Purpose Privacy Policy
1. Definitions
This privacy policy uses the terminology of the GDPR.
- “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); a natural person is deemed to be identifiable person, directly or indirectly, in particular by reference to an identifier such as a name, an name, to an identification number, to location data, to an online identifier or to one or more special characteristics which are an expression of the physical, physiological, genetic, mental, economic, cultural or social characteristics of the person, psychological, economic, cultural or social identity of this natural person.
- ”Processing” shall mean any operation or set of operations which is performed with or without the aid of automatic such processing” means any operation or set of operations which is performed upon personal data, such as collection, recording, organization, organization, storage, adaptation or alteration, retrieval, consultation, use or disclosure, the storage, adaptation or alteration, retrieval, consultation, use, processing or disclosure of personal data, the disclosure by transmission, dissemination or any other form of making available, alignment or the linking, restriction, deletion or destruction.
- “Restriction of processing” means the marking of stored personal data with the aim of, their restrict their future processing.
- “Profiling” means any type of automated processing of personal data that consists of. personal data are used to evaluate certain personal aspects relating to a natural person, in particular aspects concerning natural person, in particular to evaluate aspects relating to work output, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of change of location of this natural person to analyze or predict.
- “File system” means any structured collection of personal data that is accessible according to specified criteria criteria, regardless of whether the collection is maintained centrally, decentrally, functionally or geographical aspects.
- “Responsible party” means the natural or legal person, public authority, agency or other body, who alone or jointly with others, determines the purposes and means of the processing of personal data where the purposes and means of such processing are determined by Union law or Member State law, the controller or Member State law, the controller or the specific criteria for its designation under Union law or designation may be provided for under Union or Member State law.
- “Processor” means a natural or legal person, public authority, agency or other entity, which processes personal data on behalf of the controller.
- “Recipient” means a natural or legal person, public authority, agency or other body to which personal data is disclosed, whether or not that person is a third party. or not. Public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law may receive personal data, however, shall not be deemed to be recipient; the processing of such data by the aforementioned authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.
- “Third party” means any natural or legal person, public authority, agency or other body, other than the person concerned, the controller, the processor and the persons who, under the direct responsibility of the direct responsibility of the controller or processor, are authorized to process the process personal data.
- “Consent” means the consent given by the data subject voluntarily for the specific case, in an informed manner and unambiguous manner, in the form of a statement or other unambiguous affirmative act by which the data subject indicates his or her affirmative act by which the data subject indicates that he or she consents to the processing of personal personal data concerning him or her.
2. Scope of application
- The following data protection declaration applies to the Internet presence at purpose.app (hereinafter jointly referred to as the “Website”) of the Purpose GmbH (hereinafter referred to as “we” or “us”) with its registered office at Rheinsberger Str. 76/77, 10115 Berlin, Germany, represented by the managing director Julian Willner, application.
- We are the responsible party for the processing of all personal data collected on the Website, unless otherwise stated in this Privacy Policy.
3. Data protection officer
You can reach our data protection officer at the following contact details: privacy@purpose.app
Purpose GmbH Rheinsberger Str. 33, 10115 Berlin, Deutschland
4. Legal basis for the processing of personal data
- Insofar as we obtain your consent for the processing of personal data, Art. Art. 6 para. 1 lit. a DSGVO serves as the legal basis.
- When processing personal data that is necessary for the fulfillment of a contract with you. Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that for the are necessary for the implementation of pre-contractual measures.
- Insofar as the processing of personal data is required for compliance with a legal obligation necessary to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis. Very rarely may also be the case that vital interests of you or another natural person make a processing of personal data necessary. make the processing of personal data necessary. In these cases, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
- If the processing is necessary to protect a legitimate interest of our company or of a third party and your interests, fundamental rights and freedoms do not outweigh our interest or the interest of a third party. interest of a third party, then Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing. In these cases, our legitimate interest follows from the purposes of processing listed in this privacy policy. purposes of the processing.
