Data Protection

 

We take the protection of your data very seriously. Any data submitted by you via the Picmentum website (www.picmentum-app.com) will be collected and used in accordance with the applicable data protection laws. The App “Picmentum” and the associated websites are operated by Cocologics GmbH. This data protection statement applies to our websites only. Should our website link you to third-party sites, we kindly ask you to inform yourself about the respective data processing procedures regarding your personal information.

1. General information
Personal data includes all data that can directly be traced back to you, such as name, address, e-mail addresses, user behaviour. The regulations set forth below inform you of the type, scope and purpose of the collection, processing and use of your personal data. Person responsible according to sec. 4, para. 7 EU General Data Protection Regulation (GDPR) is:

cocologics GmbH

represented by its Managing Director Jens Dämgen
Cannabichstr. 22
68167 Mannheim, Germany
phone +49 – 621 – 1567694
e-mail: email@cocologics.com

2. Automated data collection
If you visit the website for information purposes only, in other words, if you do not register or send us any information otherwise, we will collect only the personal data your browser sends to our server. If you wish to browse our website, we will collect the following data which is important to us for technical reasons because they are needed to allow us to show you our website and guarantee its stability and security (this is in compliance with the legal basis of sec. 6 I page 1 f GDPR): Your IP address, date and time of your website visit, time zone difference to GMT, content of the request (specific page), access status / HTTP status code, the respective data volume transmitted, the website from which the request has originated, the browser you have used, the operating system and interface as well as the name of your access provider, language and version of the browser software.
The data just mentioned will be processed by us for the following purposes:

To warrant a stable website connection,
To warrant a comfortable website experience,
To analyse the system’s security and stability as well as for other administrative purposes.
This information will be temporarily stored in a so-called log file. The information is collected without your active participation and will be stored until they are automatically deleted. In no event will we use the data collected for the purpose of drawing any conclusions about you as a person.

3. Information on cookies
We use cookies on our website. These are small files that are automatically created by your browser and will be stored on your terminal unit (laptop, tablet, smart phone etc.) when you visit our website. Cookies will have no detrimental effect to your terminal unit. They are free of viruses, Trojans or any other malware.
The cookies file information which arises from the use of your specific terminal unit. This does by no means signify that we will receive any information on your identity.
The use of cookies serves the purpose of creating an enhanced user experience and offer for you. We use, for example, so-called session cookies in order to establish that you have already visited individual pages of our website. These will be automatically deleted after you have left our website.
We also further employ temporary cookies for enhancing user experience which are stored on your terminal unit for a specific limited time period. Once you visit our website again to use our services, the website will automatically recognize that this is a repeat visit and remember your previous settings and entries so that these do not have to be repeated.
We further use cookies in order to statistically monitor the use of our website and to analyse it for the purpose of upgrading our offer for you. With the help of these cookies, we will be able to recognize you as a repeat visitor if you choose to visit our website again. Each of these cookies will be automatically deleted after a specified period of time.
The data processed via cookies is necessary for the purposes stated and safeguarding our rightful interest as well as those of third parties in line with sec. 6 I page 1 f GDPR. You may block your hard drive from storing cookies by clicking “disable cookies” in your browser settings. This may, however, limit the functionality of our services.

4. Use of our contact form/communication/downloads
If you have any questions, please do not hesitate to contact us using the form provided on our website or via our e-mail address. This requires you to state your name and a valid e-mail address so that we know who has sent us the request and are able to respond to it. Any additional information provided is voluntary.
The data processing for purposes of establishing contact is done in line with sec. 6, para. 1 lit. a GDPR based on your voluntary consent.
The personal data collected by us based upon your contacting us will be stored after the completion and/or handling of your request in order to statistically evaluate them for marketing purposes and enhancement of the offer provided by us. This is in compliance with the legal basis of sec. 6 I page 1 f GDPR. The length of time that personal data are retained is subject to the respective legal retention period. After this period has expired, the relevant data will be routinely deleted, provided they are no longer necessary for fulfilment or the initiation of the contract.

