Datenschutz
Smart Knowledge Hub
© 2019-present Pokeshot GmbH
Updated: 01.01.2019
Data protection officer:
E-Mail: kontakt [at] agidat [dot] de
This website is owned by Coca-Cola European Partners Deutschland GmbH, Stralauer Allee 4, 10245 Berlin, (referred as "CCEP"). This website is hosted by Core Learning Production, Denninger Str. 132, 81927 München as part of their Knowledge.Hub service.
This privacy statement clarifies the nature, scope and purpose of the processing of personal data within our Knowledge.Hub service and the related websites, functions and contents (hereinafter collectively referred to as Knowledge.Hub service). The data protection declaration applies irrespective of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the Knowledge.Hub service is executed.
The terminology used, such as "personal data" or "processing", refers to the definitions in article 4 of the Basic Data Protection Regulation (DSGVO).
Basics of data processing and legal bases
This privacy statement is defined on the type, the scope and purpose of the processing of personal information within the Knowledge.Hub service Web pages associated with it, functions and content. The privacy statement applies regardless of the used domains, systems, platforms, and devices (for example, desktop or mobile) that is running the online offer.
We refer to the definitions in article 4 of the data protection Regulation (DSGVO) the used terms such as "Personal Data" or "Processing".
The user personal data processed in the context of Knowledge.Hub service inventory data (names and eMail address), use data (the visited content, learning records, app crash data) and Content data (search terms).
The term "User" includes all categories of the data subject’s data processing. The used terminology, such as "users" are gender-neutral.
We process personal data only in accordance with the relevant data protection provisions. This means that the user’s data are processed only if there is a legal permit. I.e., in particular if the data processing to provide our contractual services (E.g., processing of orders, providing the Knowledge.Hub service), as well as online services is required, or required by law, is a consent of the users, as well as because of our legitimate interests (i.e., interest in the analysis, optimization and economic operation and security of our service for the purposes of article 6 par. 1 lit. f. DSGVO, especially the crash data, log analyses) and collection of access data and use of the services of third parties.
We point out that the legal basis of consent is article 6 par. 1 lit. a. and article 7 DSGVO, the legal basis for the processing to the performance of our services and contractual implementation is article 6 par. 1 lit. b. DSGVO, the legal basis for the processing to fulfil our legal obligations is Article 6 par. 1 lit. c. DSGVO, and the legal basis for the processing to preserve our legitimate interests article is 6 par. 1 lit. f. DSGVO.
Safety measures
We take organizational, contractual and technical security measures according to the state of the art, to ensure compliance with the regulations of data protection laws and processed to allow the US data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons to protect.
The safety measures are the encrypted transmission of data between your client and our server.
Disclosure of data to third parties and third-party
A transfer of data to third parties is done only in the context of the statutory provisions. Only then, we pass the data of users to third parties if this E.g. based on article 6 paragraph 1, lit. (b) DSGVO for contractual purposes is required, or on the basis of legitimate interests pursuant Article 6 par. 1 lit. f. DSGVO on economic and effective operation of our business.
If we employ subcontractors to help provide our services, we take appropriate legal measures and appropriate technical and organizational measures for the protection of personal data in accordance with the relevant statutory provisions to ensure.
If content, tools or any other means from other providers (hereinafter together referred to as "Third-party") are used in the context of this privacy policy and its called Office situated in a third country, is to assume that a Data transfer to the seat States of the third-party will take place. As third countries, countries are to understand, in which the DSGVO no directly applicable law, i.e. in principle is countries outside the EU or the European economic area. The transfer of data to third countries is carried out, if there is an adequate level of data protection, a consent of the users or otherwise a legal permit.
Contractual services
We process inventory data (for example, names and email adress), contract data (E.g., services used, names of contact persons) in order to fulfil our contractual obligations and services as per article 6 par. 1 lit b. DSGVO.
We will process usage data (E.g., the visited content, crash data) and content data for purposes in a user profile to the user. Crash data will be processed anonymously and with no reference to the user.
Contact
When you contact us the data of the user is to fulfill the contact request and their processing is in accordance with Article 6 par. 1 lit. (b) DSGVO.
The information of the user can be stored in our customer relationship management system (CRM system").
We use the CRM system "Scopevisio", from Scopevisio AG, Rheinallee factory 3, 53227 Bonn, Germany) on basis of our legitimate interests (efficient and fast processing of user requests). To do this, we have contracted with so-called standard contractual clauses with Scopevisio, in which Scopevisio agrees to the processing of user data only in accordance with our instructions and to comply with the EU data protection.
