Clinsher — Privacy Policy

Dated: 10/01/2021

The protection of your data, your privacy and your personal information is very important to Clinsher .

We treat your data in an appropriate and legal manner, in accordance with the General Data Protection Regulation (EU Regulation (EU) 2016/679, hereinafter “GDPR”) which came into force on 25 May 2018.

This privacy policy (the “Privacy Policy”) explains what information we collect about you, for what purposes we use this information and to whom we disclose it. It also sets out your rights with respect to information about you and who you can contact for more information or to ask questions.

We hope that this privacy policy will help you understand the type of information we process and how we process it, as well as your rights with respect to the personal data you provide to us.

When you visit Clinsher’s website at https://www.clinsher.com or https://www.clinsher.eu or one of its affiliated websites, (the “Website”) or use any of the services provided on the Website (the “Services”), you acknowledge and/or, where applicable, agree to the following.

Users who use the Website (“Users”) (“You”), (“Recruiter”), (“Employer”) expressly acknowledge that they have read the Privacy Policy and accept it without reservation before registering on the Website.

You agree that by clicking on “Register”, “Login”, “Sign Up”, “View More”, by registering, accessing or using our Services, you acknowledge the Privacy Policy. If you do not wish to accept this Privacy Policy, you will not be able to use our Services. If you wish to terminate this Privacy Policy, you may do so at any time by closing your account and no longer accessing our Services.

You acknowledge and accept that with respect to users registering on the Website, Clinsher acts as controller and/or responsible for data processing, according to the type of data collected in accordance with the GDPR as defined below.

1. DEFINITION

When used in this Privacy Policy, these terms have the following meanings. Please note that capitalized terms that are not defined in this Privacy Policy have the meanings given in the General Terms of Use.

“Applicable Law” means all applicable European Union (“EU”) or national laws and regulations relating to privacy, confidentiality, security and protection of personal data, including, without limitation : the European Union Data Protection Directive 95/46/EC, as amended or replaced, from time to time, such as by the General Data Protection Regulation 2016/679 (“GDPR”), with effect from May 25, 2018, and the laws of the EU Member States supplementing the GDPR ; Directive 2002/58/EC (“ePrivacy Directive”), as amended or replaced from time to time, and the laws of EU Member States implementing the ePrivacy Directive, including laws regulating the use of cookies and other tracking devices and unsolicited electronic communications; the laws of EU Member States regulating security breach notification and imposing data security requirements; and any laws, regulations or guidance related to the recruitment industry.

“Data Controller” means the entity that processes candidates’ personal data on behalf of the Data Controller ;

“Person Concerned” means an identified or identifiable natural person to whom the candidate’s personal data relate;

“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, which is processed by Clinsher for the purposes of the Services we offer you ;

“Processing” means any operation or set of operations which is performed upon the personal data of applicants or upon sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction ;

“Sensitive Data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, sex life or sexual orientation ;

2. THIRD PARTY WEBSITE

Our Services may contain links to third party websites, pages, information and services (the “Third Party Website”). Clinsher cannot guarantee, if you decide to click on a link to access one of these Third-Party Web Sites, that it complies with the Privacy Policy of Clinsher or an equivalent organization.

Please note that they have their own privacy policies and that Clinsher does not accept any responsibility for their policies or for the treatment of your personal data and that we do not endorse any products or services provided on these Third Party Web Sites. We recommend that you carefully read the Third Party’s privacy rules and policies before submitting Personal Data.

3. THE INFORMATION YOU PROVIDE TO US

We may collect and process the following data about you:

We will ask you to provide us with your information when you register to use our Services.

3.1 YOUR ACCOUNT

To create an account, the information we may ask you to provide includes, but is not limited to, your email address, first name, last name, phone number, location, password. If you sign up for a premium account, we may ask you to provide your payment and billing information in addition.

Please note that any reference to your data in this Privacy Policy includes data relating to other persons you have provided to us. You must obtain clear and express permission from the persons whose data you provide to us before providing it to us.

