Privacy Policy

Effective Date: 2025-04-08

Thank you for visiting www.maticstrategicadvisors.com. Protecting your personal data is very important to us. This Privacy Policy informs you about the type, scope, and purpose of the collection and use of personal data when visiting our website and using our services.

We comply with all applicable data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) for EU citizens and residents, as well as relevant U.S. data protection laws where applicable.

1. Controller

The controller responsible for data processing on this website is:

Matic Strategic Advisors LLC
3119 CORAL WAY STE 200, MIAMI, FL. 33145 US

Phone: +1 (800) 208 6131
Email: [email protected]
Website: www.maticstrategicadvisors.com
Managing Director / Authorized Representative:

Mario Matic – Int. Business Economist (BAA, Munich)

Legal Form: Limited Liability Company (LLC)
Place of Registration: Florida, USA
Registration Number: 35-2870541

2. Data We Collect

We collect personal data only to the extent necessary and in accordance with the principles of data minimization. The types of data we may collect include:

  • Name, email address, phone number (via contact forms or email inquiries)
  • IP address and browser/device data (for technical and analytical purposes)
  • Service-related information (such as inquiries regarding our consulting services)
  • Information voluntarily provided by the user (e.g., when booking a consultation)

We do not collect any sensitive personal data unless explicitly required and with your prior consent.

3. Purpose of Data Processing

Your personal data is processed for the following purposes:

  • Responding to your inquiries and providing requested services
  • Fulfilling contractual obligations
  • Improving our website and services
  • Ensuring technical security and error-free operation
  • Legal compliance and enforcement of our rights

4. Legal Basis for Processing

According to Article 6(1) of the GDPR, the processing of personal data is lawful if:

  • You have given your explicit consent (Art. 6(1)(a) GDPR)
  • The processing is necessary for the performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
  • The processing is required for legal obligations (Art. 6(1)(c) GDPR)
  • The processing is in our legitimate interest, such as securing our IT systems or marketing (Art. 6(1)(f) GDPR)

5. Data Transfer to Third Parties

We do not sell your data. However, we may share your information with:

  • IT service providers (hosting, email services, analytics)
  • Legal or tax advisors, if necessary for compliance
  • U.S. or international authorities, only if legally required

All service providers are carefully selected and meet data protection requirements.

6. Data Transfer to Third Countries

If we transfer data to third countries outside the European Economic Area (EEA), such as the United States, this is done only:

  • If an adequate level of data protection has been confirmed by the EU Commission
  • Or based on contractual agreements (e.g., Standard Contractual Clauses)
  • Or with your explicit consent

7. Cookies and Tracking

Our website may use cookies and analytics tools (e.g., Google Analytics) to improve the user experience and monitor website traffic.

You can manage your cookie preferences via your browser settings or by opting out of analytics tools where applicable.

8. Your Rights (EU Residents)

You have the following rights under the GDPR:

  • Right to access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure / „Right to be forgotten“ (Art. 17 GDPR)
  • Right to restrict processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to withdraw consent at any time (Art. 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

9. Data Retention

We store your personal data only as long as necessary to fulfill the purpose of processing or as required by legal obligations.

10. Security

We implement appropriate technical and organizational measures to ensure the security of your personal data and protect it from unauthorized access, loss, or misuse.

11. Changes to This Policy

We reserve the right to update this Privacy Policy to reflect changes in legal requirements or our services. The current version is always available on our website.

12. Contact

If you have questions about data protection or want to exercise your rights, feel free to contact us:

Matic Strategic Advisors LLC
3119 CORAL WAY STE 200, MIAMI, FL. 33145 US

Phone: +1 (800) 208 6131
Email: [email protected]
Website: www.maticstrategicadvisors.com

General Information on Data Processing

We process the personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data of our users generally takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.

If we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

When the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are required for carrying out pre-contractual measures.

If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.

In cases where vital interests of the data subject or another natural person make the processing of personal data necessary, Article 6(1)(d) GDPR serves as the legal basis.

If the processing is necessary for the purposes of a legitimate interest pursued by our company or a third party, and this interest is not overridden by the interests, fundamental rights, or freedoms of the data subject, Article 6(1)(f) GDPR serves as the legal basis for the processing.

Personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also occur if required by European or national legislation in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a legally mandated storage period expires, unless further storage is necessary for the conclusion or fulfillment of a contract.

Provision of the Website and Creation of Log Files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. The following data may be collected:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Amount of data transferred in each case
  • Website from which the request originated
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

Storage in Log Files

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user. The legal basis for the temporary storage of data and log files is Article 6(1)(f) GDPR.

Temporary storage of the IP address by the system is necessary to deliver the website to the user’s device. For this purpose, the user’s IP address must be stored for the duration of the session. Storage in log files takes place to ensure the functionality of the website. Additionally, the data serves to optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.

These purposes also constitute our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended. In the case of log file storage, this occurs at the latest after seven days. Further storage is possible; in such cases, the IP addresses of the users are either deleted or anonymized so that assignment to the accessing client is no longer possible.

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, the user has no right to object.

Processors and Recipients

We process your personal data with the assistance of data processors who support us in the provision of our services (e.g., web hosting providers). These processors are strictly bound to the protection of your personal data and may not use your data for any purpose other than providing our services.

Your personal data is only passed on to service providers typically involved in business operations, such as tax consultants (if you appear in our accounting), shipping providers (in the event of a delivery), etc.

Handling of Contact Data

If you contact us via the contact options provided, the data you supply will be used to process and respond to your request, for statistical purposes, to fulfill legal reporting obligations, and to provide our services. Without your consent, this data will not be shared with third parties.

After submitting a contact form, your personal data entered will be processed by the data controller for the purpose of fulfilling our services based on your consent given by submitting the form.

There is no legal or contractual obligation to provide this data. The only consequence of not providing it is that your request cannot be submitted or processed. You have the right to withdraw your consent at any time in writing, without affecting the lawfulness of processing carried out before the withdrawal.

The legal basis for the processing of the data is Article 6(1)(a) GDPR, if the user has given consent.

Registration of Companies and Publication of Company Profiles and Job Postings

On our website, we offer clients (employers) the opportunity to register by providing personal data. The data is entered into an input form, transmitted to us, and stored. No data is passed on to third parties.

Registration is required to fulfill a contract with the client or to carry out pre-contractual measures.

After registering on our portal, clients can independently publish job offers and a company profile. The personal data provided during registration is processed by the data controller for the purpose of providing our services, based on the consent given during registration.

Only the data entered by the client is published—contact details are excluded, as publishing them on our portal is not permitted.

To increase the reach of their job postings and company profiles, the content may be shared, transmitted, and published via social media channels, external job boards, our newsletters, and our partner network.

The legal basis for processing is Article 6(1)(a) GDPR (with consent) and Article 6(1)(b) GDPR (performance of a contract).

The data will be deleted as soon as it is no longer required for its original purpose. For data collected during registration to fulfill a contract or for pre-contractual measures, this is the case when the data is no longer needed to fulfill the contract. Even after the contract ends, data may still need to be stored to meet contractual or legal obligations.

As a client, you may terminate your registration at any time. You may also request that your stored data be modified at any time.

Company Portal

To use and manage their contractual services, our clients (employers) or their employees may access our company portal. In this context, we process personal data provided by the client or their employees, as well as data relating to the agreed or provided services and their usage.

The legal basis for processing is Article 6(1)(a) GDPR (with consent) and Article 6(1)(b) GDPR (performance of a contract). We store this data for as long as the company profile remains available on our portal in accordance with the contract.

In addition, we use the collected data in anonymized form to create statistics about general customer behavior. This helps us improve our services and make them more user-friendly. The legal basis for this is our legitimate interest in accordance with Article 6(1)(f) GDPR, which lies in the execution and improvement of our business operations.

Newsletter

Our website may offer the option to subscribe to a free newsletter. When registering for the newsletter, the data entered in the input form is transmitted to us—this includes the email address, first name, and last name. Additionally, the following data is collected during registration:

  1. IP address of the requesting device
  2. Date and time of registration

As part of the registration process, your consent is obtained for the processing of the data, and this privacy policy is referenced. In connection with the processing of data for the dispatch of newsletters, there is no transfer of data to third parties. The data is used exclusively for sending the newsletter.

The legal basis for processing data after newsletter registration is the user’s consent in accordance with Article 6(1)(a) GDPR.

