Data protection

DATA PROTECTION POLICY

We at COOINX take the protection of privacy and data security very seriously.

The body responsible for the collection, processing and use of your personal data is:

COOINX S.A.
18, Duscherstroos
L-6868 Wecker
E-mail: info@cooinx.com

Our data protection officer is:

SBS DATA PROTECT Gesellschaft mit beschränkter Haftung (Limited Liability Company)
Hans-Henny-Jahnn-Way 49
22085 Hamburg, Germany
Managing Director: Thilo Noack
E-mail: info@sbs-data.de

The user (this can always be an interested party, current or former customer or sales partner of our company) can visit our website anonymously. Every time a user accesses our website, his internet browser transmits the following data to our web server as standard:

IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access Status/HTTP Status Code
the amount of data transferred in each case
Website from which the request comes
Browser
Operating system and its interface
Language and version of the browser software

However, our web server stores this data separately from other data, it is not possible for us to assign this data to a specific person. After an anonymous evaluation for statistical purposes, this data is deleted immediately.

The evaluation of the data is in the legitimate interest of COOINX to optimise our offer; the legal basis is Art. 6 para. 1 sent. 1 lit. f) of the General Data Protection Regulation (GDPR).

Personal data voluntarily transmitted to us by the user will be secured by our company in a data processing centre in compliance with current security standards and protected against unauthorised access by third parties; this data will not be passed on by us – subject to a subsequent deviating disclosure regulation – unless we are obliged to do so by legal or official order or the user has given us express consent to do so.

We would then like to explain what data we collect, what we use it for and how we protect it.

Section 1 General information on data protection and purpose of storage

Which data are collected and processed for which purposes?

(1) If the user registers with the customer via COOINX, we collect the data necessary for the execution of the contractual relationship; these are: first and last name, address, date of birth and e-mail address.

We collect this data on the basis of Art. 6 para. 1 lit. b) GDPR on the basis of the contract concluded with the user for the purpose of fulfilling the contract.

(2) If the user executes an order as a customer via COOINX or registers as a sales partner entitled to commission, we collect the data necessary for the execution of the respective contractual relationship; these are: first and last name, address, date of birth, e-mail address, telephone number as well as bank details or credit card data (bank data) depending on the chosen method of payment. Furthermore, we collect the data for the order, i.e. which products the user has ordered as a customer at what price (order data) and for sales partners, to which customers the sales partner has brokered a product and which new sales partner he has recruited for the sale of our goods. We need this data in order to fulfil the contractual relationship. In the case of a customer order, the fulfilment of the contract consists in sending the ordered goods to the customer and in return settling our purchase price claim. When registering as a sales partner, the fulfilment of the contract consists in paying the sales partner the commissions for his intermediary activities and sending him the ordered goods and in return settling our purchase price claim.

We collect this data on the basis of Art. 6 para. 1 lit. b) GDPR on the basis of the contract concluded with the user for the purpose of fulfilling the contract.

(3) In the context of the use of the internet offer of COOINX, the usage data arising in the context of the internet connections, such as static or dynamic IP address, are collected. We use the resulting usage data within the scope of legal requirements only for the prevention of misuse and disturbances as well as for the optimisation of our offer.

We collect this data on the basis of Art. 6 para. 1 lit. f) GDPR to protect our legitimate interests, namely the optimisation of our offer.

Section 2 Data collection and transmission

(1) Personal data are only collected if the user provides them voluntarily during the registration process (or later order process). COOINX uses the transmitted personal data without a separate explicit consent in accordance with the provisions of the applicable data protection law exclusively for the purpose of fulfilling the contract, i.e. for the delivery and payment with customers as well as for the commission payment with sales partners.

This data processing is carried out on the basis of Art. 6 para. 1 lit. b) GDPR on the basis of the contract concluded with the user for the purpose of fulfilling the contract.

(2) We also make use of external service providers (contract processors) for the execution of the contract. Separate order data processing has been concluded with the service providers in order to guarantee the protection of your personal data.

In order to process money transfers and credit card payments in the event that the user places an order with COOINX as a customer or sales partner, your personal data, namely: name, address, e-mail, date of birth, telephone number, bank details or credit card data, must be passed on to BIL (Banque Internationale à Luxembourg) and Micropayment GmbH.

Data are transmitted to the service providers named here in order to execute the contractual relationship with you and to protect our legitimate interests. The legal basis for such data processing is Art. 6 para. 1 sent. 1 lit. b) and lit. f) GDPR.

Section 3 Newsletter and Consent

With his consent, the user can subscribe to our newsletter, with which we inform him about our current interesting offers. The advertised goods and services are named in the declaration of consent.