3.2 INFORMATION COLLECTED FROM RECRUITERS

3.2.1 Profile

To use our Services, you will need to create your recruiter profile. We may request the following information from you:

• First name
• Last Name
• Name of your Company
• Spoken languages
• Your level of education
• Your professional experiences
• Your skills
• A profile picture
• Your city
• Your phone number
• Your link to your LinkedIn profile
• A brief description of you
• Your email address
• Number of investments made on the platform
• Number of current placements
• And any other information allowing the Employer to select you

Most of the information you provide us with in your profile will be disclosed publicly, with the exception of your LinkedIn profile and telephone number, which will only be disclosed to Employers for whom you have chosen to recruit. It is up to you to decide if you wish to include sensitive information in your description and make it public. For example, be careful not to write or add to your profile any personal information that you would not want to be in the public domain.

3.2.2 Commitment

We collect personal data when you engage with Employers, for example when you fill out an application form and submit candidates on Clinsher.

In order to engage with an Employer you will need to provide non-personal information about the candidate you wish to refer by filling out a form. This information must be provided anonymously without the possibility of identifying the candidate. Any person disclosing the personal information of a third party via Clinsher will necessarily have to obtain their prior consent and will be held responsible for this disclosure. In no case does Clinsher authorize that personal information of third parties be revealed without their consent and without having accepted our General Terms of Use and our Privacy Policy.

3.2.3 Others

We also collect any additional information that you voluntarily and freely send to us from time to time for the use of our Services.

For the sake of clarity, we do not collect Sensitive Data. We also do not collect information about convictions and criminal offences.

If, in any case, you believe that an unauthorized profile has been created without your knowledge, you may request that it be deleted by contacting us at dpo@clinsher.com.

3.3 INFORMATION COLLECTED ON EMPLOYERS

In order to use our Services, you must create your Employer profile and post your publicly accessible job vacancy. We will ask you for the following information, but not limited to:

• First Name
• Last Name
• Name of the company you work for
• Type of company
• Location of the vacancy
• Description of the vacancy you are looking to fill
• Description of the ideal candidate, his behaviour and soft skills
• Anticipated salary
• Investment expenses
• Your company logo
• Answers related to your candidate criteria
• The values of your company
• Business phone number
• Professional email address

Most of the information that you provide to us for the use of our Services will be disclosed publicly, with the exception of your first name, last name, company name, business email address, business telephone number and company logo, which will only be disclosed to recruiters you select so that they can contact you and for the purposes of the Services we offer you. Please do not write or add to your job description any personal data that you would not wish to be in the public domain.

3.3.1 Commitment & Newsletter

We collect information about how you engage with recruiters (e.g., if you decline, accept or bookmark).

When you accept a recruiter in your favorites, the recruiter will be notified without knowing your identity.

Each week registered users as Employers will receive a weekly candidate newsletter following the publication of a vacancy on the Website. This newsletter includes information about anonymous candidate profiles whose personal data is not requested or should not be disclosed and a matching percentage to enable the Employer to assess interest. The legal basis is your consent in accordance with Art. 6, para. 1, point 1 of the GDR. In connection with your registration on the Website, we also record your IP address and the date and time of registration and confirmation in order to enable us to trace and prove the registration at a later point in time. The legal basis for this storage is a legitimate interest according to Art. 6, para. 1, point f of the GDR, the legitimate interest being the possibility to prove the registration. We store your e-mail address for the purpose of sending you the newsletter until you close the online vacancy.

The newsletters contain pixel tags in order to allow its statistical evaluation. This is a thumbnail graphic integrated into the e-mail in HTML format, which allows us to determine whether and when you opened an e-mail and which links were called up in the e-mail. Your IP address is also transmitted to our servers. However, we do not store it or other personal data. The legal basis for the use of pixel tags is a legitimate interest under the terms of art. 6, para. 1, point f of the GDPR, the legitimate interest being the evaluation and optimization of our newsletter essential to the proper functioning of our Services.

3.3.2 Others

We may collect any additional information that you voluntarily and freely send to us for the use of our Services.

For the sake of clarity, we do not collect Sensitive Data. We also do not collect information about convictions and criminal offences.

If, in any case, you believe that an unauthorized profile has been created about you, you may request that it be deleted by contacting us at dpo@clinsher.com.

4. THE INFORMATION WE COLLECT ABOUT YOU

Clinsher may collect certain information about the hardware and software on your computer or mobile device. This information may include your IP address, the type and model of your mobile device, browser type, device ID, domain names, access times and referring web site addresses. This information is used by Clinsher for the proper operation of our Services, to maintain the quality of the Services and to provide general statistics regarding the use of the Services.