5. Automatic collection of access data/server log files
- We automatically collect a number of technical data when you access the Purpose website or app. These are:
- Networking related device identifiers (e.g. IP address, MAC address)
- Name / Identifier of the retrieved resource
- Parameters provided while requesting the resource
- Date and time of access
- Browser type and version
- Operating system
- Referrer URL (the previously visited website)
- We process the aforementioned data for the following purposes:
- to ensure a comfortable and safe use of our website;
- in order to be able to track unauthorized access to our offerings;
- to evaluate system security and system stability; and
- for other administrative purposes
6. User account creation and login
- In the course of creating a user account (hereinafter referred to as “registration”) for our website and app you will be asked to enter a number of personal data (in particular first name, surname, e-mail address, phone number and possibly other data that we ask for during the registration process). This data is mandatory information and is required for the conclusion of the user contract. If you do not provide this data, you will not be able to create a user account. You can enter the data and view, change and delete the data via the user account settings. It is also possible for you at any time delete the entire user account.
- The mandatory data entered during registration will be processed and used by us to:
to authenticate yourself when you log in;
Follow up on requests to update your login information;
verify your authorization to manage the user account;
enforce the terms and conditions of use of the website and the services offered therein, as well as all related enforce rights and obligations, and
Contact you for technical or legal notices, updates, security messages or other messages concerning, for example, the administration of the user account.
- This data processing is justified by the fact that the processing is necessary for the fulfillment of the contract between you as the data subject and us pursuant to Art. 6 para. 1 lit. b) DSGVO for the use of the services offered on our website and app services, and/or we have a legitimate interest in ensuring the the functionality and error-free operation of our website and the services offered there, which overrides your rights and interests in the protection of your personal data in the sense of of Art. 6 para. 1 lit. f) DSGVO.
7. Collection, processing and transfer of data based on your consent
- We collect the data consentually provided by our users to offer and enhance our social networking services. The information you provide enables us facilitate connections with friends and other users, support our users to foster deep relationships, and to deliver a personalized and engaging social networking experience. By collecting this data, we can offer features such as posting, commenting, messaging, and content sharing, allowing you to interact with others on our platform. The data you provide, such as your profile information, photos, posts, comments, preferences, and location, helps us enhance to your user experience, tailor content recommendations, and suggest relevant connections and groups based on your interests and preferences. It also enables other users to find and connect with you on our social network. We understand the importance of safeguarding your personal information and are committed to protecting your privacy. We adhere to applicable data protection laws and have implemented technical and organizational measures to ensure the security and confidentiality of your data. Please note that while providing our social networking services, we may analyze aggregated and anonymized data to gain insights into user behavior, usage patterns, and demographics. Such analysis helps us improve our services, develop new features, and enhance the overall user experience. Rest assured that this analysis does not involve the identification of individual users. By using our social networking services and providing us with your data, you consent to the collection, storage, and processing of your information as outlined in this privacy policy.
- The collection and processing of usage data takes place for the provision of the services. The collection and processing of the data is justified by the fact that the collection and processing is necessary for the fulfillment of the of the contract between you as the data subject and us pursuant to Art. 6 para. 1 lit. b) DSGVO for the use of the services. The processing of data for analysis and sharing with connections is in this respect a main service. The legal basis for the disclosure and transfer of the data is, in addition to the legal bases mentioned in § 8, your consent, Art. 6 para.1 lit. a) DSGVO. In addition we have a legitimate interest in the data processing within the meaning of Art. 6 para. 1 lit. f) DSGVO. Since you are free to use the services on our website and app, and we also provide detailed information about the collection, processing and disclosure of usage data, our legitimate interest outweighs your rights and freedoms.
8. Disclosure of data without your consent
- A passing on of your personal data without your express previous consent takes place in addition to explicitly mentioned in this privacy policy only if it is legally permissible or required. or required by law. A technical transfer may also take place if and insofar as this is necessary for the operation of our website or app and the services offered there or for other reasons for the justification, the implementation or processing of your user relationship with us. This may be the case, for example, if we host the website or app with an external service provider. Provided that this is not processing, the transfer is based on Art. 6 para. 1 lit. b) DSGVO.
