personal data to protect our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (legal basis), insofar as we assert legal claims or defend ourselves in legal disputes or we prevent or investigate criminal offenses (legitimate interest).
9. Links
This platform contains hyperlinks to websites or services of other providers. A hyperlink is a reference to another website or document. If you click on it, you will be redirected from our platform directly to the website of the other provider. You can recognize this, for example, by the change of URL in the address line of your browser. We cannot assume any responsibility for the confidential handling of your personal data on these external websites, as we have no influence on the data collected, processing procedures, purposes of processing and deletion of the data. For information on how these providers handle your personal data, please refer to the data protection declarations directly on the websites of these providers.
III Use of cookies and similar technologies
1. General information on cookies
- We use so-called cookies on our platform. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure and to enable the provision of certain functions. Cookies are small text files that are stored on your computer and saved by your browser. A cookie contains a characteristic string of characters that enables your browser to be uniquely identified when you return to the website.
- Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit or browser session (so-called transient cookies). Other cookies remain stored on your end device for a specified period or until you delete them (so-called persistent cookies).
- You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. You can regularly obtain the procedure for deactivating cookies via the “Help” function of your Internet browser. If cookies are deactivated, the functionality and/or full availability of this platform may be restricted.
- The cookie-based data processing is carried out on the basis of your consent in accordance with Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR (legal basis) or, in the case of an absolutely necessary cookie, on the basis of Art. 6 (1) sentence 1 lit. f GDPR (legal basis) to safeguard our legitimate interests. Our legitimate interests lie in particular in being able to provide you with a technically optimized, user-friendly and needs-based platform and to ensure the security of our systems.
- Personal data that is collected on our platform using cookies is sometimes stored in countries outside the EU or the EEA. In order to ensure the protection of your personal data and an appropriate level of data protection, we have concluded order processing contracts with the cookie service providers. The cookie service providers commissioned by us will follow our instructions with regard to your data. The transfer of your personal data to the USA is also carried out by us on the basis of your express consent in accordance with Art. 49 para. 1 lit. a GDPR, unless the cookie service provider participates in the self-certification procedure of the US Department of Commerce. You can find out whether a service provider we use is certified at the following link: https://www.dataprivacyframework.gov/s/participant-search. In addition, we will inform you in the individual explanations of the respective cookies below if the cookie service provider is certified. For information on the handling of your personal data by these external service providers, please refer to the data protection declarations and information directly on the websites of these service providers, which we have linked to you in the information below on the respective cookies used.
- You can consent to the use of cookies on our website via the cookie consent tool (cookie banner). You can revoke any consent you have given us at any time, e.g. by deactivating the setting of cookies via the cookie consent tool (cookie banner).
Below we inform you in detail about the cookies and similar technologies used on our website www.kazpar.com (excluding the subscription/registration area of the platform):
2. Google Analytics
- Our website uses Google Analytics, a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Google is also certified in accordance with the self-certification procedure of the US Department of Commerce, which ensures a level of data protection comparable to that in the EU.
- You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
- Our website uses Google Analytics with an extension. This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately.
- We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The cookie-based data processing is carried out on the basis of your consent in accordance with Section 25 (1) sentence 1 GDPR in conjunction with Art. 6 (1) sentence 1 lit. a GDPR.
- We use Google signals. When you visit our website, Google Analytics records your location, search history and YouTube history as well as demographic data (visitor data), among other things. This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, the visitor data from Google Signal is linked to your Google account and used for personalized advertising messages. The data is also used to compile anonymous statistics on the user behavior of our users.
- Information from the third-party provider: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland; terms of use: http://www.google.com/analytics/terms/de.html; overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html; and the privacy policy: http://www.google.de/intl/de/policies/privacy.
3. Google Ads
- Our website uses a Facebook pixel, a service of the social network of Meta Platforms Ireland Ltd, Ireland (“Facebook”). The Facebook pixel is a JavaScript code that enables us to analyze your user behavior after clicking on an advertisement placed by us on Facebook and redirecting to this website. This enables us to compile statistics on the success of our advertisements on Facebook and to categorize groups of interested parties. In addition, we can display our Facebook ads only to interested Facebook users and design our ads in such a way that they correspond to user interest and are not annoying. Facebook will store your personal data collected in the process on servers in the USA and use it for its own advertising measures.
