Privacy Policy - Information according to Art. 13 and 14 GDPR on the processing of personal data

Carried GmbH hereby informs you about the processing of your personal data and the rights to which you are entitled under data protection law.

We reserve the right to adjust this privacy policy at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the application process or other processes.

General information

“Personal data” are any information relating to an identified or identifiable individual person, such as a person’s name or also their hobbies.

“Processing” of data means any operation or set of operations carried out with or without the aid of automated processes relating to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or integration, limitation, erasure or destruction.

The legal basis for data protection can be found in particular in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (“General Data Protection Regulation”, GDPR), as well as in the Federal Data Protection Act (BDSG) and Telemedia Act (TMG).

We process personal data only to the extent necessary and for the purpose of providing a functional and user-friendly internet presence, including its contents and the services offered there.

Contact Information

CarriedAI GmbH

CarriedAI GmbH, Goethestr. 5, 10623 Berlin

Represented by Managing Director: Guillem Sagué

Registered with the local court of Amtsgericht Berlin (Charlottenburg) under HRB 257189 B

Scope and location of data processing

We as well as our external service partners process your data for the purpose of providing the website and our services, including providing hard- and software through such external service partners. The data categories affected are contact information, user behavior or other information that constitutes personal data provided to us. We process your personal data in the EU/EEA. If we process personal data outside the EU/EEA, data protection standards applicable in the EU are ensured and we will inform you accordingly. For details on other controllers or processors processing your data for the purposes mentioned in this privacy policy please refer to the table below.

We process your personal data as follows (or as otherwise described in this privacy policy or information provided to you):

  1. Data: Contact data, contract data, usage data, other data provided. Purpose: Communication in order to establish, implement and/or process a contractual relationship (also orally) with you. Legal basis: Art. 6 para. 1 s.1 lit. b. GDPR
  2. Data: Contact data, contract data, other data provided. Purpose: Compliance with legal obligations, e.g. commercial, tax and social security detention obligations. Legal basis: Art. 6 para. 1 s.1 lit. b. GDPR
  3. Data: Contact data, contract data, other data provided. Purpose: Enforcement, exercise and defense of legal claims with our legitimate interest that may be, for example, in the assertion of legal claims and defense in legal disputes. Legal basis: Art. 6 para. 1 s.1 lit. b. GDPR
  4. Data: Contact data, contract data, other data provided. Purpose: Analysis of data with our legitimate interest of, for example, quality assurance or marketing. Legal basis: Art. 6 para. 1 s.1 lit. b. GDPR
  5. Data: Contact data, contract data, other data provided. Purpose: Consent to data processing for the purpose named in this privacy policy or information provided to you. Legal basis: Art. 6 para. 1 s.1 lit. b. GDPR

In the event you refrain from providing such data you may face legal disadvantages, for example, no answer to your email send to us.

Furthermore, we have implemented technical and organizational measures to ensure that the data protection regulations are observed both by us and by external service providers. The website is operated through a safe SSL-connection. If an SSL-connection is activated third parties are prevented from reading any data that are transferred by you to us.

You have the following rights:

You further have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on point e or f of Art. 6 para. 1 s.1 GDPR, including profiling based on those provisions.

To act according to your rights set forth above you may contact us via email to privacy@carriedai.com.

You have the right to lodge a complaint with the data protection authority of your choice.

Storing and deleting data

The data are deleted if you withdraw your consent and/or such data are no longer necessary for the purpose of processing. We or the engaged third party services delete your data according to the following criteria: Time and completion of requests, lapse of legal retention periods, settings provided by third party providers etc. Furthermore, we store your data if we are obliged to do so in accordance with legal retention periods (e.g. German Commercial Code (HGB) or German Fiscal Code (AO)).

Data processing on the website

We (or the web space provider) collect data on each visit to our website (so-called server log files) for statistical evaluations for the purpose of optimizing our services and in order to guarantee the stability and operational security of the website.

  1. Data: Name of the website visited, file, date and time of the visit, data amount transferred, information on a successful call, browser type as well as version, operating system of the user, referrer URL (the page visited before), IP address and the requesting provider as well as the following, if a mobile end device is being used: country code, language, name of device, name of operating system and version. Purpose: optimizing our services and in order to guarantee the stability and operational security of the website. Legal basis: Art. 6 para. 1 s.1 lit. f. GDPR based on our legitimate interest of quality assurance

Our website partly uses so-called technical cookies for a user friendly and technical adequate presentation of the website. Cookies are small text files which are stored on your device and in your browser.