Please note that Personal Data or Sensitive Data that you publicly disclose through our Services, this information may be collected and used by others due to the public nature of the Services.

While using our Services, we will retain certain information to support the proper operation of our Services and other legitimate business purposes, unless we are required by law to have your Personal Data. Clinsher will take all measures deemed necessary to protect the integrity of the Services or our users or take other measures otherwise permitted by law.

With respect to each of your visits to our website, we may automatically collect the following information:

• device-specific information, such as your hardware model, operating system version, unique device identifiers, Universal Device ID (UDID), Advertiser ID (IDFA) and mobile network information;

• technical information about your computer, including, where applicable, your IP address, operating system and browser type, as well as latitude/longitude and related geographic information about your location (e.g., city, zip code), which may be collected if you choose to share your location or inferred from your IP address, for system administration, analysis or service delivery purposes; and

• details of your visits to our website, including your browser fingerprint, the full path of Uniform Resource Locators (URLs) to, through and from our website (including date and time), the duration of visits to certain pages, and information about page interaction (such as scrolling, clicks and mouse hovers).

• referral source; length of visit; pages viewed individually; site navigation

5. HOW WE USE YOUR INFORMATION AND WHY

5.1 Justifications for all users :

The use of personal data under European Union data protection laws must be justified by one of a number of legal “reasons” and we are required to set out the reason for each use of your personal data in this Privacy Policy. These are the main reasons for our use of your information:

Basis for lawful processing :

Justification of the use – Performance of the contract and legitimate interest:

The purposes for which we hold and process User Personal Data are essential to provide you with our Services (for example, to put you in contact with other users), to provide information about those Services, and including informing you of changes to those Services.

We may use Personal Information as appropriate to :

• allow employers interested in the services of certain Recruiters to view their public profiles and the description of anonymous candidates.

• to fulfil reciprocal obligations arising from the General Terms of Use, including sending your weekly newsletter;

• inform you of any changes to the Website and/or the Services we provide;

• confirm, update and improve our user records in order to maintain an accurate and rich database;

• enable you to use the products and Services available on the Website;

• evaluate the accuracy of the information provided on the Website for the use of our services and the credibility of Clinsher;

• to send you invoices and account statements, and to collect your payments, including notifications regarding the use of your account on the Website (Non-Marketing);

• respond to any questions or complaints you may have;

• manage, analyze, understand and develop your relationship with the Website;

Any issues arising from troubleshooting, data analysis, testing, system maintenance, support reports, and hosting of data to protect and administer the database.

to keep you informed of any other/new services related to our existing relationship.

All of the above is necessary for the execution of the contract and for the legitimate interest of Clinsher in accordance with Art. 6, para. 1, point f of the GDPR.

Justification for Use – Direct Marketing

Notifications, phone calls and/or marketing emails relating to our own Services and similar products. Where required by law, we will ask for your consent at the time of collection of your data to carry out one of these types of marketing;

to provide you with information about additional services we offer. Once you have registered, we will contact you by email to provide you with information about these services.

To generate reports for statistical purposes ;

To inform you of any courses or conferences that may be of interest to you;

To keep you informed of our other services and to identify services that may be of interest to you, where these are not part of our existing relationship and you have chosen to be notified.

For clarity, we will not share your personal information with third parties for direct marketing purposes without your express consent.

Please note that you will be able to unsubscribe or opt-out of marketing emails at any time by contacting us or by any electronic means at dpo@clinsher.com or directly on the Website or by means of a link provided in each email we send to you.

Where we have obtained your prior consent, we may send you information that we believe may be of interest to you. You may receive this information by e-mail. If, at any time, you would prefer not to receive any further communications from us in any form (except in connection with information or Services that you specifically request), you will be given the opportunity to unsubscribe from such communications by means of a link provided in each email we send to you.

Purpose of Use – Legal Obligation

In the event that we are required to disclose information by law, regulation or court order and/or take action to enforce or defend any legal claim made by, against or otherwise involving you. This includes any related investigations or discoveries.

For any other reason that will be communicated to you.