To subscribe to our newsletter, COOINX uses the so-called double opt-in procedure. This means that we send the user an e-mail after registration to the e-mail address provided, asking him to confirm that he wishes to receive the newsletter; if the user does not confirm his registration within 24 hours, the information is blocked and automatically deleted after one month. In addition, we store the IP addresses used and the times of registration and confirmation of the user. The purpose of the procedure is to be able to verify the registration and to investigate any possible misuse of personal data.

Only the e-mail address of the user is mandatory for sending the newsletter. The indication of further, separately marked data is voluntary and is used in order to be able to address the user personally. After the confirmation we save the e-mail address of the user for the purpose of sending the newsletter.

The user can revoke his consent to the sending of the newsletter at any time and unsubscribe from the newsletter. The revocation can be declared by clicking on the link provided in every newsletter e-mail, via the form on our website, by e-mail to info@cooinx.com or by sending a message to the contact data stated at the beginning of this data protection declaration.

We use external service providers (contract processors) to carry out the sending of the newsletter. Separate order data processing has been concluded with the service provider in order to guarantee the protection of personal data.

Our service provider for sending the newsletter is: Campaign Monitor

(www.campaignmonitor.com)

We would like to point out that when sending the newsletter we evaluate the user behaviour of the user. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent single-pixel image files stored on our website. For the evaluations, we link the data mentioned in paragraph 2 and the web beacons with the user’s e-mail address and an individual ID. The data are collected exclusively pseudonymised, the IDs are therefore not linked with further personal data of the user in order to eliminate direct references to individuals. Users may object to this tracking at any time by clicking on the separate link provided in each e-mail or by informing us via another means of contact. The information is stored for as long as the users have subscribed to the newsletter. After a cancellation we store the data in a purely statistical and anonymous manner.

This data processing is based on the user’s consent, the legal basis being Art. 6 para. 1 sent. 1 lit. a GDPR.

Section 4 Contact form

When an inquiry is made to our contact e-mail address provided on the website or via the contact form provided, only the personal data provided by the user will be collected and processed within the framework of his consent obtained there. The data transmitted by the user within the scope of an inquiry is collected, processed and used exclusively for the processing of his request.

We use external service providers (contract processors) for the implementation of our Internet presence. Separate order data processing has been concluded with the service provider in order to guarantee the protection of your personal data.

The user can revoke his consent to the processing of his personal data within the scope of the contact request at any time with regard to the future. The revocation can be declared by the user by sending an e-mail to info@cooinx.com or by sending a message to the contact data stated at the beginning of this data protection declaration.

This data processing is based on the user’s consent, the legal basis being Art. 6 para. 1 sent. 1 lit. a) GDPR.

Section 5 Information on data security

(1) How secure is data transmission to COOINX?

All data provided by the user to COOINX is encrypted and transmitted using the SSL (Secure Socket Layer) method. SSL is a proven and globally used encryption system that the browser uses to automatically encrypt the data before it is sent to us.

(2) How secure is my data on the COOINX database?

We use high security standards for our database and our internet servers to ensure effective protection against loss, misuse, unauthorized access, disclosure, modification and deletion of user data.

Section 6 Duration of processing

We process the user’s data only for as long as necessary to fulfil our contract or applicable legal provisions. Should the user wish his data to be deleted, we will delete his data without delay, provided that the deletion does not conflict with legal retention obligations. In all other respects, the user’s data will be deleted upon the complete execution of the contract.

Section 7 Cookies and services used

(1) Each time the COOINX website is used, cookies are stored on the user’s computer. COOINX uses cookies to identify requests and requirements of the user. Cookies enable COOINX to measure the frequency of page views and general navigation.

Cookies are small text files that are stored on the hard disk on the browser used by the user and through which certain information flows to the site that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer. They serve to make the internet offer more user-friendly and effective overall.

The COOINX website uses the following types of cookies, the scope and functioning of which are explained below:

  1. Transient cookies are automatically deleted when the user closes the browser. These include in particular session cookies. These store a so-called session ID, with which different browser requests can be assigned to the shared session. This allows the user’s computer to be recognized when returning to the COOINX website. Session cookies are deleted when the user logs out or closes the browser.
  2. Persistent cookies (so-called permanent cookies) are automatically deleted after a specified period, which may differ depending on the cookie. The user can delete the cookies in the security settings of his browser at any time.

The user can configure his browser settings according to his wishes and for example refuse to accept third-party cookies or all cookies.  If he does not wish the Flash cookies to be processed, he must install an appropriate add-on, e.g. “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the “Adobe Flash-Cookie-Killer” for Google Chrome. The user can prevent the use of HTML5 storage objects by using the private mode in his browser. We also recommend to regularly manually delete the cookies and the browser history.

