Protecting your privacy is very important to us. We as CPH INVEST GMBH and operator of the funding page www.cph-invest.com (hereinafter also “website”) attach great importance to the protection and confidentiality of your data. The collection and use of your personal data takes place exclusively within the framework of the legal provisions, in particular the applicable data protection law (EU General Data Protection Regulation and BDSG). Below we inform you in detail about the handling of your data.
Responsible in terms of data protection
CPH INVEST GMBH
De-Saint-Exupéry-Str. 10, 60549 Frankfurt am Main, Germany
Managing directors: Christoph Albeck, Hanno Strack
Phone: +49 69 94507758
You can reach our data protection officer as follows:
Phone: +49 69 94507758
Fax: +49 3222 409 8133
Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person. This includes, for example, your name, your address, your date of birth, your user name, your password, your e-mail address and your payment details, but also your IP address. We describe below how we process your personal data.
1. PROVISION OF THE WEBSITE AND CREATION OF LOG FILES
You can visit our website at any time without having to register or provide any information about yourself. However, each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
Description and scope of data processing: The following data is automatically collected when a page is accessed:
browser type and version,
operating system used and its interface,
language and version of the browser software,
Website from which you visit us (referrer URL),
website you visit,
access status/HTTP status code,
date and time of your access,
Time zone difference to Greenwich Mean Time (GMT),
Your Internet Protocol (IP) address.
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website.
Legal basis for data processing: The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f EU General Data Protection Regulation (GDPR).
Purpose of data processing: The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The purpose of storage in log files is to ensure the functionality and stability of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.
Duration of storage: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
You have the option of registering on our website in order to receive detailed project information and to be able to invest in the project. We process your data as follows:
Description and scope of data processing: The data you enter in the input mask will be transmitted to us and stored. A transfer of data to third parties does not take place.
At the time of registration, the following data is also stored:
(1) The IP address of the user
(2) Date and time of registration
As part of the registration process, the user’s consent to the processing of this data is obtained.
We use your e-mail address and telephone number as a contact channel for information and queries about the processing status. We would like to point out that communication via e-mail can be potentially insecure.
The provision of personal data by you is not required by law and, in the case of pure information, is not contractually required either. You are not obliged to provide us with personal data. Failure to provide personal data, insofar as this is mandatory information, means that we cannot send you detailed project information and an investment in the project is not possible.
Legal basis for data processing: The legal basis for processing the data is Art. 6 para. 1 lit. a GDPR. If the registration serves to fulfill a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b GDPR.
Purpose of data processing: If you only request detailed project information, the registration serves to be able to send you this information. If you invest in the project, the registration serves the purpose of carrying out and processing the loan relationship.
Duration of storage: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. After the contract has been fully processed, the data will only be stored for the legally prescribed periods. Your personal data will then be deleted unless you have consented to further use or processing.
Transmission of personal data
CHP INVEST GMBH will not pass on your data to third parties unless you have previously given your express consent to a transfer or the transfer is required or permitted by law. Excluded from this are our service partners, who are required to process the contractual relationship and have been commissioned by us to process personal data according to our instructions within the framework of an order processing contract. We will neither sell your data to third parties nor otherwise pass them on to third parties for advertising purposes. Our employees are bound to secrecy and to compliance with data protection regulations.
Description and scope of data processing: In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device.
You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be restricted. The following links show you how the settings can be adjusted in the following popular browsers:
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Legal basis for data processing: If personal data is processed using cookies, the legal basis is Art. 6 Para. 1 lit. f GDPR.
We require cookies for the following applications:
(3) Double click
The user data collected by cookies are not used to create user profiles.
Duration of storage: So-called transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser. Persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Use of Google Analytics
You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: http://tools.google.com/dlpage/gaoptout?hl=de . Opt-out cookies prevent future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all systems used.
Automated decision making including profiling
There is no automated decision-making including profiling.
Rights of the data subject
If your personal data is processed, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
Right to information: According to Art. 15 DS-GVO, you have the right to request information about your personal data processed by us; In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details.
Right to rectification: In accordance with Art. 16 DS-GVO, you have the right to immediately request the correction of incorrect or incomplete personal data stored by us.
Right to erasure: In accordance with Art. 17 DS-GVO, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or for Assertion, exercise or defense of legal claims is required.
Right to Restriction: In accordance with Art. 18 DS-GVO, you have the right to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, However, you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 DS-GVO.
Right to data portability: According to Art. 20 DS-GVO, you have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible.
Right of appeal: According to Art. 77 DS-GVO you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our place of business. The responsible supervisory authority for our place of business is: The Hessian data protection officer, Prof. Dr. Michael Ronellenfitsch, P.O. Box 3163, 65021 Wiesbaden, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, email: Poststelle@datenschutz.hessen.de, phone: +49 611 1408-0, fax: +49 611 1408-900.
Right of objection: You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 para. 1 lit. f DS-GVO to file an objection.
If the personal data concerning you is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising.
Right of withdrawal: You have the right to withdraw your consent to the processing of your personal data at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation. A revocation is possible at any time by e-mail to firstname.lastname@example.org or by post using the address given above.
When you visit our website, we use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognize the encryption by the closed representation of the key or lock symbol in the lower status bar or the address line of your browser (https). We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
We reserve the right to occasionally adapt this data protection declaration so that it always corresponds to the current legal requirements or to implement changes to our services in the data protection declaration, e.g. B. when introducing new services. If you visit our website again, the current data protection declaration applies.
Status: June 2023