Privacy Policy

Below we provide you with an overview of what data we process for which purposes and how we ensure the protection of the data in short and in a more detailed form.

We take the protection of our user’s (“User/you/your”) personal data very seriously and strictly comply with applicable data protection laws and regulations. In this privacy policy below (“Privacy Policy”) we provide you with an overview of what data we collect for what purpose and how we ensure the protection of the data.

The controller is Basking Automation GmbH, Akazienstraße 3A, 10823 Berlin, Germany, registered with the commercial register of the local court (Amtsgericht) of Charlottenburg under HRB 192741 B, represented by the managing directors Dr. Eldar Gizzatov, Mohamad Chehab (“we/us/our”). We offer a website at www.basking.io (“Website”). We also offer services after a successful registration as defined in app.basking.io  (the “Platform”).

Please read the following information regarding the Privacy Policy carefully. In case you have further questions, please do not hesitate to contact us at any time at data@basking.io.

„In short“:

Controller Basking Automation GmbH

Akazienstraße 3A, 10823 Berlin, Germany,

registered with the commercial register of the local court (Amtsgericht) of Charlottenburg under HRB 192741 B,

represented by the managing directors Dr. Eldar Gizzatov, Mohamad Chehab

email: data@basking.io

 

Purpose and Legal Basis of Processing Data; Legitimate Interests Your data will be used for the purposes of the Website

·      to implement this Privacy Policy and carrying out the contractual relationship (§§ 14, 15 TMG or Art. 6 (1) b. GDPR),

·      for providing our services on the Website, to contact you in matters regarding our services (also by means of emails and messaging) and to ensure the technical functionality of our services fulfillment of contractual or pre-contractual obligations ((§§ 14, 15 TMG or Art. 6 (1) b. GDPR),

·      for fraud prevention (§§ 14, 15 TMG, Art. 6 (1) b. and f. GDPR),

·      to analyze your use of our services and improve our services (§§ 14, 15 TMG, Art. 6 (1) b. and f. GDPR),

·      with your express consent or instruction to carry out our business activities or sent you newsletters (Art. 6 Para. (1) a. GDPR),

or for the purposes of using the Platform

·      for providing the Platform and to ensure the technical functionality of our services fulfillment of contractual or pre-contractual obligations ((§§ 14, 15 TMG or Art. 6 (1) b. GDPR),

·      for analysis purposes and improving the Platform based on Art. 6 (1) f. GDP,

or

·      as otherwise explained in this Privacy Policy or by any communication by us.

Applicable legal provisions are in particular those of the regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016, repealing the directive 95/46/EC, on the protection of individuals with regard to the processing of Personal Data, on the free movement of such data (“General Data Protection Regulation”, GDPR) as well as in the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the German Telemedia Act (Telemediengesetz, TMG).

Regarding the data processing based on Art. 6 (1) f. GDPR we wish to achieve the legitimate interests of quality insurance, marketing and fraud prevention.

 

Provision of Data You provide data if this is necessary for the aforementioned purposes. In the event you refrain from providing such data you may face legal disadvantages, for example, limited or no possibility of using our Website and Platform as well as additional services.
Recipient(s) of Data We as well as external service partners receive your data for processing those the purpose of providing our services. We may need to share your information with our service providers and agents. Generally, we require that third party organizations who handle or obtain personal information as service providers acknowledge its confidentiality and undertake to respect an individual’s right to privacy and comply with data protection principles including this Privacy Policy.

 

Transfer of Data outside of the EU In course of data processing by us data may be transferred to third countries, i.e. countries outside the EU. This may happen via implementation of third party providers such as cloud services and external service partners which process data on our behalf. For details please refer to our Privacy Policy.

 

Your Rights You have the right to withdraw your consent relating to the use of data according to this Privacy Policy at any time with effect for the future. In the event of withdrawal the stored data shall not be processed any more and shall be deleted without hesitation. However, such data may, for example, still be used if these are still necessary for ceasing the contractual relationship.

You are entitled to access the data stored by us and are also entitled to amend or rectify your data if such data are incorrect.

You are entitled to request the erasure of your data. However, this shall not apply, in particular, if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

You are entitled to receive information about the stored data (in a structured, current and machine-readable format) at any time and to request the correction or deletion of the data in case of incorrect data storage.

To enforce your rights you may reach us through the contact details set forth above.

