In the following, we will inform you which personal data we provide you with in accordance with the General Data Protection Regulation (GDPR) in connection with the use of our finpair service and the associated website www.finpair.de as well as https://platform.finpair.de collect and process and what purposes this processing serves.
Personal data is any data that identifies or makes you identifiable, such as your email address or name, but also other individual identifiers. In addition, we refer to the definitions in Article 4 GDPR.
finpair GmbH
Friedrichswall 10, 30159 Hanover
kontakt@finpair.de
We will only collect the personal data that is necessary for the purposes set out below and will only process it for the purposes set out below. Personal data will only be processed within the framework of legal regulations. Automated decision-making (Art. 22 GDPR) does not take place on our website and in finpair.
3.1 Processing of personal data when using the website www.finpair.de
When using the website www.finpair.de, personal data that your browser transmits to our servers is processed. This data is processed in our legitimate interest in being able to display the website to you and to ensure the stability and security of the website (Art. 6 para. 1 lit. f DSGVO).
As part of your visit to our website, we process the following categories of data:
If you contact us, the data you provide to us (e.g. your email address or telephone number) will be processed by us to process your request, for example if you have specific questions for us or would like to receive information about our services in general (Art. 6 para. 1 lit. f, or if this is in relation to the conclusion of a contract, Art. 6 para. 1 lit. b GDPR).
If you open a personal account on our website in order to use the service, we process your personal data in order to be able to carry out pre-contractual measures or fulfill our contractual obligations to you or to be able to provide you with the services you have requested (Art. 6 para. 1 lit. b GDPR). The legal basis for the collection and processing of personal data based on obligations under Sections 4, 8, 11 Money Laundering Act (GwG) is Art. 6 para. 1 lit. c GDPR.
In this context, we process the following categories of data:
You can also subscribe to an e-mail newsletter on our website. You can access the newsletter at any time in your user profile on the platform at https://platform.finpair.de/profile/user unsubscribe. Alternatively, you can find a link to unsubscribe in every newsletter email.
In order to be able to analyze the popularity of our newsletter mailings and optimize them, we log when emails have been opened and links clicked. This usage analysis is based on a balance of interests. You can object to this processing by unsubscribing from the newsletter.
When sending the newsletter, our service provider (“Chimpify”) may also use service providers outside the European Union. In this case, the service provider shall ensure that the conditions for an appropriate level of data protection within the meaning of Art. 44 et seq. of the GDPR are met.
When you visit our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and are assigned to the browser you are using. This transmits the information stored therein to the person who sets the cookie. However, this does not immediately give us knowledge of your identity.
Most browsers automatically accept cookies. Session ID cookies are automatically deleted as soon as you close your browser. Other cookies are stored on your device for a specified longer period of time and are automatically deleted after a specified period of time. However, you can configure your browser so that no cookies are stored on your computer and also remove cookies that have already been saved in your browser settings. We would like to point out that if cookies are completely deactivated, it may not be possible to use all functions of our website.
Processing for technically necessary cookies is necessary to protect legitimate interests in accordance with Art. 6 para. 1 lit. f DSGVO. Cookies that you have consented to the use of are processed on the basis of Article 6 (1) (a) GDPR.
There are technologies that have a similar purpose to cookies and store data related to a visited page in your browser (local storage, session storage).We will also inform you about the use of these technologies here.
We store the data listed below:
4.1 Cookies on the “finpair.de” website
We refrain from using cookies, local storage and session storage on our public website.
4.2 Necessary cookies on the platform “platform.finpair.de”
zero-auth session
This cookie stores a token that can be used to identify you within the platform. It is required to be able to authenticate data requests to our server systems. (Valid: During session)
You can delete any unnecessary cookies from this website at any time.
4.3 Session storage on the platform “platform.finpair.de”
LoginFromURL
When you access a link (e.g. from an email that leads directly to a specific deal) in our platform, we save the requested URL so that we can access it if it is necessary to navigate to the login page beforehand.
4.4 Local storage on the platform “platform.finpair.de”
BackendBuildTime
This value stores information from which we can deduce that the server version has been updated. The frontend, i.e. the part of the application that runs in your browser, recognizes when an update has been made available and the frontend must be updated by reloading the page.
cookie_declaration_registered
This value stores whether the cookie banner has been read so that it does not have to be displayed again every time you visit.