We use so-called session cookies. After the end of the session these cookies will be deleted automatically. The session cookies are used in order to associate successive page requests with the individual users, who at the same time access our website. Other cookies will be stored on your device until you delete them. These cookies enable us to recognize your browser during your next visit. We also use third party cookies for different purposes, including marketing. For details please refer to the following section and the list of third party cookies and providers used by us (see table below):

OPT-OUT: You can adjust your browser to notify you, before you receive a cookie or to decide to accept cookies on a case-by-case basis, to completely or partly exclude all incoming cookies and to activate the deletion of cookies automatically when the browser is closed. You may manage many online advertisement cookies provided by companies via the American web page http://www.aboutads.info/choices/ or the web page of the European Union http://www.youronlinechoices.com/uk/your-ad-choices/. We would like to inform you that the usage and especially the convenience of usage without using any cookies may be limited.

In the event personal data are processed such processing is based on Art. 6 para. 1 s.1 lit. f. GDPR with our legitimate interest of the presentation of a user friendly and technical correct website, or, where required, your consent (legal basis Art. 6 para. 1 s.1 lit. a. GDPR).

Third party cookies, similar technologies and other third party services on the website

This website uses third party cookies and similar technologies. Some of these third party cookies and similar technologies are necessary for our online service (category “necessary”), some are needed for improving the functionality of our online services (category: “functional”) and some are used by us for marketing purposes (category “marketing”). Through our cookie banner you may manage, which of these third party cookies and similar technologies are active or not. Details about the third party cookies, similar technologies as well as other third party services used on our website are set out in the table below.

Contacting us via email

If you send us any requests via email or otherwise contact us your details in this request are processed by us as follows:

  1. Data: Contact data, name, email address and other data provided. Purpose: Deal with your inquiry or to be able to contact you at a later time for follow up questions. Legal basis: Art. 6 para. 1 s.1 lit. a GDPR

Newsletter

With the email newsletter we inform you about our products and services. For the registration to the newsletter only the email address is needed. If you register for the newsletter, your email address will be transmitted to us (or to the engaged third party provider) and stored there. After registration, you receive an email to confirm the registration (“double opt-in”).

  1. Data: Email address, IP address, the device name, the mail provider as well as (optional) the first and last name and the date of the registration. Purpose: Registration of the newsletter; this storage serves solely as proof in the event that a third party misuses an email address and registers for receiving the newsletter without the knowledge of the authorized party. Legal basis: Art. 6 para. 1 s.1 lit. a GDPR
  2. Data: Email address, IP address, the device name, the mail provider as well as (optional) the first and last name and the date of the registration. Purpose: Sending newsletters based on your consent. Legal basis: Art. 6 para. 1 s.1 lit. a GDPR
  3. Data: Email address, IP address, the device name, the mail provider as well as (optional) the first and last name and the date of the registration. Purpose: Sending newsletters based on an existing relationship with you. Legal basis: Art. 6 para. 1 s.1 lit. b GDPR, Section 7 para. 3 German Unfair Competition Act (UWG)
  4. Data: IP address, browser type and operating system. Purpose: analyze the behavior, such as whether users open the email sent or click certain links in emails (when the newsletter is opened, the contained information (so-called web-beacon) connects to the servers of Segment in order to analyze the behavior)for such data processing our legitimate interests (or the legitimate interests of third parties) in quality assurance or marketing apply. Legal basis: Art. 6 para. 1 s.1 lit. a GDPR

We use third party providers for the purpose of sending newsletters. For this purpose, the service processes the IP address, device name, mail provider, first and last name and date on servers in the USA. For more information please also refer to the list of third party providers set out here (see table below):

Withdrawal of consent / OPT-OUT: You can withdraw their consent to the processing of Data for the purpose of sending the newsletter or evaluation of related data at any time. The withdrawal can take place over a link, which is contained in each newsletter, or by separate message to us. You will not incur any costs other than the transmission costs according to the basic tariffs.

Data processing when using CarriedAI software

When signing up for our software service or entering into an agreement with us, we will process your data on the basis of initiating a business relationship or continuing an existing business relationship (legal basis Art. 6 para. 1 s.1 lit. b GDPR).

We act as data processor for our (business) customers.. For more details on the use of your data for our software service please also refer to our terms of service.