Privacy Policy

Introduction and Definitions

We appreciate your interest in our website. Protecting your privacy is very important to us. Below we inform you in detail about the handling of your data.

This privacy policy clarifies the nature, scope, and purpose of the processing of personal data (hereinafter short "data") within our online offering and its related websites, functions, and content as well as external online presences, such as our social media profile (hereinafter collectively referred to as "online offering"). With regard to the terminology used, e.g., "processing" or "controller", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Controller

Pineroll Media UG (haftungsbeschränkt)
Watteaustraße 10, 81479 München
Managing Director: Niklas Wittkowski
Email: info@pineroll.com
Phone: +49 89 5682 6359
Legal Notice: https://pineroll.com/impressum

Overview of Processing Operations

The following overview summarizes the types of data processed, the purposes of their processing, and refers to the data subjects.

Types of processed data
  • Inventory data (e.g., names, addresses).
  • Content data (e.g., input in online forms).
  • Contact data (e.g., email, phone numbers).
  • Meta/communication data (e.g., device info, IP addresses).
  • Usage data (e.g., visited websites, interest in content, access times).
Categories of Data Subjects
  • Communication partners.
  • Users (e.g., website visitors, users of online services).
Purposes of Processing
  • Provision of our online offering and usability.
  • Evaluation of visit actions.
  • Office and organizational procedures.
  • Direct marketing (e.g., via email or postal).
  • Feedback (e.g., collecting feedback via online form).
  • Contact requests and communication.
  • Reach measurement (e.g., access statistics, recognition of returning visitors).
  • Tracking (e.g., interest/behavioral profiling, use of cookies).
  • Contractual services and customer support.
  • Administration and responding to operational inquiries.

Relevant Legal Bases

In the following, we share the legal bases of the General Data Protection Regulation (GDPR) upon which we process personal data. Please note that in addition to the GDPR regulations, national data protection requirements in your country or our country of residence and domicile may apply. Should more specific legal bases be relevant in individual cases, we will inform you about them in the privacy policy.

  • Consent (Art. 6 Para. 1 S. 1 lit. a GDPR) - The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a Contract (Art. 6 Para. 1 S. 1 lit. b GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal Obligation (Art. 6 Para. 1 S. 1 lit. c GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate Interests (Art. 6 Para. 1 S. 1 lit. f GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as the access, input, disclosure, assurance of availability, and segregation. Furthermore, we have processes in place to guarantee the exercise of data subject rights, deletion of data, and response to data threats. We also consider the protection of personal data in the development or selection of hardware, software, and procedures, according to the principle of privacy by design and by default.

Use of Cookies

"Cookies" are small files stored on users' devices. They can store different types of information, primarily to save details about a user (or the device on which the cookie is stored) during or after their visit to an online offering. Temporary cookies, or "session cookies" or "transient cookies", are deleted when a user leaves an online service and closes their browser. In such a cookie, e.g., the contents of a shopping cart in an online shop or a login status can be saved. Cookies are called "permanent" or "persistent" if they remain stored even after closing the browser. Thus, the login status can be saved if users visit it after several days. Similarly, in such a cookie, user interests can be stored for reach measurement or marketing purposes. A "third-party cookie" is offered by providers other than the controller operating the online service (otherwise, if it is only their cookies, they are called "first-party cookies").

Contacting Us

When contacting us (e.g., via contact form, email, phone, or social media), the information provided by the requesting person will be processed to the extent necessary to answer the contact inquiries and any requested actions.

The answering of contact requests in the context of contractual or pre-contractual relations is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries, and otherwise on the basis of legitimate interests in answering the inquiries.

Deletion of Data

The data processed by us will be deleted in accordance with legal requirements as soon as consents granted for processing are revoked or other permissions cease to apply (e.g., if the purpose of processing this data has lapsed or they are not required for the purpose).

If the data is not deleted because it is necessary for other and legally permissible purposes, its processing will be limited to these purposes. This means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

Changes and Updates to the Privacy Policy

We ask you to regularly review the content of our privacy policy. We adapt the privacy policy as soon as changes in the data processing operations carried out by us make this necessary. We will inform you as soon as the changes require cooperation on your part (e.g., consent) or other individual notification.

Rights of Data Subjects

As a data subject, you have various rights under the GDPR, in particular those arising from Articles 15 to 21 GDPR:

  • Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR.
  • Right to withdraw consent: You have the right to withdraw your consent at any time.
  • Right of access: You have the right to obtain confirmation as to whether or not your data is being processed, and to information about this data.
  • Right to rectification: You have the right to request the completion of data concerning you or the rectification of incorrect data.
  • Right to erasure and restriction of processing: You have the right to demand that data concerning you be deleted without delay.