Privacy Policy

Privacy Policy of Rising Network GmbH for the use of the website www.rising.net

 

This is the privacy policy of Rising Network GmbH, Maybachufer 39, 12047 Berlin, Germany, registered with the commercial register of the Amtsgericht Charlottenburg under HRB 212265 B (hereinafter “us/we“) for the website www.rising.net (hereinafter “Website“). This policy is intended to inform “you” as a visitor of the Website about the type, scope and purpose of the collection, storage and use (hereinafter collectively referred to as “processing“) of personal data when using the Website. “Personal data” is all data that can be related to you personally, e.g. name, address, telephone number, E-mail-address, date of birth etc. (hereinafter collectively referred to as “Data“). The protection of your privacy is very important to us. Any Data will be collected, stored and used by us in accordance with the statutory provisions and will not be passed on to third parties without your consent.

 

  1. Who is responsible for the processing of my Data and who can I contact? 

Responsible” according to Art. 4 para. 7 GDPR is:

Karen Kargar (CEO)

Rising Network GmbH

Maybachufer 39

12047 Berlin, Germany

E-mail: connect@rising.net

 

  1. Which Data is processed?

When you contact us, the Data you provide (your E-mail-and IP-address) will be processed by us. We delete any such Data after storage is no longer required or restrict processing if there are any respective legal obligations.

 

2.1 Processing of Data provided to us:

We process the following Data when you communicate it to us (e.g. by E-mail or via our contact form):

  • your E-mail-address.

 

2.2 Processing of Data when visiting the Website:

When you visit the Website, information is automatically sent to the server of the Website by the browser used on your end device (hereinafter “Device“). This information is temporarily stored in a so-called “log file”. The following information is collected without any further action on your part and stored until it is automatically deleted:

  • IP-address of the requesting Device,
  • date and time of access,
  • browser, operating system and internet access provider used by the Device.

 

2.3 Cookies

In order to make visiting the Website attractive and to enable the use of certain functions, we use so-called “cookies” on some pages if you actively accept them – otherwise the functionality of the Website may be limited. Cookies are text files that are stored on your Device and enable an analysis of the use of the Website, as the Website can recognize your Device via a cookie. Cookies enable the Website to adapt its content more quickly to your interests. Cookies usually contain the name of the domain from which the cookie originates, the “validity period” of the cookie and a randomly generated number. Cookies alone do not allow any conclusions about your identity.

If cookies used by us are also used to process personal data, the processing is carried out in accordance with Art. Art. 6 para. 1 letter f) GDPR to protect our legitimate interests in the optimal functionality of the Website and its customer-friendly and effective design.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or generally.

 

  1. For what purpose ist the Data processed?

We process the Data for the following purposes:

  • to contact you;
  • for our own marketing measures, such as sending newsletters by E-mail through our external service provider Mailchimp (see mailchimp.com) who is contractually bound by a data processing agreement to observe data protection regulations (mainly the GDPR). You can unsubscribe from receiving these newsletters at any time free of charge. When you register for the newsletter, which you must confirm by means of the so-called “double opt-in-procedure”, your E-mail-address is used with your consent to send you such newsletters. In the newsletters you will find a link with which you can withdraw your consent. You can also unsubscribe from receiving the newsletters at any time by post or E-mail;
  • to analyze the use of the Website. 

The legal basis for the Data processing is Art. 6 para. 1 sentence 1 lit. f) GPDR. Our legitimate interest follows from the above listed purposes for Data collection.

 

  1. How secure is your Data? How is your Data stored?

4.1 Data Security:

When you visit the Website and use our contact form, we use the common SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of the Website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures, see Sec. 4.2, to protect your Data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

4.2 Data Storage:

Your Data is stored and backed-up with Mailchimp who secures it electronically. The entire Mailchimp application is encrypted with TLS (Transport Layer Security) which uses symmetric-key encryption to provide confidentiality to the data that it transmits. For more information see:

https://mailchimp.com/about/security/

We also store and back-up your Data electronically and encrypt it in the process, either with such cloud providers who have committed themselves contractually to observing data protection regulations (mainly the GDPR) and provide full compliance with the GDPR, or on several data carriers, one of which is not stored near the IT system (to ensure data recovery after fire or water damage).