UIState
This value stores your display preferences, such as the number of entries in a table that are shown to you. This category includes other entries such as: portfolio_hide_repaid_liabilities or dataroom_hide_empty_folders.
finpair_user_locale
This value stores the language you have set in your user profile so that we can display public pages in the appropriate language before you log in.
xray_visibility_state
This value is used by FinPair administrators when the user interface translations are adjusted.
Apart from the cases mentioned below, the mentioned data will not be passed on to third parties. Otherwise, we will inform you in good time about data transfers in accordance with legal requirements. In the cases mentioned, data is transferred on the basis of Art. 6 para. 1 lit. f DSGVO.
We use Google Cloud Platform (GCP) as a contract processor for hosting data and services. The data is stored exclusively in a data center located in the European Union.
We use the provider Google Cloud EMEA Ltd., 70 Sir John Rogerson's Quay, Dublin 2, Ireland. Any transfer of personal data takes place in compliance with the conditions set out in Articles 44-50 GDPR and the other provisions of the GDPR to ensure that the resulting level of protection for natural persons is maintained.
finpair has accepted Google's additional data processing agreements (DPA).
For more information, see https://cloud.google.com/privacy/gdpr?hl=de.
We use Pipedrive as a contract processor for our customer service. This is an integrated software solution to connect with users of our services and improve our company's performance. For this purpose, information (e.g. IP address, type of browser, duration of visit, page accessed) is stored, processed and evaluated on servers of our software partner Pipedrive. This also sets cookies, which are stored on your computer. Specifically, we use Pipedrive for the following purposes:
— Contact management (e.g. user segmentation & CRM), user support
— Registration and contact forms
The provider Pipedrive OÜ, Mustamäe tee 3a, Tallinn, 10615, Estonia, is a software company from the EU. Any transfer of personal data takes place in compliance with the conditions set out in Articles 44-50 GDPR and the other provisions of the GDPR to ensure that the resulting level of protection for natural persons is maintained.
We've accepted Pipedrive's Data Agreement (DPA) Supplementary Agreements.
For more information, see Pipedrive's privacy policy, available at: https://www.pipedrive.com/en/privacy as well as under https://support.pipedrive.com/de/article/pipedrive-and-gdpr.
We use the brevo service, offered by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, to send transactional emails. This requires that you send your email address and name to brevo.
We have accepted the additional data agreement (DPA) from brevo.
For more information, please see brevo's privacy policy (https://www.brevo.com/de/legal/privacypolicy/) and the information on the implementation of obligations under the GDPR (https://www.brevo.com/de/dsgvo/).
We work in partnership with Kandler Gruppe GmbH, Kreuzbreite 32, 94315 Straubing to arrange municipal financing. If you use the Kandler Group's offerings on finpair and respond to tenders in the form of expressions of interest, offers or cancellations, it is necessary to provide Kandler with your name, email address and telephone number.
If you work as a company administrator on finpair, we may transfer your contact details to Kandler to help you onboard new users of your company.
For more information, please see the Kandler Group's privacy policy at https://kandler.co/impressum/.
We may be obliged to transfer data in individual cases by order of a competent authority if and to the extent that we are required to do so on the basis of a law (Art. 6 para. 1 lit. c GDPR).
Taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing as well as the different probability of occurrence and severity of the risk to your rights and freedoms, we take appropriate technical and organizational measures in accordance with Article 32 GDPR to ensure a level of protection appropriate to the risk.
We only store your data for as long as we need it to achieve the respective processing purpose and then delete it. In addition, we restrict processing if we are obliged to do so due to legal regulations, for example, and are not allowed to delete the data. Longer storage occurs if there are further statutory, legal or contractual storage obligations. This includes commercial law (§ 257 HGB) and tax law (§147 AO) storage obligations for the data categories listed there. Data to fulfill a contract, to carry out pre-contractual measures or to answer your inquiries will be kept as long as it is necessary to carry out the respective purpose or to comply with contractual or legal obligations. In addition, data may be kept longer if this is necessary to assert, exercise or defend legal claims.
For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data concerning you that we process on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR; this also applies to profiling based on this provision. We will then no longer process the personal data unless there are compelling legitimate reasons that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend our legal claims.
You can object to the processing of personal data concerning you for direct marketing purposes, including related profiling, at any time.
You also have the following rights vis-à-vis us with regard to personal data concerning you:
You can exercise these rights by sending an e-mail to kontakt@finpair.de or by post to finpair GmbH, Friedrichswall 10, 30159 Hanover.