Please note that we may perform further processing activities. If the purpose of these new activities is not incompatible with the above, we may use your personal data for this purpose, but we will inform you prior to any further processing.

All of the above is necessary to comply with a legal obligation and a legitimate interest in accordance with Art. 6, paragraph 1, point f of the GDPR.

Justification to a third party

Clinsher does not sell, rent or transfer to third parties its lists of users or the identity of individual users. Clinsher may, d, contact you on behalf of external business partners about a particular offer that may be of interest to you. In these cases, your unique personal data is not transferred to the third party.

6. EXPORTS OUTSIDE THE EEA

Your personal information may be accessed by our employees or service providers, transferred and/or stored in a location outside the European Economic Area (EEA), where data protection laws may be less stringent than in the EEA. In such cases, we will impose the same data protection safeguards as we do within the EEA.

Certain countries outside the EEA have been approved by the European Commission as offering protections that are substantially equivalent to the data protection laws of the EEA and therefore no additional safeguards are required to export personal information to those jurisdictions. In countries that have not had such approvals, we will seek your consent for the transfer or transfer it subject to contractual terms approved by the European Commission that impose equivalent data protection obligations directly on the recipient, unless applicable data protection law permits us to make such transfers without such formalities.

Please contact us if you would like more information on the specific safeguards applied to the export of your personal data.

Data is protected by various policies and procedures. We have confirmed that any sub-contractors outside the EU are registered with Privacy Shield.

7. PROCESSING OF DATA COLLECTED ON YOUR BEHALF

In order to provide our Services to you, we may process third party information (i.e., candidate information) on your behalf. This information should not be considered as personal data as the description of the candidate should remain strictly anonymous and general. This is the case, for example, when you fill out the candidate presentation form on the Web Stie (the forms we have made available to you in the Services). The form takes into account the anonymous and non-personal nature of the information so that the information is collected, stored and processed on your behalf.

This applies only when we act as data controller.

In order to manage the Website and to facilitate the business relationship between Recruiters and Employers, we will store certain information relating to the description of the anonymous candidates submitted:

• Brief description of the personality of the anonymous candidate;

• Brief description of the professional abilities of the anonymous candidate

• Soft skills of the anonymous candidate;

• Anonymous candidate’s performance information;

Please note that Clinsher does not under any circumstances authorize the disclosure of personal information of a third party in the form intended for the Employer. Thus, any sanctions arising from this restriction will be incurred by the Recruiter who has made the disclosure.

Clinsher does not knowingly process sensitive data within the framework of the processing activities.

Clinsher will delete from the database any third-party information within 3 weeks of sending it to the Employer if it has not attracted the attention of an Employer. Otherwise, it will be saved until the closing of the vacancy posted on the Website.

We will only process personal data to which we may have access as a result of the provision of the Services in accordance with the instructions included in the General Terms and Conditions of Use and any other data that you may provide us with in writing.

We will ensure that all employees authorized to process personal data are committed to the Privacy Policy or are subject to an appropriate legal obligation of confidentiality.

In order to provide the Services to you, we may need to use certain service providers. These service providers will only process data to the extent necessary to provide the Services, and we will enter into written agreements with them to ensure that such companies comply with the obligations included in this section and implement all necessary security measures to ensure adequate data protection.

If we wish to change any of these service providers to another, or if we need to hire new companies, you will have the right to reasonably object to such changes or new appointments within the non-extendable period of 15 business days from the publication on the Website of the updated Privacy Policy. The expression “reasonably object” will be interpreted as any challenge based on the non-compliance of the new entity to be hired with the legal requirements established by European data protection legislation. In any event, we reserve the right to terminate the relationship with you if we are unable to engage a subcontractor that is essential or necessary to provide the service.

At your request and at your expense, we will assist you with appropriate technical and organizational measures, as far as possible, for the fulfillment of your obligation to respond to requests for the exercise of the data subject’s rights under Chapter III of the GDPR, if applicable. For the avoidance of doubt, we will forward to you any requests that the data subjects may address to us directly, together with all relevant information, if any, so that you can contact the data subjects and respond to them, but we will not be responsible for responding to the data subjects.

We will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. At your request and at your expense, and taking into account the nature of the processing and the information available to us, we will reasonably assist you in complying with the security obligations set out in Article 32 of the GDPR.

