Privacy Policy

General

  1. Your personal data is processed within the meaning of Art. 4 no. 1 GDPR (eg ip address, username, email address, payment information) only in accordance with the provisions of the German data protection law and taking into account the European Data Protection Regulation (GDPR). The following regulations inform you about the nature, scope and purpose of the collection, processing and use of personal data.
  2. The processing within the meaning of Art. 4 No. 2 GDPR of personal data is legal according to Art. 6 GDPR, if one of the following conditions exists:
    (a) the data subject has given his consent to the processing of personal data concerning him for one or more specific purposes;
    (b) the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of any pre-contractual action taken at the request of the data subject;
    (c) the processing is necessary to fulfill a legal obligation to which the controller is subject;
    (d) the processing is necessary to protect the vital interests of the data subject or any other natural person;
    (e) the processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority delegated to the controller;
    (f) the processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data prevail, in particular where the person concerned is a child is acting.
  3. The processing of special personal data (eg health data) within the meaning of Article 9 (1) of the GDPR is, in particular, lawful under Article 9 (2) of the GDPR if one of the following conditions applies :
  • there is an express consent of the person;
  • the processing is necessary for the assertion, exercise or defense of legal claims or for acts of the courts in the context of their judicial activity.
  1. An automatic decision-making or profiling of personal data in the sense of Ar t. 22 GDPR does not take place.
  2. The operator ensures the security of the data in accordance with Art. 32 GDPR by taking appropriate technical measures, taking into account the proportionality principle.
  3. In the unlikely event that data protection is breached, the competent supervisory authority will be notified in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR.

Scope

This Privacy Policy applies only to our websites. If you are forwarded to other pages via links on our pages, please inform yourself about the respective handling of your data.

Duration of data storage

The duration of the retention of the data transferred by you is based on the statutory retention requirements. Registration data is stored by us for the duration of the membership.

Transfer of data to third parties

A passing on information provided within the framework of the contract data to third parties (Art. 4 no. 10 GDPR), takes place only if you expressly (Art. 4 no. 11 GDPR) have declared your consent or transfer to fulfill the contract is required. The consent can be withdrawn informally at any time. Data collected by visiting the website are only collected by third parties, which are expressly mentioned below.

Responsible according to the GDPR

The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws in the European Union and other provisions of a data protection nature is:
Loci ML GmbH
Julius-Hatry-Straße 1
68163 Mannheim

E-Mail: contact@loci.ml

Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (PC, laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.
The use of cookies serves on the one hand to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it will automatically recognize that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
These cookies enable us to automatically recognize when you visit our site again that you have already visited us. These cookies are automatically deleted after a defined period of time. The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR required. Most browsers accept cookies automatically. However, you can configure your browser so that none
Cookies are stored on your computer or a message always appears before a new cookie is created. However, if you completely deactivate cookies, you may not be able to use all the functions of our website.

Storage of access data in log files

You can visit our website without giving any personal information.
The website provider automatically collects and saves information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type / browser version
• operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.
The purpose of the processing results from our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR.
A contract for order processing has been concluded with our hoster.

Registration / login

Registration is not required to use our services, but the range of functions may be limited. The data you enter in the input mask will be collected and saved. You can change or delete the data at any time. Once the data has been deleted, the service can no longer be offered to you unless you register again.
In addition to the data you have entered, the IP address and the date and time of registration are also saved. The storage of IP data serves to prevent misuse and to investigate criminal offenses. Depending on the method chosen for registration or login, the following additional provisions apply:

Registration / login with Google Sign In

Instead of registering directly on our website, you can register with Google Sign In. The provider of this service is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you decide to register with Google Sign In and click on the “Login with Google” / “Connect with Google” button, you will be automatically redirected to the Google platform. There you can log in with your usage data. This will link your Google profile with our website or our services. This link gives us access to your data stored with Google. These are mainly:
• Google name
• Google profile picture
• Email address stored with Google
This data is used to set up, provide and personalize your account. More information can be found here:
https://policies.google.com/terms?hl=de
https://policies.google.com/privacy?hl=de