The collection of the email address serves to deliver the newsletter. The collection of other personal data during the registration process serves to prevent misuse of the services or the email address used.

The data will be deleted as soon as it is no longer needed for the purpose for which it was collected. Accordingly, the user’s email address will be stored for as long as the newsletter subscription is active. The additional personal data collected during the registration process is usually deleted after a period of seven days.

The subscription can be canceled at any time by the user. A corresponding link is provided in every newsletter. This also enables the withdrawal of consent for the storage of personal data collected during the registration process.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock icon in your browser bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Cookies

Our website uses cookies. Cookies are text files that are stored in or by the internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a unique string of characters that allows the browser to be identified when the website is visited again.

We use cookies to make our website more user-friendly. Some elements of our website require the identifying browser to be recognized even after a page change.

We also use cookies on our website that allow us to analyze users‘ browsing behavior. The data collected in this way is pseudonymized through technical measures. Therefore, the data can no longer be attributed to the accessing user. This data is not stored together with any other personal data of the user.

When visiting our website, users are informed via an info banner about the use of cookies for analysis purposes and referred to this privacy policy. The info banner also includes instructions on how to disable the storage of cookies in the browser settings.

The legal basis for the processing of personal data using cookies is Article 6(1)(f) GDPR.

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be provided without the use of cookies. For these, it is necessary that the browser is recognized again after a page change. The data collected by technically necessary cookies is not used to create user profiles.

The use of analysis cookies serves the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offering. These purposes also constitute our legitimate interest in the processing of personal data in accordance with Article 6(1)(f) GDPR.

Cookies are stored on the user’s computer and transmitted to our website. Therefore, as a user, you have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing your internet browser settings. Cookies already stored can be deleted at any time. This can also happen automatically.

If cookies are deactivated for our website, it may no longer be possible to use all website functions to their full extent. The transmission of Flash cookies cannot be prevented via the browser settings but through changes to the Flash Player settings.

For more information on cookies, please refer to Wikipedia.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), based on the legal basis of predominant legitimate interest (analysis of website usage). We have concluded a data processing agreement with Google for this purpose.

When you access our website, a connection to Google’s servers is established via software, and data is transmitted to Google servers, some of which are located in the USA. Google Analytics also uses cookies to store information about website users and to analyze how users interact with the website.

This website uses the “IP anonymization” feature. This means that your IP address is truncated by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area before being transmitted. Only in exceptional cases is the full IP address sent to a Google server in the USA and shortened there.

According to Google, the data collected is used to evaluate website usage, compile reports on website activity, and provide other services related to website and internet usage. Google may also transfer this information to third parties if required by law or if such third parties process the information on Google’s behalf. Detailed information on how Google Analytics handles user data can be found in Google’s or Google Analytics’ privacy policy.

Disable Google Analytics

You can generally prevent your data from being collected on our website by enabling the „Do Not Track“ setting in your web browser. Our website respects this signal, which is sent to all websites by your browser.

You can also prevent the collection of your data by Google Analytics across all websites by downloading and installing the browser plugin available at the following link:
Download Browser Add-on

Google Remarketing

We use the Google Remarketing or “Similar Audiences” feature on our website. This allows us to target visitors with personalized, interest-based advertisements when they visit other websites in the Google Display Network.

To perform this analysis, Google uses cookies that collect data about your website use. No personal data of website visitors is stored. When you later visit another website within the Google Display Network, advertisements may appear based on your previously visited content and interests.

You can permanently disable the use of cookies by Google by following this link and installing the provided plugin:
Disable Google Ads Plugin

Alternatively, you can disable the use of cookies by third-party providers by visiting the Network Advertising Initiative’s opt-out page at:
http://www.networkadvertising.org/choices/

More information on Google Remarketing and Google’s privacy policy is available here:
http://www.google.com/privacy/ads/

The legal basis is a legitimate interest under Art. 6(1)(f) GDPR, namely the targeted promotion of our services.

Google Conversion Tracking

We use Google Marketing Services (including remarketing and conversion tracking) by Google Inc., based on our legitimate interests in analyzing, optimizing, and operating our online services economically (Art. 6(1)(f) GDPR).

Google is certified under the EU-U.S. Privacy Shield, ensuring compliance with European data protection law:
Privacy Shield Info

These services enable us to display ads more relevant to users’ interests. If users are shown ads for products they previously viewed on other websites, this is referred to as remarketing.