 

Period for Storing Data; Deletion The data are deleted if such data are no longer necessary for the purpose of processing. For more details please refer to the Privacy Policy below.
Right to Lodge a Complaint You have the right to lodge a complaint with a supervisory authority at your choice. The supervisory authorities in Germany are the responsible (data protection) authorities as set forth in the law of the states (Bundesländer). An overview of the European National Data Protection Authorities may be found here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
Automated Decision making („profiling“) In general we do not process any data via “profiling” or in form of automated decision making via the Website or Platform. However, such profiling may happen by third-party providers through the Website. We will inform you about such fact in the Privacy Policy (if possible).

In more detailed form:

 

  1. What are Personal Data?

WEBSITE:

  1. How are my Data used when visiting the Website?
  • What kind of Cookies, Web-tools or Third Party Providers does the Website use and how?

PLATFORM:

  1. How are my data used when registering for the use of the Platform and using the Platform?
  2. What Third Party Providers are processing data when using the Platform? Are my data processed outside the EU when using the Platform?

 

GENERAL:

  1. Could my Data be transferred to or shared with Third Parties? Are my data processed outside the EU when using the Service?
  • Your Rights: Right to access, rectification and erasure; right to restriction of processing, right to withdraw, right to data portability, right to lodge a complaint
  • Data Security, Scope of application
  1. Contact
  2. What are Personal Data?
  3. Personal Data and Consent

Personal Data are any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal Data includes e.g. name, email address or telephone number. Personal Data also includes information about hobbies, memberships or websites viewed by someone else.

Personal Data includes e.g. name, email address or telephone number. Personal Data also includes information about hobbies, memberships or websites viewed.

We will only collect, use and/or pass on Personal Data if this is permitted by law or if the User consents to the data processing.

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the person’s (data subject) wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her.

 

WEBSITE:

  1. How are my Data used when visiting the Website?
  2. Visiting the Website

We (or the webspace provider) collect data about each visit of our Website (so-called server logfiles). Such data include the following:

Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, User’s operating system, referrer URL (the previously visited page), IP address and the requesting provider

When using a mobile device Access Data also contains:

Country code, language, device name, operating system and version name

We use these data only for statistical analysis for the purpose of operation, security and optimization of our Website. However, we reserve the right to check these data retrospectively if there is a justified suspicion of illegal use based on concrete indications. These data is then stored because this is the only way to prevent the misuse of our Website and Platform and, if necessary, allow us to investigate any crimes committed. The storage of these data is necessary in order to protect us as the person responsible for processing the data. As a matter of principle, these data will not be passed on to third parties unless there is a legal obligation to pass it on or the transfer of data serves criminal prosecution purposes.

This data processing is based on Art. 6 (1) f. GDPR or TMG and we wish to achieve the legitimate interests of stabilizing and improving our Website, quality insurance and fraud prevention. 

  1. Contacting us

When contacting us (e.g. by email), the User’s details are stored for the purpose of processing the enquiry and, if applicable, follow-up questions based on your consent (legal basis Art. 6 (1) a. GDPR).

  1. Profiling and automated decision-making when visiting the Website

We do not use profiling or automated decision-making when processing data concerning our Website or Platform except as set forth herein. However, our third party providers (such as set forth in III.[add link] or V.[add link] below) may carry out such profiling in individual cases. We will inform you about such fact if possible.

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effect on him/her or substantially impairs him/her in a similar manner. This shall not apply where the decision (i) is necessary for the conclusion or performance of a contract between the data subject and the person responsible, (ii) is admissible under the laws of the European Union or of the member state to which the person responsible is subject and where such laws contain appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, or (iii) is taken with the explicit consent of the data subject. In these exceptional cases, the person responsible shall take appropriate measures to safeguard the rights and freedoms and the legitimate interests of the data subject, including at least the right to obtain an action by the person responsible, to state his own position and to challenge the decision.

  • What kind of Cookies, Web-tools or Third Party Providers does the Website use and how?
  1. Cookies

In order to offer you a convenient online service featuring numerous functions, our Website uses text files (“Cookies”) containing information to identify returning visitors for the time of their visit to the Website. Cookies are usually saved on the hard disk of your computer and do not cause any harm. Cookies facilitate the transfer of specific content, such as entering data, which has already been supplied, and help us identify popular sections of our Website.

OPT-OUT: You can deactivate the use of Cookies in the settings of your internet browser at any time. To find out how to change the settings, please consult the help function of your internet browser.

