We take data protection and information security very serious. The effective management of all personal data, including security and confidentiality, is the heart of our business and naturally underpins our practices and processes.
This privacy notice informs you about the type, scope and purpose of the processing of personal data we collect, use and process as a part of our website and its functions and content as well as our external online presences, such as our Social Media Profiles (the “Services”).
This notice applies to you, the User of our Services and us the provider of the Services and governs the processing of your personal data in context of our Services and business.
This Policy last updated on 5 February 2021.
Name and contact details of the responsible person:
Matt Spolnik proceeds with all data processing procedures (e.g. collection, processing and transmission) in accordance with the statutory provisions of the California Consumer Privacy Act. The following provides you with an overview of the type of data collected and how it is used and passed on, the security measures Matt Spolnik takes to protect your data and how you can exercise your rights.
Collection, use and storage of personal data
When you use the online offer, Matt Spolnik collects different data from you, partly also so-called personal data. This is information that relates to an identified or identifiable natural person (hereinafter “data subject”).
Visiting the Matt Spolnik website in general
When visiting the Matt Spolnik website, you transmit data to our web server (due to technical necessity) via your internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:
Date and time of the request
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
complete IP address of the requesting computer
amount of data transferred
For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data.
Further personal information is only collected if you provide it voluntarily, for example in the context of an enquiry or registration. Depending on the area concerned, Matt Spolnik uses the personal data provided by you to answer your enquiries, to process your order and for the purpose of technical administration of the websites. In detail, the use in the respective areas follows as follows:
If you contact Matt Spolnik via a contact form on the Matt Spolnik website, the data you provide will be stored so that your message can be forwarded to the correct contact person. Your data provided via a contact form will not be used for any other purposes, in particular not for advertising.
Disclosure and deletion of personal data
Visiting the Matt Spolnik website
The data stored during the mere visit of the Matt Spolnik website will not be passed on to third parties.
Only if your enquiry or comment concerns a different Matt Spolnik than the one whose contact form you have used, will your message and the associated data be transmitted to the correct contact person within the company. The data you have entered in an Matt Spolnik online contact form will not be passed on to other third parties unless you are specifically informed of this.
All your data collected on the Matt Spolnik website for the purpose of market research will be used exclusively for Matt Spolnik internal purposes and will not be passed on to third parties. They will be deleted when their knowledge is no longer necessary for market research.
Transfer to authorities and other public bodies
Your data will only be disclosed to third parties outside the Matt Spolnik if the responsible public authority or governmental institution orders the disclosure in an individual case, in which case Matt Spolnik is obliged to do so.
General technical organisational measures
The Matt Spolnik website is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need the information to perform a specific job are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.
Types of data processed:
– Inventory data (e.g., names, addresses).
– Contact data (e.g., e-mail, telephone numbers).
– Content data (e.g., text input, messages, content).
– Contract data (e.g., subject matter of contract, term, customer category).
– Payment data (e.g., bank details, payment history).
– Usage data (e.g., websites visited, interest in content, access times).
– Meta/communication data (e.g., device information, IP addresses).
Categories of data subjects:
– Customers, interested parties, visitors and users of the online offer, business partners.
– Visitors and users of the online offer.
In the following, we also refer to the data subjects collectively as “users”.
Purpose of processing:
– Provision of the online offer, its content and functions.
– Provision of contractual services, service and customer care.
– Answering contact requests and communication with users.
– Marketing, advertising and market research.
– Security measures.
Relevant legal basis
– your consent;
– to fulfill our services;
– to carry out contractual measures;
– to respond to inquiries;
– to fulfill our legal obligations; and
– our legitimate interests;
Disclosure And Transmission Of Data
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers is necessary for the performance of a contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisers, customer care, accounting, billing and similar services that allow us to efficiently and effectively fulfill our contractual obligations, administrative tasks and duties).