We will also, at your request and at your expense, and depending on the nature of the processing and the information in our possession, provide you with assistance in complying with the obligations set out in Articles 33 to 36 of the GDPR, where applicable.

With regard to data breaches, we will inform you without delay as soon as we have confirmed that a data breach affecting personal data has occurred. We will provide you with sufficient information to enable you to comply with any obligation to report or inform the relevant authorities or data subjects. We will reasonably cooperate with you and take such reasonable commercial measures as you indicate to us to assist you in the investigation, mitigation and remediation of each such data breach. For the avoidance of doubt, you will be responsible for reporting as required by applicable law and notifying data subjects, and you will defend, indemnify and hold us harmless from and against any and all costs (including attorneys’ fees), fines or penalties, or any damages that may result from your failure to act.

In the event of termination of the Terms of Use, we will delete your personal data, unless otherwise required by law within a reasonable period of time.

We will make available to you all information necessary to demonstrate compliance with the obligations set forth in this section and we will permit and assist audits, including inspections, conducted by you or another auditor commissioned by you that is not one of our competitors. You agree not to conduct more than one (1) audit per year unless there are reasonable grounds to believe that we are not fulfilling our obligations under this section. Audits shall only be conducted during normal business hours and you shall bear all costs thereof, unless we are found to be in serious breach of this Section.

8. Subcontractors

We use subcontractors for the provision of our Services, which we list below and which may be considered our “subcontractors” for the purposes of the GDPR. The legal basis for the use of such subcontractors is a legitimate interest within the meaning of Art. 6, para. 1, item f of the GDPR. The legitimate interest is the pursuit of our business objectives, in particular for the provision of the Services otherwise described in this Data Protection Privacy Policy. There is no apparent conflict of interest as long as we have entered into a contract with the relevant subcontractors in accordance with Art. 6, paragraph 1, point f of the GDPR. 28 of the GDPR.

Hosting

We use sub-processors for hosting our Websites and our Backup Services to transfer personal data stored on our websites to them. These sub-processors are 1&1 IONOS SARL, 7 place de la Gare, 57201 SARREGUEMINES.

This subcontractor retains personal data for as long as it is stored on our websites based on the purposes set out in this Privacy Policy ;

Data Analysis

We use the Google Analytics and Search Google Console subprocessor for web analytics and search engine providers to help us improve and optimize our Website (including email). In order to improve the quality and overall user experience of the Website, we use Google Analytics from Google Inc, 1600 AmphitheaterParkway, Mountain View, CA 94043, USA, (“Google”) on the basis of a legitimate interest (i.e., an interest in ensuring the best possible user experience on the Website). Google is certified under the Privacy Shield Agreement and thus guarantees that it complies with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Security

On the basis of our legitimate interests (i.e. the interest to guarantee the accuracy of the data, to avoid automatic registrations/orders by robots and the economic implementation of our online offer in accordance with Art. 6 Para. 2). 1 point f of the GDPR), we use in some cases the reCAPTCHA service https://www.google.com/recaptcha/intro/ from Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

The use of Re-Captcha is intended to determine whether an entry is made by a human being or whether it is abused by automated processing. This includes sending to Google the IP address and any other data required by Google for the reCAPTCHA service. For this purpose, your data will be transmitted to Google and analyzed.

You may reasonably object to the use by Clinsher of a new sub-processor for legitimate reasons in the event that Clinsher acts as a data processor, subject to the termination and liability clauses of the Terms of Use. The data controller recognizes that these secondary sub-processors are essential to the provision of the Services and that opposing the use of a secondary sub-processor may prevent Clinsher from offering its Services.

More information about Google reCAPTCHA and Google’s Privacy Policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html .

Backup

We use the Managewp subprocessor https://managewp.com/ to back up our website which helps us in case of technical problems. The service is provided by GoDady.com WP EuropeTrg republike 5,11000 Belgrade, Serbia (“GoDaddy”) on the basis of a legitimate interest (i.e. the interest of ensuring the best user experience on the website). GoDaddy is certified under the Privacy Shield Agreement and therefore guarantees that it complies with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TN9xAAG&status=Active).