You may also deactivate and manage Cookies via http://www.aboutads.info/choices/ (US-website-provider) or http://www.youronlinechoices.com/uk/your-ad-choices/ (EU-website-provider).

 

Type of cookies Who serves these cookie How to OPT-OUT
Essential website cookies:

These cookies are strictly necessary to provide you with services available through our Websites and to use some of its features

Basking Automation GmbH

 

To refuse these cookies, please follow the instructions above under the heading “OPT-OUT”

 

Performance and functionality cookies:

These cookies are used to enhance the performance and functionality of our Websites but are non-essential to their use. However, without these cookies, certain functionality such as adjusting the view to your device pixel ratio become unavailable.

 

Basking Automation GmbH To refuse these cookies, please follow the instructions above under the heading “OPT-OUT”

 

Analytics and customization cookies:

These cookies collect information that is used either in aggregate form to help us understand how our Website is being used

 

Google Analytics To refuse these cookies, please follow the instructions above under the heading “OPT-OUT”

Alternatively, please click on the relevant opt-out link below: Google Analytics

 

Customer support service:

These cookies are required for the purpose of customer request, customer support and messaging services provided by our third party providers

Intercom

 

Typeform

To refuse these cookies, please follow the instructions above under the heading “OPT-OUT”

 

  1. External Links

On our Website we may link to videos and other external content, for example Youtube videos.

Such links and external content are governed by the provisions and privacy policies of the respective service providers offering the content behind those links. We do not actively check such links and external content unless required by applicable laws. If you discover wrong and/or inappropriate content please inform us, for example via email to data@basking.io and we will delete and change such links immediately.

When you click these links you may be connected to such external service and your data may be processed outside the EU. We will inform you about such fact, if possible.

  1. Intercom Customer Support Service

For the purpose of customer support and messaging we use the services of Intercom R&D Unlimited Company, an Irish company with offices at 2nd Floor, Stephen Court, 18-21 St. Stephen’s Green, Dublin 2, Republic of Ireland (“Intercom”).

Intercom will process your IP-address, device-ID as well as any data that you submit into customer support messaging for the purpose of customer support on our behalf and based on a service agreement. We (and Intercom) will use your submitted data for the your support requests and carrying out such request (as part of the contractual relationship) based on Art. 6 (1) b. GDPR or §§ 14, 15 TMG.

Intercom will also install and use “Cookies” to verify returning users. The processing of data when using Cookies is based on our legitimate interests of a statistical analysis of the User relationship for marketing and quality assurance purposes according to Art. 6 (1) f. GDPR or TMG. For details please also refer to “Cookies” [add link].

For further information about Intercom please refer to: https://www.intercom.com/de/terms-and-policies

  1. Typeform for customer request for a trial of the Basking platform

For the purpose of customer requests for trial of the Basking platform we use the services of TYPEFORM S.L. , a Spanish company with registered address at Carrer Bac de Roda, 163, 08018 Barcelona, and C.I.F. (tax identification code) B65831836, and registered in the Trade Register of Barcelona, page B-421911, folio 145, volume 43262 (“Typeform”).

Typeform collects data from the device and application the Respondent uses to access the services, such as, among other, the IP address, browser type and operating system, as well as any data submitted into the form filling for the purposes of customer support in our behalf based on a service agreement.

Typeform may also infer the geographic location based on the Respondent IP address.

Typeform records the email address in order to send you a Typeform notification email confirming your registration to a trial request.

We (and Typeform) will use your submitted data for your trial requests and carrying out such request (as part of the contractual relationship) based on Art. 6 (1) b. GDPR or §§ 14, 15 TMG.

Typeform uses third party tracking services that employ cookies and page tags to collect aggregated and anonymized data about visitors to our website. This data may include usage and User statistics. You can obtain full information about our cookie policy

For further information about Typeform’s handling of Respondent’s data please refer to: https://admin.typeform.com/to/dwk6t

PLATFORM:

  1. How are my data used when registering for the use of the Platform and using the Platform?

In order to fully use our services on the Website in form of the Platform, you will need to register and thereby submit the Personal Data, like email address, name, password.

The User can manage these data at any time under ‘Settings’ in the menu.

The registration data entered as part of the registration process and any further profile data entered, will only be used via the Website and with our support to the extent that this processing is necessary for the fulfillment of a contract with us or for the implementation of pre-contractual measures, i.e. use of the Website, as well as for the execution and processing of inquiries by the User.