Transfers To Third Countries
If we process data in a third country (outside the USA) this happens in the context of using third-party services or disclosing, or transferring data to third parties, this will only happen if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests.
Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements I.e. the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection or compliance with officially recognized special contractual obligations (so-called “contractual clauses”).
Rights Of The Data Subjects
If you are a California resident, you have the following rights:
You have the right to:
– request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, and sell.
– request that we delete personal information that we collect from you, subject to applicable legal exceptions.
– “opt out” of the “sale” of your “personal information” to “third parties”
In addition under California’s “Shine the Light” law, California residents who provide personal information (as defined in the statute) to obtain services are entitled to request and obtain from us, once per calendar year, information about the personal information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediate prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain the information about data we hold about you or to effect the opt out, please contact us.
Business Analyses And Market Research
In order to operate our business economically and to be able to recognize market trends, customer and user wishes, we analyze the data we have on business transactions, contracts, inquiries, etc.. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata, whereby the data subjects include customers, interested parties, business partners, visitors and users of the online offer. The analyses are carried out for the purpose of business management evaluations, marketing and market research. In doing so, we may take into account the profiles of registered users with details of, for example, their purchase transactions. The analyses serve us for the increase of the user friendliness, the optimization of our offer and the business management. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with aggregated values.
If these analyses or profiles are personal, they will be deleted or anonymized upon termination of the user, otherwise after two years from the conclusion of the contract. Otherwise, the overall business analyses and general tendency analyses shall be prepared anonymously, if possible.
If we provide advance services, we reserve the right to obtain identity and credit information for the purpose of assessing the credit risk on the basis of mathematical-statistical methods from specialized service providers (credit agencies) in order to protect our legitimate interests.
We process the information received from the credit agencies about the statistical probability of a payment default within the framework of an appropriate discretionary decision about the establishment, implementation and termination of the contractual relationship. We reserve the right to refuse payment on account or any other advance payment in the event of a negative result of the credit check.
When contacting us (via contact form or e-mail), the user’s details are processed for the purpose of handling the contact request. The user’s details may be stored in our customer relationship management system (“CRM system”) or comparable inquiry organization.
We delete the inquiries if they are no longer necessary. We review the necessity every two years; we store inquiries from customers who have a customer account permanently and refer to the information on the customer account for deletion. Furthermore, the legal archiving obligations apply.
Collection Of Access Data And Log Files
We collect on the basis of our legitimate interests, we collect data about each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
Online Presences In Social Media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply.
Unless otherwise stated in this policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. Insofar as the contents of the Newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. Otherwise, our newsletters contain information about our products, offers, promotions and our company.
Double opt-in and logging: The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or if we use a shipping service provider, from their server. In the course of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor, if used, that of the dispatch service provider to observe individual users. The analyses serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Newsletter recipients can cancel the receipt of our newsletter at any time, i.e. revoke their consents. You will find a link to cancel the newsletter at the end of each newsletter. At the same time, their consent to the performance measurement will expire. A separate cancellation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled. With the unsubscription from newsletter, the personal data will be deleted, unless their retention is legally required or justified, in which case their processing will be limited only to these exceptional purposes. In particular, we may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them for newsletter sending purposes, in order to be able to prove consent formerly given. The processing of this data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time.
Integration Of Services And Contents Of Third Parties
We use within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer), we use content or services offered by third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always requires that the third-party providers of this content are aware of the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be linked to such information from other sources.
The following presentation provides an overview of third-party providers and their content, along with links to their privacy policies, which contain further information on the processing of data and, in part already mentioned here.
Content Delivery Network Cloudflare and WordPress , live chat bot, Social Media Widgets Facebook, Twitter and LinkedIn
This Data Protection Policy and our commitment to protecting the privacy of your personal data can result in changes to this Data Protection Policy. Please regularly review this Data Protection Policy to keep up to date with any changes.
Queries and Complaints
Any comments or queries on this policy should be directed to us using the following contact details.