Also, we use "JIRA" as a Helpdesk system on basis of our legitimate interests (efficient and fast processing of user requests). JIRA from Atlassian, Level 6, 341 George Street, Sydney, NSW, 2000, Australia. To do this, we have contracted with so-called standard contractual clauses with Atlassian, in which Atlassian agrees to the processing of user data only in accordance with our instructions and to comply with the EU data protection (https://de.atlassian.com/trust/privacy/gdpr#faq-aed8fec8-5fef-48b0-b309-fd0783085cc8)
Collection of access data and log files
We will store on basis of our legitimate interests within the meaning of article 6 paragraph 1 lit. f. DSGVO data on every access to the server on which this service resides (so-called server log files). To access data, message about successful retrieval, browser type and version, the operating system of the user, referrer URL (the previously visited page), IP address, and which belong to the retrieved Web page, file, name date and time of the retrieval, amount of data, requesting provider.
Log file information is stored for security reasons (E.g. to the elucidation of abuse or fraud) for a period of no more than seven days and then deleted. Data, which more conservation is required for evidentiary purposes are excluded from deletion until final clarification of the incident.
Cookies
Cookies are information, which will be transmitted to and stored for later retrieval by our Web servers or Web servers of third parties to the Web browser of the user. Cookies can be small files or any other kind of information storage.
We use "Session cookies" that are stored only for the duration of the current visit on our online presence (E.g. to store your login status or the shopping cart function, and therefore the use of our online offer at all allow to) can). A session cookie is stored a zuf fully generated, unique identification number a so-called session ID. A cookie also contains information about its origin and the retention period. These cookies can store any other data. Session cookies are deleted when you have stopped the use of our service and e.g. log out or.
Integration of services and content of third parties
We use within our online offer on basis of our legitimate interests (i.e., interest in the analysis, optimization and economic operation of our service for the purposes of article 6 par. 1 lit. f. DSGVO) content or services by A third-party, to include their content and services (hereinafter uniformly referred to as "Content"). This always assumes that the third-party provider of such content, perceive the IP address of the user, because they could not send the content without the IP address to their client. The IP address is required for the presentation of this content. We try to use only such content, their respective provider use the IP address for the delivery of content.
The following table provides an overview of third-party, as well as their content, along with links to their privacy policies, what more information about processing data and partly already here called opposition facilities (so-called opt-out) contain:
Login Information
Login Information for the service (names and eMail adress) is stored using Azure Active Directory Service by Microsoft Coporation, 1 Microsoft Way, Redmond, WA 98052, USA and processed by Microsoft Ireland, B, Atrium, Sandyford Industrial Estate, Carmanhall Road, Carmanhall and Leopardstown, Dublin 18, Irland for the purpose of a secure login mechanism. Microsofts service is compliant with DSGVO and indepentdently audited: https://www.bsigroup.com/en-US/Our-services/Management-system-certification/Certificate-and-Client-Directory-Search/Certificate-Client-Directory-Search-Results/?searchkey=company%3dMicrosoft%2bAzure&licencenumber=PII%20648972
Rights of the users
Users have the right to receive information about the personal data stored by us about you on request free of charge.
In addition, users have the right to rectification of incorrect data, the processing and deletion of personal data, if applicable, to assert your rights on portability and in the case of the adoption of an unlawful Data processing, to submit a complaint to the competent supervisory authority.
As users can revoke basically consent, with effect for the future.
Deletion of data
The data stored with us are deleted as soon as they are no longer required for its intended purpose and no statutory retention obligations preclude deletion. If the user’s data will not be deleted because they are required for other legally permissible purposes, the processing is restricted. I.e. the data is locked and not processed for any other purpose. This applies E.g. for data of the users who must be kept for commercial or fiscal reasons.
According to legal requirements the storage for 6 years in accordance with article 257, paragraph 1 is HGB (books, inventories, opening balance sheets, financial statements, commercial letters, accounting documents, etc.) as well as for 10 years in accordance with § 147 ABS. 1 AO (books, records, reports, Accounting documents, commercial and business letters, tax-related documents, etc.).
Changes to the privacy policy
we reserve the right to change the privacy policy, to changed legal situations, or to adjust for changes of the service, as well as the data processing. This applies however only with regard to explanations of the data processing. Unless the user consents are required or the privacy policy contain provisions of the contractual relationship with the users, the changes only with the consent of the users are.
The user will be asked to inform himself regularly about the contents of the privacy policy.