When a user visits our or other websites using Google marketing services, Google embeds a piece of code or „remarketing tags“ (invisible graphics or code snippets, also known as web beacons) into the page. These tags store a cookie or a similar technology on the user’s device.

Cookies may come from domains such as google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com.

These files track:

  • visited websites
  • user interests
  • clicked offers
  • browser & OS information
  • referrer websites
  • access time
  • and other usage data

The user’s IP address is also collected. However, within Google Analytics, IP addresses are shortened in the EU or EEA, and only in exceptional cases are full addresses sent to Google in the USA and truncated there.

Google does not merge IP addresses with other Google user data. Information may, however, be combined with data from other Google services.

Advertising may be shown to users on other websites based on these interest profiles. All processing is pseudonymized—Google does not store or process users’ names or email addresses, only cookie-based profiles. Personal identification is only possible if users have explicitly permitted Google to do so.

Data collected through these services is transmitted to and stored on Google servers in the USA.

One of the services used is Google AdWords. In this context, each AdWords customer receives a different conversion cookie, making tracking across different websites impossible.

Information obtained via the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for tracking. These customers learn how many users clicked on their ads and were redirected to a conversion-tracking-enabled page, but not personal identities.

We also use the Google DoubleClick service, which enables ads to be displayed across partner websites based on users‘ previous web activity.

Additionally, we may use the Google Tag Manager to manage Google’s analytics and marketing services on our site.

For more information on how Google uses data for marketing purposes, visit:
https://www.google.com/policies/technologies/ads
Google’s full privacy policy:
https://www.google.com/policies/privacy

If you wish to object to interest-based advertising by Google, use the settings and opt-out options provided here:
http://www.google.com/ads/preferences

Share Buttons

This website offers the option to share content on social media platforms using the AddToAny service, including Facebook, Google Plus, Instagram, WhatsApp, Facebook Messenger, LinkedIn and Twitter. Data is only collected when these services are actively used by you. Since you can only use these services if you have an account with them and log in using your credentials, responsibility for data processing lies with the respective provider from that point onward. Creating user accounts—i.e., membership with social networks—requires your consent to their respective privacy policies. According to the AddToAny privacy policy (in English), the service does not store personal data. We also do not receive any data from AddToAny or data resulting from the use of the share buttons. Detailed information is provided by each respective platform: Facebook, Google Plus, Instagram, WhatsApp, Facebook Messenger, LinkedIn and Twitter.

Use of Facebook, Google+, Twitter, Instagram and LinkedIn Plugins

Our website uses so-called social plugins (“plugins”) from the social networks Facebook, LinkedIn and Google+, as well as the microblogging services Twitter and Instagram. These services are provided by the companies Facebook Inc., Google Inc., Twitter Inc., and Instagram LLC (collectively referred to as „providers“).

When you visit a page on our website that contains one of these plugins, your browser establishes a direct connection with the servers of Facebook, Google, Twitter, or Instagram. The plugin content is transmitted directly to your browser and integrated into the webpage. Through this integration, the providers receive the information that your browser has accessed the corresponding page, even if you do not have a profile or are not logged in. This information (including your IP address) is sent from your browser directly to a provider server in the USA and stored there.

If you are logged in to one of the services, the providers can directly associate your visit to our website with your profile on Facebook, Google+, Twitter, or Instagram. If you interact with the plugins (e.g., click the “Like,” “+1,” “Tweet,” or “Instagram” button), the relevant information is also sent directly to a provider server and stored there. It may also be published on the social network and shown to your contacts.

For information about the purpose and scope of data collection, further processing, and your rights and privacy settings, please refer to the providers‘ privacy policies:

If you do not want Facebook, Google, Twitter, or Instagram to directly associate the data collected through our website with your profile, you must log out of the relevant service before visiting our website. You can also completely block the loading of the plugins with browser add-ons, such as the script blocker “NoScript” (http://noscript.net/).

YouTube

Our website uses YouTube, a video platform provided by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, hereinafter referred to as “YouTube.” YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Google is certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active), ensuring that EU data protection standards are met even when data is processed in the US.

We use YouTube in conjunction with the “Enhanced Privacy Mode” function to display videos. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website.