- Within the Facebook social network, you can set which usage-based advertising is displayed to you. You can find the settings option under “Advertising preferences/settings for advertisements”: https://www.facebook.com/settings?tab=ads
- Data processing on our website takes place on the basis of your consent in accordance with Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR.
- Information from the third-party provider: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, https://www.facebook.com/business/learn/facebook-ads-pixel, https://www.facebook.com/business/help/742478679120153?id=1205376682832142, https://www.facebook.com/privacy/explanation.
4. Facebook Pixel
- Our website uses a Facebook pixel, a service of the social network of Meta Platforms Ireland Ltd, Ireland (“Facebook”). The Facebook pixel is a JavaScript code that enables us to analyze your user behavior after clicking on an advertisement placed by us on Facebook and redirecting to this website. This enables us to compile statistics on the success of our advertisements on Facebook and to categorize groups of interested parties. In addition, we can display our Facebook ads only to interested Facebook users and design our ads in such a way that they correspond to user interest and are not annoying. Facebook will store your personal data collected in the process on servers in the USA and use it for its own advertising measures.
- Within the Facebook social network, you can set which usage-based advertising is displayed to you. You can find the settings option under “Advertising preferences/settings for advertisements”: https://www.facebook.com/settings?tab=ads
- Data processing on our website takes place on the basis of your consent in accordance with Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR.
- Information from the third-party provider: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, https://www.facebook.com/business/learn/facebook-ads-pixel, https://www.facebook.com/business/help/742478679120153?id=1205376682832142, https://www.facebook.com/privacy/explanation.
5. Further ads
As part of our online marketing measures, we use conversion tracking technology and the retargeting functions of various ad providers. We determine the success of these advertising campaigns in order to advertise the services of our brokerage platform and to optimize our advertising measures on external websites. If you access our website by clicking on an advertisement, a cookie is stored on your computer and enables your browser to be recognized. These cookies enable us to measure the success of our advertising measures, such as the display of ads or clicks by visitors. We process your personal data on the basis of your consent in accordance with § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR.
We use the following ad providers:
“LinkedIn Ads” from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland: https://www.linkedin.com/legal/privacy-policy; if you are logged into your LinkedIn user account, you can deactivate data processing at any time under the following settings: https://www.linkedin.com/psettings/enhanced-advertising
“Facebook Ads” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland: https://www.facebook.com/about/privacy
“Instagram Ads” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland: https://privacycenter.instagram.com/policy
6. Videoplayer
- As part of our online marketing measures, we use conversion tracking technology and the retargeting functions of various ad providers. We determine the success of these advertising campaigns in order to advertise the services of our brokerage platform and to optimize our advertising measures on external websites. If you access our website by clicking on an advertisement, a cookie is stored on your computer and enables your browser to be recognized. These cookies enable us to measure the success of our advertising measures, such as the display of ads or clicks by visitors. We process your personal data on the basis of your consent in accordance with § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR.
- We use the following ad providers:
- “LinkedIn Ads” from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland: https://www.linkedin.com/legal/privacy-policy; if you are logged into your LinkedIn user account, you can deactivate data processing at any time under the following settings: https://www.linkedin.com/psettings/enhanced-advertising
- “Facebook Ads” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland: https://www.facebook.com/about/privacy
- “Instagram Ads” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland: https://privacycenter.instagram.com/policy
- We embed videos on our website that are hosted on various video platforms. When you start a video on this website, a connection is established to the servers of the respective video platform. The video platform server is informed which of our pages you have visited. Regardless of whether you have a user account with the platform, a representation of the corresponding video is downloaded from your internet browser. This tells the video platform operator which subpage of our website you have visited. If you have a corresponding user account and are logged in, the data collected will be assigned to your user account. You can prevent assignment by logging out of your user account before accessing our website. We process your personal data on the basis of your consent in accordance with Section 25 (1) sentence 1 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR.
- The video integration takes place via the following video platforms
- “YouTube” of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, third-party provider information: https://www.google.com/policies/privacy/. Google is certified in accordance with the self-certification procedure of the US Department of Commerce, which ensures a level of data protection comparable to that in the EU.
- “Vimeo” of Vimeo.com, Inc, 330 West 34th Street, 5th Floor, New York, New York 10001, USA, information of the third-party provider: https://vimeo.com/privacy.