Email notifications :

We use the Sendgrid for services subprocessor which allows companies to integrate communication capabilities into their software applications and to improve email optimization regarding notifications from our website for the use of our services (including the sending of emails). In order to improve the quality and overall experience of website users, we use SendGrid, Inc. San Francisco, California, based on a legitimate interest (i.e., the interest of ensuring the best user experience on the website). Google is certified under the Privacy Agreement and therefore guarantees that it complies with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TNLbAAO&status=Active).

You can reasonably object to the use by Clinsher of a new sub-processor for legitimate reasons in case Clinsher acts as a data processor, subject to the termination and liability clauses of the Terms of Use. The data controller acknowledges that these sub-processors are essential to the provision of the Services and that opposing the use of a sub-processor may prevent Clinsher from offering the Services to the data controller.

9. COOKIES

Clinsher may use cookies to distinguish you from other users. This helps us to provide you with a better user experience when you use our Web Site, and also allows us to improve our Services. Please note that it is possible to disable cookies stored on your computer by modifying your browser settings. However, our Website may not function properly or certain features may not be available if you disable cookies.

10. INTERNET SECURITY

No data transmission over the internet can be guaranteed against intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection laws.

We ensure that your information is protected against unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is done through appropriate technical and organizational measures.

11. OPPOSITION TO ADVERTISING SOLICITATION

If we receive an objection from you to soliciting advertising, we may include your personal contact information (name, address, telephone number, fax number, e-mail address) in a block list to ensure that we do not send you any more unwanted advertising. The legal basis is a legitimate interest under the terms of Art. 6, para. 1, point f of the GDR, where the legitimate interest consists in the fact that we can meet our obligations resulting from your opposition to canvassing. The data will be kept for this purpose until you expressly revoke your objection to the advertising solicitation in writing.

12. YOUR RIGHTS

12.1 Right to Information

You may ask us to confirm whether your personal data will be processed by us.

If such processing has taken place, you can ask us for the following information:

(1) the purposes for which the personal data is processed ;

(2) the categories of personal data processed;

(3) the recipients or categories of recipients to whom your personal data has been or is being disclosed;

(4) the intended retention period of your personal data or, if no specific information on this subject is possible, the criteria for determining the retention period ;

(5) the existence of the right to rectify or delete your personal data concerning you, the right to limit the processing by the data controller or the right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) any available information on the origin of the data if the personal data are not collected from the data subject;

(8) the existence of automated decision making, including profiling in accordance with Art. 22 (1) and (4) of the GDPR and – at least in these cases – useful information on the logic involved and the scope and expected effects of such processing for the data subject.

You are entitled to ask whether your personal data are transferred to a third country or to an international organization. In this context, you may ask to be informed of the appropriate safeguards in accordance with Art. 46 of the GDMP in the context of the transfer.

This right to information may be limited to the extent that it is likely to render impossible or seriously hamper the achievement of statistical purposes and where the limitation is necessary for the achievement of statistical purposes.

12.2 Right of rectification

You have the right to rectify and/or complete your personal data vis-à-vis the data controller if the personal data processed concerning you is incorrect or incomplete. The person responsible will proceed without delay to the rectification.

Your right of rectification may be limited insofar as it is likely to make it impossible or seriously hamper the achievement of statistical purposes and where the limitation is necessary for the achievement of statistical purposes.

12.3 Right to limit processing

You may request that the processing of your personal data be limited under the following conditions:

(1) if you challenge the accuracy of your personal data for a period of time that allows us to verify the accuracy of the personal data ;

(2) if the processing is unlawful and you object to the deletion of the personal data and instead request that the use of the personal data be limited ;

(3) if we no longer need the personal data for processing purposes, but you need it to assert, exercise or defend legal claims, or

(4) if you have objected to the processing in accordance with Art. 21, para. 1 of the GDR and it has not yet been established whether our justified reasons outweigh yours.

If the processing of your personal data has been restricted, such data may only be processed – apart from storage – with your consent or for the purpose of asserting, exercising or defending the rights or protecting the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State.

If the restriction on processing has been limited in accordance with the above conditions, we will inform you before the restriction is lifted.

Your right of restriction may be limited to the extent that it is likely to render impossible or seriously hamper the achievement of statistical purposes and the limitation is necessary for the fulfilment of statistical purposes.