According to YouTube, the Enhanced Privacy Mode means that user data is only transmitted to the YouTube server when a video is actively played. Without this mode, simply loading a page with an embedded YouTube video would automatically establish a connection to YouTube servers in the US.

When you play a video, YouTube collects and processes at least your IP address, the date and time, and the specific webpage visited. It may also connect to Google’s DoubleClick advertising network.

If you are logged into YouTube at the same time, YouTube assigns this data to your YouTube account. If you want to prevent this, log out of YouTube before visiting our site or adjust the appropriate settings in your YouTube account.

To ensure functionality and analyze usage, YouTube permanently stores cookies on your device. If you do not agree with this, you can block the storage of cookies via your browser settings. More details can be found above under “Cookies.”

Further information on data collection and use, as well as your rights and protection options, is available in Google’s privacy policy at: https://policies.google.com/privacy

Facebook Pixel

This website uses Facebook Pixel, a web analytics service provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”), based on the legal basis of overriding legitimate interest (analysis of website usage). We have signed a data processing agreement with Facebook for this purpose. Some of the data is transferred to the USA. The transfer is based on the Privacy Shield framework.

When you visit our website, a connection is established via software to Facebook’s servers, and data is transmitted to Facebook servers, some of which are located in the USA. Facebook Pixel also uses cookies to store information about website users and to analyze how users interact with the site.

According to Facebook, the data collected is used to evaluate website usage, compile reports on website activities, and provide additional services related to website and internet usage. Facebook may also pass this information on to third parties if required by law or if third parties process the data on Facebook’s behalf.

We use Facebook Custom Audiences and other tools provided by Facebook to advertise on other websites. To do this, we share your data with the relevant providers (e.g., Facebook) and use cookies or similar technologies on our website to analyze the effectiveness of our advertising efforts.

Detailed information on how Facebook handles user data can be found in Facebook’s privacy policy:

https://www.facebook.com/policy.php

Disable Facebook Pixel

You can generally prevent the collection of your user data on our website by enabling the “Do Not Track” feature in your web browser. Our website honors the Do Not Track signal that your browser sends to all websites.

You can specifically prevent the collection of your data by Facebook Pixel on this website by clicking the following link. An opt-out cookie will be set, which prevents your data from being collected on future visits to this website:
Deactivate Facebook Pixel

Google reCAPTCHA

Based on our legitimate interests (i.e., ensuring data accuracy, preventing automated registrations/orders by so-called bots, and the economical operation of our online offering in accordance with Art. 6 Para. 1 lit. f) GDPR), we use the reCAPTCHA service in certain cases:
https://www.google.com/recaptcha/intro/
provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Google is certified under the Privacy Shield agreement, providing assurance that European data protection standards are met:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

The use of reCAPTCHA is to determine whether an entry is made by a human or abusively by automated, machine processing. This verification includes the transmission of the IP address and possibly other data required by Google for the reCAPTCHA service. Your input is sent to Google and analyzed for this purpose.

For more information on Google reCAPTCHA and Google’s privacy policy, please visit:
https://www.google.com/intl/de/policies/privacy/
https://www.google.com/recaptcha/intro/android.html

Rights of the Data Subject

Right to Access

You may request confirmation from the data controller as to whether personal data concerning you is being processed.
If such processing exists, you may request the following information from the controller:

  1. the purposes for which the personal data is being processed;
  2. the categories of personal data being processed;
  3. the recipients or categories of recipients to whom your personal data has been or will be disclosed;
  4. the planned duration of storage of your personal data, or if specific information is not available, the criteria used to determine the storage duration;
  5. the existence of a right to rectification or deletion of your personal data, a right to restriction of processing by the controller, or a right to object to such processing;
  6. the existence of a right to lodge a complaint with a supervisory authority;
  7. all available information about the source of the data if the personal data was not collected directly from you;
  8. the existence of automated decision-making, including profiling, pursuant to Article 22 (1) and (4) GDPR, and – at least in these cases – meaningful information about the logic involved, as well as the significance and intended consequences of such processing for the data subject.

You also have the right to request information on whether your personal data is transferred to a third country or an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Article 46 GDPR in connection with such transfers.

Right to Rectification

You have the right to request the rectification and/or completion of your personal data from the controller if the personal data being processed is inaccurate or incomplete.
The controller must make the correction without delay.