Access to our IT system is only granted after personal authentication of currently authorized persons. Our rooms are secured by an appropriate locking system within the usual framework. All our staff are obliged to observe data protection regulations (mainly the GDPR).

 

  1. Who gets your Data?

We only pass on your Data to those third parties listed below, unless we are legally obliged to pass on your Data in any other way:

  • E-Mail-address:

To our external service provider Mailchimp (www.mailchimp.com) who is contractually bound by a data processing agreement to observe data protection regulations (mainly the GDPR), see also:

https://mailchimp.com/legal/Data-processing-addendum/

Mailchimp provides full compliance with the GDPR:

https://mailchimp.com/en/gdpr/

 

  • IP-Address etc. (see Sec. 2.2):

(a) For the purpose of designing the website to meet your needs and continuously optimizing it, we use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). In this context, pseudonymized user profiles are created and cookies are used (see Sec. 2.3). The information generated by a cookie about your use of the website such as the Data mentioned in Sec. 2.2 are transferred and stored by Google to a server, which is not always located in the EU or EEA, but can be located in the USA.

 

(b) The information is used to evaluate the use of the website, to compile reports on the activities of the website and to provide further services associated with the use of the website for the purposes of market research and to design the website to meet the needs of the market. The IP-address transmitted by your browser in the context of Google Analytics is not merged with other Google data. Google will use the information on our behalf to evaluate the use of the website, to compile reports on the activities of the website and to provide us with further services associated with the use of the website. Pseudonymous user profiles can be created from the processed data.

 

(c) We use Google Analytics only with activated IP anonymization. This means that the IP-address of the user is shortened by Google within the EU or EEA. Only in exceptional cases can the full IP-address be transferred to a Google server in the USA and shortened there.

 

(d) With the help of a browser add-on to deactivate Google Analytics JavaScript (ga.js, analtics.js, dc.js) you can prevent Google Analytics from using your data on the website. You can also prevent the collection of data generated by a cookie and related to your use of the website (including your IP-address) and the processing of this data by Google by downloading and installing a browser add-on and deactivating Google Analytics in this way:

https://tools.google.com/dlpage/gaoptout.

We would like to point out that in these cases not all functions of the website can be used to their full extent.

The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. The use of Google Analytics is in the legitimate interest of a needs-based design and continuous optimization of the website.

 

  1. Transfer of Data to a Third country 

If we process Data in a third country – i.e. outside the EU or the EEA – or if this is done in the context of the use of services of third parties or the disclosure or transfer of data to third parties, this will only take place to fulfil the purposes mentioned above, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests.

Subject to legal or contractual permissions, we process or store the Data in a third country only if the conditions of Art. 44 ff. GDPR are met, i.e. if the processing is only carried out on the basis of special guarantees, such as the legally recognized determination of a level of data protection corresponding to that of the EU in compliance with officially recognized special contractual obligations, e.g. within the framework of data processing agreements.

 

  1. How long is your Data processed?

We process your Data as long as required by legal obligations or to fulfil the above mentioned purposes or until you object to the processing.

 

  1. Social Media

8.1 General Information

(a) We operate our own social media profiles within so-called “social media networks” in order to be able to communicate with users who are active there and to inform them about us and our services.

Please note that if you are an active user of social media networks, your data may be processed outside the EU or EEA. This may result in risks for you, e.g. because it could make it more difficult to enforce your rights.

In addition, the data of users active on social media networks is usually processed for market research and advertising purposes. From the user behavior and the resulting interests of the users, for example, user profiles can be created. These user profiles can in turn be used, for example, to place advertisements within and outside of social media networks that presumably correspond to the interests of the users. For this purpose, cookies (see Section 2.3) are usually stored on the users’ end devices, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective social media networks and are logged in to these).