- If it is necessary to clarify an illegal or improper use of the website or app and the services offered there, or for legal services offered there or for legal prosecution, personal data will be passed on to the law enforcement agencies or other authorities and, if necessary, to injured third parties or legal advisors. However, this will only happen if there are indications of illegal or abusive behavior. A transfer may also take place if this serves the enforcement of terms of use or other legal claims. We are also legally obligated, to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offenses subject to fines, and the tax authorities. Any disclosure of the personal data is justified by the fact that the processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art. 6 Para. 1 lit. f) DSGVO in conjunction with national legal national legal requirements for the disclosure of data to law enforcement authorities, or we have a legitimate interest in disclosing the data in the event of indications of abusive behavior or to enforcement of our terms of use, other terms and conditions, or legal claims, and to protect your rights and interests in the protection of your personal data within the meaning of Art. of Art. 6 para. 1 lit. f) DSGVO.
- As part of the further development of our business, the structure of our company may change. Its legal form can be changed, subsidiaries, parts of companies or components are founded, bought or sold. or components are founded, bought or sold. In such transactions, customer information may be transferred along with the part of the business being transferred. In any transfer of personal information to third parties to the extent described above, we will ensure that this is done in accordance with this privacy policy and applicable data protection law. Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as legal circumstances and to protect your rights and interests in the protection of your personal data within the meaning of Art. personal data within the meaning of Art. 6 para. 1 lit. f) DSGVO.
9. Forwarding to third parties
On our website or app and the services offered there can, by clicking on external links, redirect you to third parties. In such a situation you are leaving our website or app and third parties independently responsible for data processing
10. Contact
When contacting us (for example, by contact form or e-mail), your information will be stored for the processing of the request and kept for the event of follow-up questions arising.
11. Newsletter
- On the website you can subscribe to a newsletter, in which we inform about new features, offers and and other promotions. With the subscription to the newsletter, we store your IP address and the date of the subscription. This storage serves solely as evidence in the event that a third party misuses a e-mail address and registers for the newsletter without the knowledge of the authorized person. This data will only be used for sending the newsletter and will not be passed on to third parties.
- You can revoke your consent to the use of your e-mail address for sending the newsletter at any time. revoke. The revocation can be done via a link in the newsletters themselves or by sending a message to the contact options in the imprint of the website.
- We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which are single-pixel pixel image files that are stored on our website. Also in the newsletter received links received in the newsletter also contain this ID. For the evaluations, we link your personal data already collected by us in § 5 (data transmission during a mere visit to our website) and the web beacons with your e-mail address and an individual ID. With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record, when you read our newsletter, which links you click on in the newsletter, and use this to infer your personal interests. We link this data to actions you have taken on our website. You can object to this tracking at any time by informing us via the e-mail address given in the imprint. The information will be stored for as long as you are subscribed to the newsletter. After an unsubscription we store the data purely statistically and anonymously. Furthermore, such tracking is not possible if you have deactivated the display of images by default in your e-mail program. In this case, the newsletter will not be displayed in full and you may not be able to use all functions. If you go to display the images manually, the above-mentioned tracking will take place.
12. Cookies
- Cookies are small text files that are stored on your end device by the browser used when you call up our website or app. Individual services of a website can use this way “recognize” you and “remember” which settings you have made. This serves on the one hand the user-friendliness of our website (e.g. storage of login data). On the other hand, cookies serve to collect statistical data on website or app use and using this data for analysis.
- You can influence the use of cookies. Most browsers have an option with which which the storage of cookies is limited or completely prevented. However, we must point out point out that the use of our services and in particular the comfort of use without cookies is limited.
13. PostHog Analytics
- This website uses PostHog Analytics, a web analytics service provided by Hiberly Ltd. (”PostHog”). Posthog is an open source product analytics platform that we use to better understand user behaviour on our platform. You can read more about Posthog's privacy policy here:https://posthog.com/privacy
14. General advertising opt-out
The following link will take you to the Digital Advertising Alliance website. Here you can declare a general opt-out can be declared for various online advertising technologies. A German-language alternative to the Digital Advertising Alliance can be found here: http://www.meine-cookies.org/cookies_verwalten/praeferenzmanager-beta.html
15. Change of purpose
Processing of your personal data for purposes other than those described above will only take place insofar as a legal provision permits this or you have consented to the changed purpose of the data processing. In the case further processing for purposes other than those for which the data was originally collected, we will inform you about these other purposes prior to further processing and provide you with all further relevant information for this purpose.