7. Affiliates
- We use cookies that enable us to recognize whether you have reached our website from the websites of our partners (affiliates) and can assign you to the respective affiliate. If you click on an advertisement and, if applicable, under further conditions, the respective affiliate receives a commission from us. The storage of the cookie has no influence on your registration and use of our platform and the subscription of a financial instrument (security, investment, etc.). The data processing is carried out to process the commission payment between us and the affiliates. The cookie-based data processing is carried out on the basis of your consent in accordance with § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR.
8. Cookie-Consent-Tool
- This website uses the cookie consent tool “CookieYes”, a service of CookieYes Limited of 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom, to obtain your consent(s) to the storage of cookies on your terminal device and to document your consent(s). When you visit our website, a connection is established to the servers of the cookie consent tool and a cookie is stored in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way is stored until you delete the cookie consent tool cookie yourself or ask us to delete it. The cookie consent tool is used on the basis of Art. 6 para. 1 sentence 1 lit. c in conjunction with Art. 7 para. 1 GDPR to fulfill our legal obligation to obtain your consent(s) for the use of cookies. Information from the third-party provider: https://www.cookieyes.com/privacy-policy/?ref=gsem-cmp-tc&utm_source=google&utm_medium=cpc&utm_campaign=search_branded_deu&utm_content=pm_branded_deu&utm_term=cookieyes&_gl=1*1xufl2m*_up*MQ..&gclid=EAIaIQobChMIjNaruLD-iAMVX5ODBx1sbTV_EAAYASAAEgKuRvD_BwE
IV Information on data security and storage duration
1. Data security
- Your personal data is protected by us using suitable technical and organizational measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
- For security reasons and to protect the transmission of confidential content, such as your contact requests, this platform uses the SSL encryption method (Secure Socket Layer) or a higher level of encryption supported by your browser. You can recognize an encrypted connection by the fact that the address line of the browser reads “https://” or by the lock symbol in your browser line.
2. Duration of data storage
- Unless a storage period is expressly stated in the information on special processing situations in Sections II and III, we will delete your personal data as soon as the purpose or legal basis for storage no longer applies. We are guided by the following principles:
- Your personal data collected to fulfill a contract with you will be stored until this contract has been completely fulfilled. The storage period may include periods of contract initiation.
- Your personal data that is collected to protect our legitimate interests will be stored for as long as is necessary for the respective purpose of use.
- We may be required by the authorities or by law to store your data for longer than the specified periods. The statutory retention periods are based in particular on commercial and tax regulations. After the retention periods have expired, we will delete your personal data.
V. Your right of withdrawal
- If you have given your consent to the processing of personal data, you can withdraw your consent at any time. A revocation only takes effect for the future. Processing that took place on the basis of the consent until the revocation is not affected by this. An informal message to us, e.g. by email to info@kazpar.com, is sufficient to declare your withdrawal of consent.
VI. Your right to object to data processing in special cases and to direct advertising
- If the data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data at any time; this also applies to profiling based on this provision. This is particularly the case if the processing is not necessary for the performance of a contract with you. The relevant legal basis can be found in sections II. and III. of this privacy policy. The right to object exists if the legal requirements under Art. 21 (1) GDPR are met. If you file an objection and the legal requirements are met, we will no longer process your personal data concerned. We therefore ask you to explain why we should not process your data as we have done. We will then check whether our interests conflict with the termination of the processing, so that we are entitled to process your personal data despite your objection. To declare your objection, simply send us an informal message, e.g. by email to info@kazpar.com.
- If your personal data is processed for the purpose of direct marketing, you have the right to object to the processing of your personal data at any time; this also applies to profiling insofar as it is associated with such direct marketing. If you object, we will no longer process your personal data concerned (Art. 21 para. 2 GDPR). To declare your objection, simply send us an informal message, e.g. by email to info@kazpar.com.
VII Your further rights
- You have the following rights if the respective legal requirements are met:
- You will be provided with information about your data processed by us upon request (Art. 15 GDPR).
- If we process incorrect or incomplete personal data, you have the right to rectification (Art. 16 GDPR).
- You can request erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR).
- You have the right to data portability (Art. 20 GDPR).
- You have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR), such as the Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Germany, who is responsible for us.
VIII Changes to this privacy policy and up-to-dateness
- Due to the further development of our platform, our offers and our company or due to changed legal or official requirements, we may supplement or adapt our privacy policy. We will publish all changes on this website.
- This privacy policy is currently valid (as of November 2024).