 

(b) Information on data processing in the social media networks we use can be found here:

Facebook

Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Irland

Privacy Policy:

https://www.facebook.com/about/privacy/

Opt-Out:

https://www.facebook.com/settings?tab=ads

cookies:

https://www.facebook.com/policies/cookies/

Instagram

Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA

Privacy Policy:

https://help.instagram.com/155833707900388/

LinkedIn

LinkedIn Ireland Unlimited Co., Wilton Place, Dublin 2, Irland

Privacy Policy:

https://www.linkedin.com/legal/privacy-policy

 

(c) The following data is generally collected and stored by social media networks:

  • user interactions (postings, likes etc.),
  • IP-addresses and cookies,
  • demographic data of the users (e.g. based on age, place of residence, language or gender)
  • statistical data on user activity in an aggregated form, i.e. without personal reference (e.g. page activities, page views, likes, recommendations, contributions).

The advertising use of your Data is therefore the main purpose of data processing for social media networks (user communication via social media and target group advertising).

 

(d) We use social media networks to share interesting content with you and the statistical functions they offer to learn more about visitors to our social media profiles. By using these features, we are able to better tailor content to the relevant target audience. In this way, we also use demographic information on the age and origin of the users, although it is generally not possible for us to make any individual personal reference here.

However, we have no influence on the type and scope of the data that the social media networks process through your use of our social media profiles and therefore inform you as follows according to our current state of knowledge:

When you access our social media profiles via the link on the website, your browser establishes a direct connection to the servers of the social media networks. As a result, they receive the information that your browser has called up the website, even if you do not have a profile on the social media networks or are not logged in at the time. If you are logged in there, the social media network concerned can directly assign the visit to the website to your user account of the network. If you do not want a social media network to associate the data collected via the website directly with your user account, you must first log out.

 

(e) Requests for information to social media networks and the assertion of user rights in connection with these are best made to the respective social media networks themselves, since only these networks have access to the data and can take appropriate measures and provide information directly. Should you nevertheless require assistance, you are welcome to contact us, as we are jointly responsible according to Art. 26 GDPR (if you visit our social media profiles, we are therefore jointly responsible with the social media networks for the processing of your data; all you need to do is send an E-mail to connect@rising.net).

 

8.2 Our legitimate Interests

The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. Our social media profiles are used in the legitimate interest of effective information and communication from/with you as a user of social media networks. If you are asked by the social media networks to consent to data processing and declare your consent, the legal basis for data processing is Art. 6 para. 1 lit. a) in conjunction with Art. 7 GDPR.

 

  1. Which Data protection and revocation rights do you have?

 9.1 You as the “Data subject” have the following Data protection rights:

  • In accordance with Art. 15 GPDR, to request information about your Data processed by us. In particular, you may request information as to the purposes of the processing, the category of Data, the categories of recipients to whom your Data has been or will be disclosed, the planned duration of storage, the existence of a right of rectification, deletion, restriction of processing or opposition, the existence of a right of objection, the origin of your Data, if not collected by us, and the existence of automated decision making including profiling and, where applicable, meaningful information on the details thereof;
  • In accordance with Art. 16 GPDR, to immediately demand the correction of incorrect or incomplete Data stored by us;
  • In accordance with Art. 17 GPDR, to demand the deletion of your Data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • In accordance with Art. 18 GPDR, to demand the restriction of the processing of your Data if the accuracy of the Data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer require the Data, but you require it for the assertion, exercise or defense of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GPDR;
  • In accordance with Art. 20 GPDR, to receive your Data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;
  • In accordance with Art. 7 Para. 3 GPDR, to revoke your once given consent at any time. As a consequence, we may not continue the Data processing based on this consent in the future; and
  • In accordance with Art. 77 GPDR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our registered office mentioned in Sec. 1.

 

9.2 You as the “Data subject” have the following right of objection:

If your Data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GPDR, you have the right to object to the processing of your personal Data in accordance with Art. 21 GPDR, if there are reasons arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without you having to state a particular situation.

If you wish to exercise your rights of revocation or objection, an E-mail to connect@rising.net is sufficient.