Right to Restriction of Processing

Under the following conditions, you may request the restriction of processing of your personal data:

  1. if you contest the accuracy of your personal data for a period enabling the controller to verify its accuracy;
  2. if the processing is unlawful and you oppose the deletion of the personal data and request the restriction of its use instead;
  3. if the controller no longer needs the personal data for processing purposes, but you require it for the establishment, exercise, or defense of legal claims; or
  4. if you have objected to the processing pursuant to Article 21(1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override yours.

If the processing of your personal data has been restricted, such data – apart from its storage – may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.

If the restriction of processing was applied under the conditions listed above, you will be informed by the controller before the restriction is lifted.

Right to Deletion

a) Obligation to Delete

You may request the controller to immediately delete your personal data, and the controller is required to immediately delete this data, provided that one of the following reasons applies:

  1. The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
  2. You withdraw your consent on which the processing is based according to Art. 6 (1)(a) or Art. 9 (2)(a) GDPR, and there is no other legal basis for the processing.
  3. You object to the processing according to Art. 21 (1) GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing according to Art. 21 (2) GDPR.
  4. The personal data concerning you has been processed unlawfully.
  5. The deletion of the personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
  6. The personal data concerning you was collected in relation to offered services of the information society according to Art. 8 (1) GDPR.

b) Information to Third Parties

If the controller has made your personal data public and is required to delete it under Art. 17 (1) GDPR, they shall take reasonable steps, including technical measures, to inform other data controllers who are processing the personal data, that you, as the data subject, have requested the deletion of all links to or copies or replications of these personal data.

c) Exceptions

The right to deletion does not apply to the extent that processing is necessary:

  1. for the exercise of the right to freedom of expression and information;
  2. for compliance with a legal obligation that requires processing under Union law or the law of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of public health according to Art. 9 (2)(h) and (i) and Art. 9 (3) GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes according to Art. 89 (1) GDPR, to the extent that the right to deletion is likely to make impossible or seriously impair the achievement of the objectives of that processing; or
  5. for the establishment, exercise, or defense of legal claims.

Right to Notification

If you have exercised the right to rectification, deletion, or restriction of processing with the controller, they are required to inform all recipients to whom your personal data has been disclosed of the rectification, deletion, or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients by the controller.

Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to the controller, in a structured, commonly used, and machine-readable format. Furthermore, you have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that:

  1. the processing is based on consent according to Art. 6 (1)(a) GDPR or Art. 9 (2)(a) GDPR, or a contract according to Art. 6 (1)(b) GDPR; and
  2. the processing is carried out by automated means.

In exercising this right, you also have the right to request that the personal data concerning you be transmitted directly from one controller to another, where technically feasible. The freedoms and rights of others must not be affected by this.

The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Art. 6 (1)(e) or (f) GDPR; this also applies to profiling based on these provisions. The controller will no longer process the personal data concerning you unless they can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims. If your personal data is being processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. You have the option to exercise your right to object in connection with the use of information society services—regardless of Directive 2002/58/EC—using automated procedures that employ technical specifications.

Right to Withdraw Consent to Data Processing

You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does not affect the lawfulness of processing based on the consent before its withdrawal.

Automated Decision-Making in Individual Cases, Including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effects on you or similarly significantly affects you. This does not apply if the decision:

  1. is necessary for the conclusion or performance of a contract between you and the controller;
  2. is authorized by Union or Member State law to which the controller is subject and that law provides appropriate measures to safeguard your rights and freedoms as well as your legitimate interests; or
  3. is based on your explicit consent.

However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2)(a) or (g) applies and appropriate measures are in place to protect the rights and freedoms as well as your legitimate interests. In the cases mentioned in (1) and (3), the controller will take appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, including at least the right to obtain human intervention from the controller, to express your point of view, and to contest the decision.

The Cancellation Button

Online cancellation laws in Germany and the United States require companies to provide a simple way to cancel subscriptions and other online agreements. 

If your paid subscription is subject to German or US law, you can if you want start the process of cancelling your online subscription by sending us an email to [email protected] or:

CANCELLATION BUTTON

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence, place of work, or the place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR. The supervisory authority with which the complaint has been lodged will inform the complainant about the progress and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.