Privacy Policy

Following privacy policy describes what personal data we (ThingsRock) collect and why we collect it, and what we use it for. (Last updated: December 05, 2023)

Personal data is information that relates to an identified or identifiable individual. Personal data only includes information relating to natural persons who can be identified or who are identifiable, directly from the information in question; or who can be indirectly identified from that information in combination with other information.

Contents

Responsible legal entity and data protection officer

The accountable legal entity for processing personal data is:

Contact information

In case of specific questions please contact (PGP encrypted emails welcomed via key: 98AC45B3378F5BBE8EC210703CC37A9CDF5CFEFE):

DPO contact information

Data processed when visiting this website

Our website uses services provided and hosted by OVH GmbH.

When visiting our website, some data is collected automatically. That data is used to make sure the website runs without technical errors.
The data collected:

  • Your IP-Address,
  • the URL requested,
  • Date and time of the request,
  • The size of the data delivered,
  • Error code,
  • Your browser vendor/version,
  • Your operating system,
  • Referrer URL.

This information is collected purely for logging purposes and kept temporarily.

The data logged are transferred to a third party only in exceptional cases, i.e. if there are legal obligations to do so or when the website is attacked and the prosecution requires the data. Other than this, the logged data will not be transferred to 3rd parties at all. Also, the logged data is not merged with any other collected data.

Web analysis tools

In order to optimize the information provided by our website for our users, we analyze the accesses to our website. The legal basis is article 6 paragraph 1a GDPR (Consent). This data is not used by us to identify individuals.

We use Matomo Analytics (https://matomo.org). Any IP address recorded by Matomo is immediately anonymized right before storing it. Matomo also honors the “Do-Not-Track” (DNT) setting of your browser. If “Do Not Track” is enabled for your browser then Matomo will not track you.

Current Matomo trackings setting based on your browser’s setting:

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

Any Matomo data older than 90 days is automatically purged.

Personal data processed

Contact form

We only process information that is necessary to communicate with you. Data sent via our contact form (including your contact information) are saved by us for responding to your request, as well as being able to respond to followup discussions.
Data collected:

  • Name (optional),
  • Email (mandatory, to respond to your request),
  • Phone number (optional),
  • Subject (optional),
  • Message (mandatory),
  • Your explicit permission pursuant to article 6 paragraph 1a GDPR (Without your consent no data is submitted to us).

Revoking your permission is possible at any time. Just email us where you inform us about your decision. The legality of the data processed before your revocation remains unaffected.

We transfer your data only to 3rd parties if you gave us your permission, or when legal obligations require us to do so, or we are forced by a judicial decision.

The data sent via our contact form is kept until you either request a deletion of this data, or you revoke your permission to save the data, or there is no necessity anymore to keep the data. Any legal retention periods remain unaffected by this.

Contact with people from ThingsRock

When you contact someone from ThingsRock, e.g. you give that person your business card, we will record personal data (name and contact information) in our contact database, if this required to fulfill further task for you or with you (like getting in touch with again to respond to questions or topics that you raised). This personal data is erased from our systems as soon as there is no requirement anymore to keep them.

Processing your contact information

We provide different options to get in touch with ThingsRock (Email or contact form). In this context we store the related data to contact you.

We transfer your data only to 3rd parties if you gave us your permission, or when legal obligations require us to do so, or we are forced by a judicial decision.

The data provided by you is kept until you either request a deletion of this data, or you revoke your permission to save the data, or there is no necessity anymore to keep the data. Any legal retention periods remain unaffected by this.

Cookie policy

A cookie is a small text file containing information created by a website you visit and saved on to your computer.

Currently, no cookies are served and used by the ThingsRock website.

Rights of the data subject

Following we list the rights you have as affected person according to the GDPR:

Right of access by the data subject – Article 15 GDPR
You have the right to request copies of your personal data. Exceptions to this right pursuant to section 34 BDSG (German Bundesdatenschutzgesetz) still apply.

Right to rectification – Article 16 GDPR
You have the right to request that ThingsRock correct any information you believe is inaccurate. You also have the right to request ThingsRock to complete the information you believe is incomplete.

Right to erasure – Article 17 GDPR
You have the right to request that ThingsRock erase your personal data. This is only possible if the affected personal data is either no longer required, or has been illegally processed, or the permission to process the data has been revoked. Exceptions to this right pursuant to section 35 BDSG (German Bundesdatenschutzgesetz) still apply.

Right to restriction of processing – Article 18 GDPR
You have the right to request that ThingsRock restrict the processing of your personal data, under certain conditions.

Right to data portability – Article 20 GDPR
You have the right to request that ThingsRock transfer the data that we have collected to another organization, or directly to you, under certain conditions.

Right to object – Article 21 GDPR
You have the right to object to ThingsRock’s processing of your personal data, under certain conditions.

Right to revoke your permission
If the processing of personal data is based on your permission pursuant article 6 section 1a GDPR, then you can revoke this permission at any time for this personal data. The legality of the data processed before your revocation remains unaffected.

Revocation of permission to process personal data
Some ways of processing your personal data is only possible with your explicit permission. Revoking your permission is possible at any time. Just email us where you inform us about your decision. The legality of the data processed before your revocation remains unaffected.

Right to lodge a complaint

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes this regulation.