5. Use of our web shops
If you wish to place an order through our web shop, you must provide your personal data which we need to process your order; without it, we cannot conclude a contract. Mandatory information for the processing of contracts is specifically highlighted, any additional information is voluntary. We will use the data provided by you to process your order. For that purpose, we may forward your payment information to our principal bank. This is in compliance with the legal basis of sec. 6 I page 1 f GDPR.
We may additionally process the data provided by you for informing you of other interesting products from our portfolio or to send you e-mails with technical information.
Commercial and tax obligations require us to retain your address, payment and order information on file for a period of 10 years.

6. Newsletter
Your consent also enables you to subscribe to our newsletter in which we keep you informed of our current interesting offers. The newsletter will only contain services and offers from our company as well as industry-related information, if applicable.
We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you register, we will send an e-mail to the e-mail address provided in which we will ask you to confirm that you wish to subscribe to the newsletter. If you do not immediately confirm your registration, your information will be deleted. Furthermore, we will store the IP addresses you used and the time of registration and confirmation. The purpose of this procedure is to prove your registration and to clear up any possible abuse of your personal data.
Only your e-mail address is required in order to send out the newsletter Any additional information provided by you is voluntary and will be used to address you personally. Once we have received your confirmation, your e-mail address will be stored for the purpose of sending out the newsletter. This is in compliance with the legal basis of sec. 6 I page 1 f GDPR.
You may withdraw your consent regarding the transmission of the newsletter at any time and unsubscribe from the newsletter. You may communicate your cancellation of the newsletter by clicking on the link contained in each newsletter e-mail, via e-mail to email@cocologics.com or by sending a message to the contact information provided in the legal info sec.
We use the service “Mailchimp” to send out our newsletters. “Mailchimp” is a newsletter marketing service provided by the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The legal basis for using this service is our rightful interest, sec. 6, para. 1, page 1 lit. GDPR. “Mailchimp” is subject to the EU-US PrivacyShield (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). “Mailchimp” uses the recipient data as pseudonymised data, i.e. it cannot be traced back to any individual user. The data is only used to enhance internal services (such as sending, presentation or statistical purposes). In no event will “Mailchimp” use recipient data for their own contact purposes or forwarding the data to third parties.

7. Matomo
This website uses the web analysis service Matomo, (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, in order to be able to analyse the use of our website and its regular upgrades. We are able to enhance our offer by way of the statistics obtained and create a more interesting experience for you. The legal basis for use of Matomo is sec. 6, para. 1, page 1 lit. GDPR.
This evaluation is made possible by storing cookies (see clause 3) on your computer. The information collected this way will be exclusively stored on servers located in Germany. You may discontinue the evaluation by deleting the existing cookies and block the storage of cookies. Should you choose to block the storage of cookies, we would like to point out that you may not be able to use all features of this website. You may block the storage of cookies through the settings in your browser. The use of Matomo may be blocked by unchecking the following box which activates the opt-out plugin:

This website uses Matomo with the “AnonymizeIP” extension. This feature allows the IP addresses to be abbreviated in all further processing, preventing them from being directly linked to an individual. The IP address transmitted to us by your browser through Matomo will not be amalgamated with other data we collect.
Matomo is an open-source project. You will find detailed third-party data protection information under https://matomo.org/privacy-policy/.

8. Embedding YouTube videos
Our online offer includes embedded YouTube videos that are stored under http://www.YouTube.com and can be played directly from our website. These are all embedded in the “extended data protection mode”, i. e. none of your personal data will be transmitted to YouTube if you do not play the videos. It is only once you play the videos the data mentioned in paragraph 2 will be transmitted. We have no control over this data transmission.
With your visiting the website, YouTube will learn that you have clicked on the respective subpage of our website. Furthermore, the data stated in clause 2 of this declaration will be transmitted. This happens irrespective of whether or not YouTube has provided a user account through which you are logged in. Once you are logged in to Google, your data will be directly linked to your account. If you do not wish to have your data being linked with your YouTube account, you need to log out before activating the button. YouTube stores your data as user profile and uses it for advertising, market research and needs-based design of their website. Such evaluation is doner (even for users not logged in) for providing needs-based advertising and to inform other users of social networks of your activities on our website. You are entitled to a right of refusal to the creation of such user profiles, whereby such request must be directed to YouTube.
Further information on purpose and scope of the data collection and the processing by YouTube can be found in our data protection statement. There you will also find additional information on your rights and how to set options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and is subject to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

