Quotely follows a standard procedure of using log files. These files log visitors when they use the App. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any personally identifiable information. The purpose of the information is to analyze trends, administer the App, track users’ movement on the App, and gather demographic information.
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Quotely does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think your child provided this kind of information on our App, we strongly encourage you to contact us immediately, and we will do our best to remove such information from our records promptly.
1. Right to information
You want to know what date we have saved about you? You want to edit or delete your data? Please reach out to our data protection officer Volker Hütter (firstname.lastname@example.org or +4917685460054), who will help you.
You have the right to request information about whether we are processing your personal data. If your data is processed by us, you have the right to information as to which data is specifically involved and for what purpose and for how long the data is being processed.
In addition, we need to inform you where the data came from (if this information is available) and to whom we have disclosed or will disclose this data. You must also be informed about your right to lodge a complaint with the supervisory authorities.
To protect your date, we will only hand out your data if we believe it is you requesting it. In some cases this could mean that you need to verify your identity through legal documents and/or a written request.
How must we provide you with information?
The information can be given in writing, electronically or orally. As a rule, we will comment electronically.
The General Data Protection Regulation itself already formulates exceptions to the principle of data requests: For example, if you already have all the information, you no longer have to be informed of it separately.
If personal data is collected from you, we must always provide you with contact details, if necessary also those of our official data protection officer, as well as the purpose and legal basis for the data processing. In addition, we must provide information on the duration of the processing, on your rights outlined here under the General Data Protection Regulation and the right to lodge a complaint with the supervisory authority, as well as on your right to revoke your consent.
Even if we intend to use the collected data for a different purpose, we must provide you with information about the new purpose and all other relevant information in accordance with Art. 14 (2) GDPR.
The right to rectification only applies to inaccurate personal data concerning you. Other file content, such as expert opinions, the correctness of which is disputed cannot be removed from the file on the basis of this provision.
3. Right to erasure
Can you request the deletion of your data?
Under certain conditions you have the right to have your data deleted, the so-called “right to be forgotten”.
When is your data to be deleted?
On the one hand, your data must be deleted if they were processed unlawfully from the start.
However, an obligation to delete can also be considered, for example, if the data is no longer necessary for the purposes mentioned or you have revoked your consent or objected to the processing.
What is delete?
Deleting means that your data is “made unrecognizable”. Your data must therefore be unreadable after deletion. They are then simply no longer tangible.
Example: If your data in a file is crossed out with a pen, it is not a question of deletion (because the information can still be noted).
they are also obliged to inform the other data processors that all links to this data or copies of the data are to be deleted (cf. Art. 17 (2) GDPR).
4. Right to restriction of processing
Is there a way to lock the data first?
Under the conditions set out in Art. 18 GDPR, you have the right to demand that we restrict the processing. In this case, your data may only be processed further with your consent.
Restriction of processing means that data is marked with the aim of restricting its future processing. It can consist, among other things, in the fact that selected data is temporarily transferred to another system, that the data is blocked for users or that published data is temporarily removed from a website.
When can you request the restriction of processing?
Processing can be restricted if one of the following reasons applies: you have disputed the accuracy of the data or lodged an objection to the processing or the data has been processed unlawfully, but you wish the processing to be restricted instead of deletion. You can also request the restriction of processing if we no longer needs the data but you need it to assert legal claims.
Further processing can then only take place with your consent or for the reasons stated in Art. 18 Para. 2 DSGVO, for example because the processing is necessary to assert legal claims, to protect the rights of other persons or for reasons of important public interest.
5. Right to data portability
What is data portability for?
In order to have better control over your data, you can “take” your data to another controller.
What data can you transfer?
All personal data relating to you that you have provided to the responsible body and that is processed in an automated process can be transferred.
How is the data transferred?
You have two options: either you request that the data be made available to you in a machine-readable format and then transfer it yourself to the new person responsible, or you request the direct transfer of the data to a new person responsible, insofar as this is technically feasible.
6. Right to object
Can you object to the processing of your data?
Even if the processing of your data is correct and permissible, you can object to processing under certain conditions. This applies in particular if the processing of your data is in the public interest. However, the processor may continue to process the data if he can demonstrate compelling legitimate grounds that outweigh your interests, rights and freedoms.
7. Right to compensation
When can you claim damages for a data breach?
Any person who suffers damage due to a breach of the General Data Protection Regulation has a right to compensation from the person responsible for data processing.
The General Data Protection Regulation provides for damages not only for material damage, but also for immaterial damage.
How do you proceed if you want to assert a claim for damages?
Please reach out to us. If compensation is denied, you must sue for compensation in a court of law (civil court). It is strongly recommended to have the legal situation checked by a lawyer beforehand.