COOINX points out to users that they may not be able to use all functions of this website by deactivating cookies.

The use of cookies is in the legitimate interest of COOINX to optimise our offer. The legal basis is Art. 6 para. 1 sent. 1 lit. f) GDPR.

(2) This website uses Google Analytics, a web analysis service of Google Inc (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by users is generally transferred to a Google server in the USA and stored there.

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports about the activities within this online offer and to provide us with further services associated with the use of this online offer and internet use. Pseudonymous user profiles can be created from the processed data.

We use Google Analytics only with IP anonymization enabled. This means that the IP address of users within member states of the European Union or in other states party to the Agreement on the European Economic Area will be shortened by Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data.

The user can prevent the storage of cookies by setting his browser software accordingly; the user can also prevent Google from collecting the data generated by the cookie and relating to his use of the online offer and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on data use for advertising purposes by Google, possible settings and objections can be found on the Google websites: https://www.google.com/intl/de/policies/privacy/partners/ (“Data use by Google when using our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information that Google uses to show you advertising”) and http://www.google.com/ads/preferences/ (“Determine which advertising Google shows you”).

Alternatively, the user can prevent Google Analytics from collecting data by clicking on the following link: An opt-out cookie is set that prevents future collection of data when visiting this website:

Activate “opt-out cookie” for Google Analytics! Disable Google Analytics

Please note that if the user deletes the cookies in his browser settings, this may result in the opt-out cookie also being deleted and may have to be reactivated by the user.

This data processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR to protect our legitimate interests, namely the optimisation of our offer.

(3) COOINX uses so-called Social Plugins (“Plugins”).

We use the so-called two-click solution. This means that when the user visits our site, no personal data is initially passed on to the providers of the plug-ins. The user can recognize the provider of the plug-in by the marking on the box above his initial letter or the logo. The user is given the opportunity to communicate directly with the provider of the plug-in via the button. Only when the user clicks on the marked field and activates it, the plug-in provider is informed that the user has accessed the corresponding COOINX website. In addition, the data mentioned in this section is transmitted. In the case of Facebook, the IP address is anonymized immediately after collection, according to the respective providers in Germany. By activating the plug-in, the user’s personal data is transferred to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data particularly via cookies, we recommend that the user delete all cookies before clicking on the greyed-out box via the security settings of his browser.

COOINX has no influence on the collected data and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

The plug-in provider stores the data collected about the user as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (also for users not logged in) for the representation of demand-oriented advertisement and in order to inform other users of the social network about the activities of the user on our website. The user has the right to object to the creation of these user profiles and must contact the respective plug-in provider to exercise this right. By using the plug-ins, we offer the user the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user.

The data transfer is independent of whether the user has an account with the plug-in provider and is logged in there. If the user is logged in to the plug-in provider, the data collected by us will be assigned directly to the user’s existing account with the plug-in provider. If he presses the activated button and e.g. links to the page, the plug-in provider will also store this information in the user account and inform the user’s contacts publicly. We recommend that users log out regularly after using a social network, especially before activating the button, since in this way they can avoid being assigned to their profile with the plug-in provider.

We currently use the following social media plug-ins:

  1. Plug-in of the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plug-ins are marked with a Facebook logo or the addition “Facebook Social Plug-in”. You can find an overview of the Facebook plug-ins and their appearance here: https://developers.facebook.com/docs/plugins

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights and setting options for the protection of privacy can be found in the data protection information of Facebook: http://www.facebook.com/policy.php.

An overview of the Facebook plugins can be found at https://developers.facebook.com/docs/plugins/

  1. The COOINX pages include the plug-in of the service Twitter. These features are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transmitted to Twitter. We would like to point out that, as the provider of the pages, we are not aware of the content of the data transmitted or how it is used by Twitter. Further information can be found in Twitter’s privacy policy at http://twitter.com/privacy. Users can change their Twitter privacy settings in their account settings at http://twitter.com/account/settings.

This data processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR to protect our legitimate interests, namely the optimisation of our offer.

(4) YouTube with Enhanced Privacy

Our website uses plugins from the website YouTube. The operator of this website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

We use YouTube in the Privacy-Enhanced Mode. This mode has the effect, according to YouTube, that YouTube does not store any information about the visitors to this website before they see the video. However, the Privacy-Enhanced Mode does not exclude the transfer of data to YouTube partners. In this way, YouTube creates a connection to the Google DoubleClick network, independently of whether you watch the video.

As soon as you start a YouTube video on our website, a connection to the YouTube servers is created. As a result, the YouTube server is informed of which of our pages you have visited.