The processing of data when using our Platform is generally based on your explicit consent when signing up (based on Art. 6 (1) a. GDPR) as well as the legal basis of Art. 6 (1) b. GDPR or TMG, i.e. the data will be processed, when this is necessary for the fulfillment of the contract between you and us or for the execution of pre-contractual measures that take place on your request.

For the further use of the Platform we will process our User’s data on their behalf and enter into a separate data processing agreement.

For the processing of payment data we use the external payment provider Stripe [add link to Stripe in the list below].

The data provided in the Platform will not be affected by an automated decision making via “profiling” such data.

GENERAL:

  1. Could my Data be transferred to or shared with Third Parties? Are my data processed outside the EU when using the Service?

We will transfer your Personal Data to a third party only within the scope of legal provisions, i.e. if we are obliged to transfer the data due to a government or court order, or if applicable legal provisions authorize the transfer.

If we use third party providers who process data outside the EU such third party providers guarantee to comply with EU data protection standards as set forth in this Privacy Policy.

For details of data processing by third-party providers outside the EU when using the Website or subscribing for our newsletter please refer to III. above [add link].

The data we process in connection with our Website and Platform will be stored on servers within the European Union (EU), if not provided otherwise in this Privacy Policy. For details of data processing by third-party providers outside the EU when using the Platform please also refer to the list below [add link], whereas such third party providers guarantee to comply with EU data protection standards as set forth in this Privacy Policy.

 

  1. Your Rights: Right to access, rectification and erasure; right to restriction of processing, right to withdraw, right to data portability, right to lodge a complaint
  1. Right to Access

Every user has the right to be informed at any time and free of charge about the Personal Data stored about him/her. For further information, the user can contact e.g. data@basking.io.

This right of access includes confirmation as to whether or not Personal Data is processed on the data subject and, if so, the detailed information about such processing.

The right to information does not exist if the data are only stored because they may not be deleted due to legal or statutory storage regulations, or only serve the purpose of data protection or data protection control and the provision of information would require a disproportionate effort and processing for other purposes is excluded by appropriate technical and organisational measures.

  1. Right to withdraw consent

Every user has the right to withdraw his or her consent regarding the use, processing or transmission of his/her data at any time in writing or by email to us. For this purpose, the user can contact data@basking.io.

In the event of withdrawing the consent, we will no longer process and immediately delete the stored data of the user. This does not apply if we can prove compelling grounds for processing that are worthy of protection and which outweigh the interests, rights and freedoms of the respective user or in case the processing serves to assert, exercise or defend legal claims. For example, we will continue to use data if it is still necessary for the implementation of the contractual relationship.

  1. Correction and completion of data

The user or data subject has the right to demand that we immediately correct any incorrect Personal Data concerning him/her. Taking into account the purposes of processing, the data subject has the right to request the completion of incomplete Personal Data, including by means of a supplementary declaration. For this purpose, you can contact data@basking.io at any time.

  1. Erasure (“right to be forgotten”); Restriction of processing

The user has the right to have us delete any Personal Data concerning him/her that we store or restrict the processing. For this purpose the user can contact data@basking.io.

For this the User needs to end the relationship with us. In the event of termination of the user relationship, the user’s data will be regularly deleted from the internal database. Data shall be excluded from deletion if, for example, processing of data is necessary for asserting, exercising or defending legal claims; e.g., the performance of the contract with us or if there are legal retention periods that prevent deletion. Furthermore, we carry out a restriction of the processing and no deletion of the data, as long as and insofar as we have the reason to assume that a deletion would impair your interests worthy of protection or those of the person affected. In so doing, we will inform you or the affected person of the restriction on processing, provided that such information does not prove to be impossible or would require a disproportionate effort.

In certain cases, the processing may also be restricted instead of the data being deleted.

  1. Right to transfer data

You have the right to receive any Personal Data you have provided to us in a structured, current and machine-readable format. For this purpose you can contact data@basking.io.

You also have the right to transfer this data to another controller without hindrance by the controller to whom the Personal Data have been provided, provided that the processing is based on a consent or on a contract to which the data subject is a party and that the processing is carried out by means of automated procedures.

When exercising your right to data transferability, you have the right to obtain the Personal Data to be transmitted directly by one person in charge to another person in charge, as far as this is technically feasible.