Firebase Authentication

Firebase Authentication is a login and authentication service provided by Google Inc. In order to simplify the login and authentication process, Firebase Authentication can use identity services from third parties and store the information on their platform.
Personal data collected: email, username, password
If possible, we use servers located within the EU. However, it cannot be ruled out that data will also be transferred to the USA. Google has established standard data protection clauses for the personal data that is transferred to the USA.
The use is based on our legitimate interest according to Art. 6 Para. 1 Clause 1 lit. f) GDPR.
You can find more information about Google Firebase and data protection at https://policies.google.com/privacy and at https://firebase.google.com

Firebase Firestore

Firebase Firestore is a service provided by Google Inc. that we use to decrypt and encrypt data.
If possible, we use servers located within the EU. However, it cannot be ruled out that data will also be transferred to the USA. Google has established standard data protection clauses for the personal data that is transferred to the USA.
The use is based on our legitimate interest according to Art. 6 Para. 1 Clause 1 lit. f) GDPR.
You can find more information about Google Firebase and data protection at https://policies.google.com/privacy and at https://firebase.google.com

HiDrive

We will use the HiDrive cloud storage from the provider Strato AG, Pascalstrasse 10, 10587 Berlin . We use HiDrive to store customer data. The data is only saved on German servers.
Use is based on our legitimate interest under Art. 6 para. 1 sentence 1 lit . f) GDPR.
You can find more information on the data protection provisions of HiDrive here:
https://www.strato.de/datenschutz/

Google web fonts

External fonts, Google Fonts, are used on this website. Google Fonts is a service provided by Google Inc. (“Google”). These web fonts are integrated through a server call, usually a Google server in the USA. This will tell the server which of our websites you have visited. The IP address of the browser of the end device of the visitor to this website is also saved by Google.
The legitimacy arises from Art. 6 para. 1 sentence 1 lit. f) GDPR
You can find more information in Google's data protection information, which you can access here:
https://www.google.com/fonts#AboutPlace:about
https://www.google.com/policies/privacy/

Stripe

If you choose a payment method from the payment service provider Stripe, the payment will be processed by the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will provide the information and information you provided during the ordering process about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will only be passed on for the purpose of processing payments with the payment service provider Stripe Payments Europe Ltd. and only insofar as it is necessary for this.
You can find more information about Stripe's data protection at the URL https://stripe.com/de/privacy#translation

Request by email, phone

If you contact us by e-mail or telephone, your request, including all the resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, if your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 Para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 Para. 1 lit.f GDPR), as we have a legitimate interest in the effective Processing the inquiries sent to us.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Security of your data / SSL encryption

In accordance with the legal regulation according to § 13 Abs. 7 TMG, this site uses SSL encryption, recognizable by a lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties with activated SSL encryption .
As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form from the closed display of the key or lock symbol in the status bar of your browser.
We also use suitable technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

User rights

You can request information about the personal data stored about you at any time and free of charge. Your rights also include a confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data in a form suitable for transmission, as well as the revocation of a given consent and the objection. Statutory retention obligations remain unaffected .
Your rights result in particular from the following standards of the GDPR:
• Article 7 Paragraph 3 - Right to withdraw consent under data protection law
• Article 12 - Transparent information, communication and modalities for the exercise of the rights of the data subject
• Article 13 - Duty to provide information when collecting personal data from the data subject
• Article 14 - Duty to inform if the personal data have not been collected from the data subject
• Article 15 - Right of access of the data subject, right to confirmation and provision of a copy of personal data
• Article 16 - Right to rectification
• Article 17 - Right to cancellation ("Right to be forgotten")
• Article 18 - Right to restriction of processing
• Article 19 - Obligation to notify in connection with the correction or deletion of personal data or the limitation of processing
• Article 20 - Right to data portability
• Article 21 - Right to object
• Article 22 - Right not to be subject to a decision based solely on automated processing, including profiling
• Article 77 - Right to lodge a complaint with a supervisory authority
To exercise your rights (with the exception of Art. 77 GDPR), please contact the office named under the point "Responsible according to the GDPR" (e.g. by email).

Supervisory authority:

The responsible supervisory authority can be found here:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

We use cookies to create usage statistics and to constantly improve our offer. You can find more information about this in our privacy policy.
Please confirm whether you agree with the use of cookies.

No, thanks Accept Save settings