Privacy Policy
This Privacy Policy contains information about how your personal data is processed when you visit and use this website. Our privacy policy is structured as follows:
- General Information
- Information about us as the controller of your data
- Your rights as a data subject
- Information about the data processing operations
I. General information
According to Art. 4 No. 1 of Regulation (EU) 2016/679, i.e., the General Data Protection Regulation (hereinafter “GDPR”), “personal data” (hereinafter usually just “data”) means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
According to Art. 4 No. 2 DSGVO, “processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
When processing your data, we always adhere to the principles of Art. 5 GDPR and ensure that the data is processed lawfully, fairly and in a manner comprehensible to the data subject; that it is collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes; that it is adequate and relevant to the purpose and limited to what is necessary for the purposes of the processing; that it is accurate and, where necessary, kept up to date; are kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed; and are processed in a manner which ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage by appropriate technical and organizational measures. Basically, this means that we can be held responsible for ensuring that your data is processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there. The following sections of this Privacy Policy are intended to inform you in particular about the nature, scope, purpose, duration and legal basis of the processing of your personal data by us, including the transfer of your personal data to third parties.
II. Information about us as the person responsible for processing your data
The controller of this website (the “Controller”) within the meaning of data protection law is:
MoreDiversity gGmbH
Engeldamm 64b
10179 Berlin
E-mail: [email protected]
(hereinafter referred to as “morediversity” or “we”).
The data protection officer of the controller is:
Shashank Markapuram Ramesh
III. Your rights as a data subject
In relation to the data processing described in more detail below, data subjects have the right to
To request confirmation from us as to whether data concerning them are being processed and, if so, to request access to the data processed, further information on the nature of the data processing and a copy of the data (cf. also Article 15 of the GDPR);
to demand that we correct or complete incorrect or incomplete data (cf. also Art. 16 DSGVO);
to demand from us the immediate deletion of the data concerning them (cf. also Art. 17 DSGVO);
to demand from us the restriction of processing for the reasons stated in Article 18 DSGVO;
to request from us copies of the data concerning them and/or provided by them and to transmit them to other providers/controllers (cf. also Art. 20 DSGVO);
complain to the supervisory authority if they believe that the processing of data concerning them by the controller is in breach of data protection rules (cf. also Art. 77 DSGVO).
In addition, the controller is obliged to notify all recipients to whom it discloses data of such corrections, erasures or restrictions on processing in accordance with Articles 16, 17(1) and 18 of the GDPR. However, this obligation does not apply if such notification proves impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients (see also Art. 19 DSGVO).
Likewise, data subjects have the right to object to future processing of their data by the controller pursuant to Art. 21 DSGVO, if the legal basis for such processing is the legitimate interest of the controller or a third party pursuant to Art. 6(1)(f) DSGVO. In particular, an objection to data processing for the purpose of direct marketing is always permissible.
IV. Information about data processing operations
Your data processed during the use of our website will be deleted or blocked as soon as the purpose of the storage no longer applies, provided that the deletion does not conflict with any statutory retention obligations or nothing to the contrary is stipulated below.
Log files
Our website collects a series of general data and information each time a data subject calls up the website. This general data and information is stored in the log files of the server. The browser types and versions used, the operating system used by the accessing system, the Internet page from which an accessing system accesses our website, the sub-websites accessed via our website, the date and time of access to our website, an Internet protocol address (IP address) and the Internet service provider of the accessing system may be recorded. This general information is required from a technical perspective to connect your device to our website.
In addition, this information is needed to record possible attacks on our systems. When using this general data and information, we generally do not draw any conclusions about the data subject. Rather, this information is needed to deliver the content of our website correctly and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
The legal basis for the processing is Art. 6 (1) lit. f DSGVO. Our legitimate interest results from the above-mentioned purposes of data collection. The aforementioned log files are regularly deleted after one week and only kept longer in the event of a cyberattack, if necessary, until the incident has been resolved.