9. Rights of the persons affected

You have the right,

  • according to sec. 15 GDPR, to request information with regard to how your personal data is being processed. In particular, you may request information on the purpose of the processing, the personal data category, the recipient categories to whom your data has been or will be exposed to, the intended storage duration, the existence of the right of rectification, deletion, restriction of processing or the right to file an objection, the existence of a right of appeal, the origin of your data wherever they have not been collected by us, as well as the existence of an automated decision-making process, including profiling and, if applicable, meaningful information pertaining to its details;
  • according to sec. 16 GDPR, you may request immediate rectification of incorrect or incomplete personal data stored by us;
  • according to sec. 17 GDPR to demand that we delete the personal data stored by us, insofar as processing is not required for exercising the right of free expression and information, for fulfilling a legal obligation, for reasons of public interest or for asserting, exercising or defending of legal claims;
  • according to sec. 18 GDPR, you may demand restricted processing of your personal data. Insofar as you have contested the correctness of your data, processing it is not allowed by law, but you decline their deletion and we no longer require the data, but you nonetheless require them for the assertion, exercise or defence of legal claims, or in the event where according to sec. 21 GDPR you have appealed their processing;
  • according to sec. 20 GDPR to receive your personal data which you have made available to us in structured, common and machine-readable format or to demand transmission to another responsible individual;
  • according to sec. 7, para. 3 GDPR to revoke your consent given to us at any time. This will result in us no longer being allowed to continue processing the data which was based on this consent in the future, and
  • according to sec. 77 GDPR no longer being able to file a complaint with a Supervisory Authority. As a rule, you may address any Supervisory Authority at your usual place of residence or workplace or the location of our registered office.

10. Right of appeal
To the extent where your personal data is being processed based on legitimate interests according to sec. 6 I, page 1 GDPR, you are entitled to, according to sec. 21 GDPR, to appeal the processing of your personal data as far as this is supported by reasons which arise from your specific situation or where the appeal concerns direct marketing. In the latter case, you do have a general right of appeal which will be implemented by us without the need to state a specific situation.
If you would like to make use of your right of withdrawal or appeal, just send an e-mail to email@cocologics.com

11. Data security
We use the commonplace SSL procedure (Secure Socket Layer) in connection with the highest available encryption level supported by your browser. This is usually a 256-bit encryption. Should a 256-bit encryption not be supported by your browser, we will then opt for 128-bit v3 technology. Whether individual pages of our Internet presentation are transmitted encrypted can be seen in the little key or lock icon shown in the status bar at the bottom of your browser. As a rule, all information transmitted by you will be stored on servers located in Germany or at least the EC. For a few selected offers, we use non-European service providers, such as “Mailchimp” for our newsletter; we only use services that take part in the EU-US Privacy Shield. You may obtain further information on the EN-US Privacy Shield here. We additionally safeguard our website and other systems against loss, destruction, access, alteration or distribution of your personal data by unauthorized third parties through the appropriate technical and organizational measures.
We otherwise employ all suitable technical and organizational security measures in order to protect your data against accidental or deliberate manipulation, loss, destruction in whole or in part or against unauthorized third-party access. Our security measures are improved on an ongoing basis in accordance with the technical developments.

12. Current status and changes to this data protection statement
This data protection statement is currently valid and was last amended on May 2018.
This data protection statement may be subject to change as a result of further development of our website and additional offerings or as a consequence of amended statutory or regulatory requirements. The data protection statement in its last amended version can be downloaded and printed on the website at any time: https://www.picmentum-app.com/en/dataprotection/