If you are logged into your YouTube account, you allow YouTube to relate your behaviour while surfing directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after a video starts, YouTube can save different cookies on your terminal. Using these cookies, YouTube can obtain information about visitors to our website.

This information is used to, amongst other things, record video statistics, improve user-friendliness and preclude attempts to defraud. The cookies remain on your terminal until you delete them.

After a YouTube video starts, further data-processing may be triggered which we cannot influence.

YouTube is used in order to achieve an attractive presentation of our online presence.

This is a legitimate interest within the meaning of Art. 6 Para. 1 f GDPR.

Further information on data protection policy at YouTube can be found in their data protection policy at https://policies.google.com/privacy?hl=en.

(5) Using Facebook Remarketing

This website uses the remarketing function “Custom Audiences” from Facebook Inc. (“Facebook”). This function serves to present this website’s visitors adverts (Facebook ads) which are based on their interests when they visit the Facebook social network. To do this, this website implements the remarketing tag from Facebook. Via this tag, a visit to the website creates a direct connection to the Facebook servers. The Facebook server is informed that you have visited this page and Facebook relates this information to your personal Facebook user account. Further information on the collection and use of data by Facebook and on your rights and possibilities in this area for protecting your privacy can be found in the data protection policies of Facebook at https://www.facebook.com/about/privacy/. Alternatively, you can deactivate the remarketing function “Custom Audiences” at https://www.facebook.com/settings/?tab=ads#_=_ To do this you need to be logged on at Facebook.

(6) Google AdWords

We have integrated Google AdWords on this website. Google AdWords is a service for internet advertising, which allows advertisers to advertise not only in Google’s search engine results but also in the Google advertising network. Google AdWords makes it possible for an advertiser to fix key-words in advance, using which an advert is displayed in Google’s search engine results when the user uses the search engine to retrieve search results with relevance to the keywords. In the Google advertising network, the adverts are allotted to websites relevant to the theme using an automatic algorithm and taking into consideration the key-words fixed in advance. The services of Google AdWords are operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The aim of Google AdWords is the promotion of our website via the display of adverts of interest on the websites of third-parties and in the search engine results of the Google search engine, and the display of third-party advertisements on our website. Should a person arrive at our website via a Google advertisement, then what is known as a conversion cookie is stored on the IT system of that person.  We explained what cookies are above. A conversion cookie loses its validity after thirty days and no longer serves to identify the person concerned. In so far as the cookie has not expired, it can be used to check whether particular subpages, for example the shopping cart of an online shopping system has been called up. By using the conversion cookie, both we and Google can trace whether a person concerned has arrived at our website via an AdWords advert, has generated turnover, has completed a purchase or cancelled it.

The data and information collected by the use of the conversion cookie is used by Google to create visitor statistics for our website. These visitor statistics are used by us to determine the total number of visitors, which were procured via AdWords adverts, and so determine the success or failure of our current AdWords adverts and optimise our AdWords adverts in the future. Neither our company nor other advertising customers of Google AdWords receive information from Google with which the persons concerned can be identified.

By means of conversion cookies, personal information, for example the websites visited by the person concerned, is saved. Accordingly, with every visit to our website, personal data including the IP address of internet connection of the person concerned is conveyed to Google in the United States of America. This personal data is saved by Google in the United States of America. Google may transmit the personal data collected in this technical process to third parties.

The persons concerned can prevent the setting of cookies via our website as described above at any time by using the relevant setting on their internet browser used, and in this way object to the setting of cookies permanently. Making such a setting on the internet browser used also prevents Google from saving a conversion cookie on the IT system of the person concerned. In addition, a cookie set by Google AdWords can be deleted at any time via the internet browser or other software.

The person concerned also has the option to refuse advertising based on their interests via Google itself. To do this, the person concerned must go to https://www.google.de/settings/ads in each internet browser that they use and make the settings they wish there.

Further information and data protection rules in force at Google can be found at https://www.google.de/intl/de/policies/privacy/.

Section 8 Rights of the user as data subject

(1) The user may at any time

  • receive information about the data stored or processed by him at COOINX;
  • request correction or deletion of his data;
  • request limitation of the processing of his data;
  • object to the processing of his data;
  • demand the transferability of his data.

For this purpose, support is available at the e-mail address

or the postal address indicated at the beginning of this document.

(2) The user may also lodge a complaint with the data protection supervisory authority. The competent supervisory authority is the one at the user’s place of residence. A list of supervisory authorities can be found here:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/addresses_links-node.html

(3) This data protection policy is available on the internet at any time at:

https://cooinx.com

Twitter Facebook