Pre-contractual requests
Our website is intended to provide you with detailed information about us and our products. If you would like to learn more about morediversity and our efforts to improve your business, we offer several ways to request additional information from us before you purchase a subscription. Pre-subscription requests include a download option for our whitepaper and access to a demo version of our solution.
The only personally identifiable information we request from you as part of such pre-contractual requests is a valid email address, which we may use to follow up on your request, for example, by sending you login credentials for your demo account. In addition, our sales team may contact you to ask about your usage experience or your interest in subscribing to our Services.
The legal basis for these processing operations is Art. 6(1)(b) DSGVO, insofar as the processing is necessary to process your pre-contractual request, and Art. 6(1)(f) DSGVO, insofar as the processing is necessary to protect our legitimate interest in expanding our business and continuously improving our solution by obtaining feedback from (potential) customers.
Please note that you can object to the use of your personal data for the above-mentioned legitimate interests at any time by checking the appropriate box under the respective forms or by sending an email to the addresses mentioned in this privacy notice.
Mailing lists
If you sign up for our free newsletter, the data requested from you for this purpose, i.e. your e-mail address and optionally your name and address, will be transmitted to us.
When you sign up for our free newsletter, we also store the IP address of your computer and the date and time of your registration. During the registration process, we will obtain your consent to receive this newsletter and the type of content it contains by referring to this privacy policy. The data collected will be used exclusively for sending the newsletter and will not be passed on to third parties.
The legal basis for the newsletter subscription is your declared consent in accordance with Art. 6 (1) a) DSGVO.
You can revoke your consent to receive this newsletter at any time in accordance with Art. 7 (3) DSGVO with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. If you wish to revoke your consent, simply let us know or click on the unsubscribe link contained in each newsletter.
Contact
If you contact us by e-mail or via the contact form, the data you provide will be used for the purpose of processing your request. We need this data in order to process and respond to your inquiry; otherwise, we will not be able to answer it or answer it completely.
The legal basis for this data processing is Art. 6 (1) (b) DSGVO if your request is related to an existing contract with us or if it is necessary for us to contact you in order to take steps in response to your request before concluding a contract. In all other cases, the legal basis for this data processing is Art. 6 (1) f) DSGVO; our legitimate interest is to present ourselves as a customer-friendly and support-oriented company by responding to your inquiry.
Your data will be deleted when we have fully answered your inquiry and there are no further legal retention obligations, e.g. if an order or contract results from it.
Further data processors
We use additional data processors to assist us in providing our services, as described in our Privacy Policy.
We use Google LLC for our internal email (Gmail) and documentation activities (Google Drive). Gmail is a web-based email service that allows an organization to run its email system through Google’s systems. It provides the ability to access an end user’s inbox from morediversity from a supported web browser; read, compose, reply to, and forward email; search email; and manage email through labels. It provides filters for spam and viruses, and allows our administrators to create rules for handling messages with specific content and file attachments, or to forward messages to other mail servers. Google Drive provides web-based tools that allow morediversity end users to store, transfer, and share files and watch videos.
Please note that we use these tools to communicate with you and store information that we collect from you as described in this Privacy Policy.
Although our contractor for providing Gmail and Google Drive is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and we have selected EU data centers to store personal information in Gmail or Google Drive, your information may still be accessed by Google and its subcontractors’ employees from locations outside the European Union and the European Economic Area.
We have entered into a specific privacy agreement with Google that incorporates the standard contractual clauses (the “SCCs”) issued by the European Commission. In addition to the additional measures implemented by Google, compliance with these SCCs ensures that your data is adequately protected when processed in the United States and other countries outside the European Union and the European Economic Area.
Changes to this Privacy Policy
We may change this Privacy Policy at any time. Any changes will be posted on this website. Any changes to this Privacy Policy will be effective as soon as we post the revised Privacy Policy on our website. Therefore, we encourage you to review our Privacy Policy from time to time. However, if we intend to further process your data for a purpose other than the one for which the data was originally collected, your right to proactive information pursuant to Article 13 (3) of the GDPR remains unaffected.