16. Duration of the storage of your data
We store personal information only for as long as necessary to perform the services that you services you have requested or for which you have given your consent, or as long as the purpose of the data purpose of the data processing, taking into account your interests, unless otherwise required by law.
17. Protecting your data
In order to protect your data from manipulation, loss and unauthorized access by third parties, for example, we use technical and organizational measures to ensure an adequate level of protection of your personal data. These measures include, among other things, the use of firewalls and antivirus programs as well as manual security precautions. We review and improve our security measures on an ongoing basis in line with the current state of the art. In addition, in accordance with the principle of “privacy by default”, the strictest privacy settings are already preset when you first log in.
18. SSL encrypted data transmission
Your personal data is transmitted in encrypted form to prevent misuse by third parties. We use a so-called SSL encryption (Secure Socket Layer) for this purpose. This is a common security technology that protects your personal data, including your login and password, during transport. Please note that when transferring data over the Internet, no cannot be guaranteed to be 100% secure.
19. Your rights as a data subject
- Right to information: You have the right to request information from us at any time about the personal data we processed personal data concerning you within the scope of Art. 15 DSGVO. For this purpose you can submit a request by mail or e-mail to the address below.
- Right to rectify inaccurate data: You have the right to obtain from us the rectification without delay of the you personal data concerning you if it is incorrect. To do this please use the contact addresses below.
- Right to erasure: You have the right, under the conditions described in Art. 17 DSGVO, to request from us the to request deletion of the personal data concerning you. These conditions provide in particular a right to erasure if the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection to the processing, the existence of an objection or the existence of an erasure obligation under Union law or the law of the Member State to which we are subject. For the period of data storage, please refer to Section 6 of this privacy policy. To assert your right to erasure, please contact the contact addresses given below.
- Right to restriction of processing: You have the right to obtain from us the restriction of processing according to in accordance with Art. 18 DSGVO. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the period of time required to verify the of the accuracy, as well as in the event that the user, in the case of an existing right to erasure instead of deletion instead of deletion; furthermore, in the event that the data is not required for the purposes for which us purposes pursued by us, but the user requires them for the assertion, exercise or defense of legal claims, as well as when the successful exercise of an objection between us and the user is still in dispute. To exercise your right to restrict processing, you may exercise it, please contact us at the contact addresses below.
- Right to data portability: You have the right to obtain from us the personal data concerning you, you have provided to us in a structured, commonly used, machine-readable format in accordance with the of the Article 20 DSGVO. To exercise your right to data portability, please contact. the contact addresses below.
- Right to object: You have the right to object on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you, which is carried out, among other things, on the basis of Art. 6 Paragraph 1 lit. e) or f) DSGVO, to object in accordance with Art. 21 DSGVO. We will stop the processing of your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise or defense of legal claims. In the event of objection you can you will no longer be able to use the services on our website. You can object to the processing of your personal data at any time by sending a e-mail to privacy@purpose.app. contact details given in the imprint. The use of the services on our website is no longer possible after the objection. more possible.
Right to revoke consent: If you have given us consent to data processing, you can revoke this consent at any time in the future by sending a e-mail to privacy@purpose.app. The Use of the services on our website is no longer possible after the revocation.
- Right to complain: You have the right to contact the competent supervisory authority in case of complaints. A list of supervisory authorities can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.htm
20. Actuality and change of this privacy policy
- You can access and print out the current privacy policy at any time on our website.
- Due to the further development of our website and apps and the services offered there or due to changed legal or legal or regulatory requirements, it may become necessary for us to amend this data privacy statement. Therefore, we reserve the right to change this privacy policy at any time with effect for the future. We will inform you in an appropriate manner via the website or by e-mail about the change of the Privacy Policy with reasonable advance notice (at least 6 weeks). You will be given the opportunity to object to the change by e-mail to the e-mail address indicated in the respective imprint of the website. If you exercise your right of objection, we are entitled to delete your user account with effectively as of the date on which the change takes effect. Any backup of data is your sole responsibility.
Current valid status: 12/07/2023