12.4 Right of deletion

13.4.1 You may request us to delete your personal data immediately and we are obliged to delete such data immediately if one of the following reasons applies :

(1) Your personal data is no longer necessary for the purposes for which it was collected or processed.

(2) You revoke your consent, on which the processing was based under the terms of Art. 6, para. 1, point a or Art. 9, para. 2, point a of the GDR, and the processing has no other legal basis.

(3) You object to the processing in accordance with art. 21, par. 1 of the GDPR and there are no compelling and legitimate reasons for the processing, or you object to the processing in accordance with art. 21, par. 2 of the GDPR.

(4) Your personal data have been processed unlawfully.

(5) The deletion of your personal data is necessary to comply with a legal obligation under European Community law or the law of the Member States to which we are subject.

(6) Your personal data has been collected in the context of the information society services provided in accordance with Art. 8, para. 1 of the Data Protection Act.

13.4.2 If we have made public the personal data concerning you and are obliged to delete them in accordance with Art. 17, para. 1 of the DPMR, we will take appropriate measures, including technical measures, taking into account the available technology and the costs of implementation, to inform the data controllers who process the personal data that you, as the data subject, have requested the deletion of all links to such personal data or copies or replicas of such personal data.

12.4.3 The right of deletion does not exist insofar as the processing is necessary

(1) in order to permit the exercise of freedom of expression and information ;

(2) for the performance of a legal obligation required for processing under European Community law or the law of the Member States to which the controller is subject or in the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller ;

(3) for reasons of public interest in the field of public health, in accordance with Art. 9(2)(h) and (i) and Art. 9(3) of the GDPR ;

(4) for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 of the GDMP, in so far as the law referred to in point (a) is likely to render impossible or seriously compromise the achievement of the objectives of such processing, or

(5) In order to assert, exercise or defend legal rights.

12.4.5 You have the right to receive personal data about you that you have provided to us in a structured, common, machine-readable format. You also have the right to transfer this data to another party without our intervention, provided that

(1) the processing is based on consent in accordance with Art. 6, para. 1, point a of the RGPD or Art. 9, para. 2, point a of the RGPD or on a contract in accordance with Art. 6, para. 1, point b of the RGPD

(2) processing is performed using automated methods.

By exercising this right, you also have the right to request that your personal data be transferred directly from one data controller to another, insofar as this is technically possible. The freedoms and rights of other persons must not be affected.

The right of transferability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

12.4.6 You may at any time exercise your right to object, for reasons arising from your particular situation, to the processing of personal data concerning you, pursuant to Article 6, paragraph 1, point e or f of the DPMR; this also applies to profiling on the basis of these provisions.

We will no longer process your personal data unless we can demonstrate compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal rights.

If your personal data is processed for the purpose of direct marketing, you are entitled to object at any time to the processing of your personal data for advertising purposes; this also applies to profiling, insofar as it is associated with this type of direct marketing.

If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

You have the possibility to exercise your right to object in the context of the use of information society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

You also have the right to object to the processing of your personal data for statistical purposes, in accordance with art. 89, para. 1 of the RGPD, for reasons arising from your particular situation.

Your right to object may be limited insofar as it is likely to make it impossible or seriously hamper the achievement of statistical purposes and where the limitation is necessary for the achievement of statistical purposes.

12.4.7 You have the right to revoke your declaration of consent to data protection at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent up to the revocation.

13. DATA STORAGE

We will only keep your data for as long as is necessary for the purposes for which it was collected. In any event, this period will not exceed five years from the date of termination of your account on our Website. This retention period allows us to use the data for the defense of any future legal claims.

The personal data of the person concerned will be retained for as long as the purpose for which it was collected.

14. CHANGES TO THE PRIVACY POLICY

Any changes we make to our Privacy Policy in the future will be posted on this page and, if there are any material changes, you will be notified by email or other means to give you an opportunity to review the changes before they apply. We therefore encourage you to check back from time to time to keep informed of how we are handling your information. If you do not agree with the changes made, we invite you to close your account accordingly. The changes are considered effective as of the effective date.

15. CONTACT

For more information about our privacy practices Questions, comments and requests regarding this privacy policy are welcome and should be sent to dpo@clinsher.com.

For the purposes of these data protection laws, Clinsher is the data controller.