This right shall not apply where the rights and freedoms of other persons are adversely affected or where processing is necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the person responsible.

  1. Right to lodge a complaint

Each user has a right to lodge a complaint vis-á-vis a supervisory authority of his/her choice. The supervisory authorities in Germany are the competent (data protection) authorities in accordance with the respective laws of the federal states (Bundesländer).

An overview of the European National Data Protection Authorities may be found here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

  1. Duration of the storage of Personal Data; Deletion Periods

As a rule, we only store your Personal Data for as long as it is necessary for the execution of the contract or the respective purpose and limit the storage period to an absolutely necessary minimum.

In the case of long-term contractual relationships, such as the use of our Offer, these storage periods may vary, but are generally limited to the duration of the contractual relationship or, with regard to the inventory data, to the maximum legal retention periods (e.g. in accordance with the German Commercial Code (Handelsgesetzbuch, HGB) and the Tax Code (Abgabenordnung, AO)).

Criteria for the storage period include whether the data are still up-to-date, whether the contractual relationship with us still exists, whether an inquiry has already been processed, whether a process has been completed or not, and whether legal retention periods for the Personal Data concerned are relevant or not.

  • Data Security, Scope of application

In order to ensure the best possible protection of the user’s data, the Website is offered via a secure SSL connection between the user’s server and the browser, i.e. the data is transmitted in encrypted form.

We protect your Information by using data security technology and using tools such as firewalls and data encryption.

The data we process in connection with our Website and Platform will be stored on servers within the European Union (EU), if not provided otherwise in this Privacy Policy.

Please be advised, that data protection and data security for data transmission in open networks such as the internet cannot be fully guaranteed according to the current state of the art. From a technical point of view, the user is aware that the provider is able to view the web pages stored on the web server and, under certain circumstances, other data of the user stored there at any time. The user is solely responsible for the security and securing of any data transferred by him/her to the internet and stored on web servers. We cannot accept any liability for the disclosure of data due to errors or unauthorized access by third parties.

This Privacy Policy can be viewed, downloaded and printed out at any time on under [add link].

We are entitled to amend this Privacy Policy in accordance with the applicable regulations.

  • Contact

For acting out your rights and additional questions about the issue of Personal Data you can contact us at any time here.

List of Third Party Providers used by us that process Personal Data outside the EU when using the Platform (i.e. excluding web-tools on the Website as set forth above):
Third Party Provider Amazon Web Services (AWS)
Data Processing Purpose We use the service by Amazon Web Services by Amazon Web Services, Inc., 410 Terry Avenue North Seattle WA 98109, USA for the purpose of hosting your data provided in the Website or Plaform.
Data Processing outside the EU / Compliance with EU Data Protection Standard Amazon Web Services, Inc. is certified according to the EU-US agreement “privacy shield”. The “privacy shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
Further Information For further information please refer to https://aws.amazon.com/compliance/eu-data-protection/ and https://aws.amazon.com/compliance/germany-data-protection/
Third Party Provider Stripe
Data Processing Purpose For any processes regarding payments we use the services of Stripe, Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. Regarding any processes of payments we do not receive, collect and/or store any payment data. Stripe will use such data for the purpose of managing the payments relating to our services.
Data Processing outside the EU / Compliance with EU Data Protection Standard Stripe, Inc. is certified according to the EU-US agreement “privacy shield”. The “privacy shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
Further Information For further information please refer to https://stripe.com/de/privacy.
Third Party Provider Mailchimp
Data Processing Purpose We use the mail provider “Mailchimp” by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA who receives and processes on our behalf the data necessary for the mailing with our users, in particular email address, IP address, device name. These data are processed on servers in the USA. Mailchimp is a service with which the dispatch of newsletters can be organized and analyzed. With the help of Mailchimp we can analyze our newsletter campaigns. When you open an e-mail sent with Mailchimp, a file contained in the e-mail (so-called web beacon) connects to the Mailchimp servers in the USA. This allows you to determine whether a newsletter message has been opened and which links have been clicked on. In addition, technical information is recorded (e.g. time of registration, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. This is based on Art. 6 (1) f. GDPR with our legitimate interest of quality assurance and marketing.
Data Processing outside the EU / Compliance with EU Data Protection Standard MailChimp is certified according to “privacy shield”. The “privacy shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
Further Information Details on Mailchimp and its privacy policy can be found here: https://mailchimp.com/legal/privacy/