Privacy policy

With this privacy policy we would like to inform you about how we process personal data and explain your rights. We are aware of the importance of processing personal data regarding you as a data subject and apply with all relevant legal requirements accordingly. In doing so, the protection of your privacy is of utmost importance to us. The processing of your personal data by us is carried out in compliance with the GDPR, as well as national data protection regulations.

1.      Name and contact details of the person responsible and their representative

Cosmonauts & Kings GmbH

Alt-Moabit 103

D-10559 Berlin

Telefon: (+49) 030 420 997 14

E-Mail: houston@cosmonautsandkings.com

Contact details of the data protection officer: datenschutz@cosmonautsandkings.com

Pridatect S.L.

C/ del Marqués de Campo, nº 13, 46007 Valencia, Spanien

E-Mail: legal@pridatect.com

Tel: +49 (0) 30 31199231

2.     Definitions

This privacy policy uses the terms of the General Data Protection Regulation (GDPR).

3.     Processing operations// categories of personal data

We collect and process the following personal data about you: Contact and address information, if you provide us with your contact information, online identifiers (e.g. your IP address, browser type and version, the operating system used, the referrer URL, the file name, the access status, the amount of data transferred, the date and time of the server request), payment information, image and video material if you have provided us with the same.

We may publish personal data on social networks in order to fulfil our contractual obligations with you.

4.     Processing purposes

We process your data for one or more of the following purposes:

●  for the contact you have requested,

●  for the application to advertised positions

●  to process or initiate contracts with you,

●  for advertising purposes,

●  for statistical evaluations and analysis, and/or

●  for the security of our website (log files);

5.     Legal basis of the data processing

Your data is processed based on the following legal basis:

○  Your consent according to Art. 6 para. 1 lit. a) GDPR,

○  for the performance of a contract with you under Art. 6 para. 1 lit. b) GDPR,

○  to fulfil legal obligations according to Art. 6 para. 1 lit. c) GDPR or

○  from a legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.

The legal basis for processing your data in accordance with the stated processing purposes is:

●  Contact: If you wish to contact us, for example because you send us an e-mail message or write to us via a contact form, we assume that there are no interests on your part that conflict with our processing of your request. If the contact is aimed at the conclusion of a contract or the fulfilment of a contract, the legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

●  Contracts: The legal basis for the processing of your personal data for the execution or initiation of contracts is Art. 6 para. 1 lit. b) GDPR. In addition, we also process your data in accordance with the statutory regulations resulting from tax law, for example. These types of processing operations are subject to Art. 6 para. 1 lit. c) GDPR lawful.

●  Advertising purposes: We process your personal data for advertising purposes if we have received consent in accordance with Art. 6 para. 1 lit. a) GDPR applies. In a few cases, the processing of your personal data may be justified by our legitimate interest (Art. 6 (1) lit. f) GDPR) in the advertising of our products, for example if you are an existing customer of our company (see also recital 47 GDPR and Section 7 UWG).

●  Statistical evaluations and analysis: We process your personal data for the statistical evaluation and analysis of our website (for example, via cookies and other technologies) as well as our services if we have received consent in accordance with Art. 6 para. 1 lit. a) GDPR applies.

●  Security of our website: Every time you access our website, usage data is transmitted by the respective internet browser and stored in log files, the so-called server log files. The data records stored via the process contain the following data: Domain from which the user accesses the website, date and time of access IP address of the accessing computer website(s) visited by the user within the context of the service, amount of data transferred, browser type and version, operating system used, name of the internet service provider, message as to whether the request was successful. These log file records are analysed to find and correct errors and to manage server capacity. This is also in our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR.

●  Legitimate interests: Unless otherwise stated in this privacy policy and where we base the processing of your personal data on legitimate interests as defined in Art. 6 (1) (f) GDPR are the protection against misuse, the enforcement of our legal claims, the adaptation of our offer and the processing of enquiries.

6.     Data sources

We receive the data from you (including about the devices you use). If we do not collect the personal data directly from you, we will also tell you the source of the personal data and, if applicable, whether it comes from publicly available sources.

7.     Recipients or categories of recipients of the personal data

When processing your data, we work together with service providers who have access to your data. Possible recipients of your personal data are: (i) software companies that enable us to provide our services, help us to improve them and/or serve us for marketing purposes (for example, to send newsletters, emails, manage customer contacts or applications); (ii) public bodies and administrations, insofar as we are legally obliged to do so; (iii) payment service providers; (iv) hosting providers; (v) social media platforms; (vi) service companies, such as tax advisors or lawyers.

For the purpose of fulfilling the contract, we may also transfer your personal data to anyone to whom we assign rights arising from the contractual relationship with you.

Some of the recipients of your personal data are:

●  ALL-INKL.COM - New Media Münnich

We use ALL-INKL.COM - Neue Medien Münnich to host our website. Personal data may be disclosed in the process. We use the above services to provide a website.

https://all-inkl.com/datenschutzinformationen/

●  Google Ireland Limited

We integrate Google services on our website in order to (i) embed fonts (Google Fonts). Personal data may be passed on to Google in the process. We use the aforementioned services for a full and responsive presentation of our website (Google Fonts).

https://policies.google.com/privacy?hl=de

●  MailChimp

We use MailChimp to create and send the newsletter. When you become a subscriber to our newsletter via our website, you confirm by email that you are a member of a MailChimp email list. Personal data is passed on to MailChimp in the process. We use the services mentioned to advertise our company and to obtain key figures about the success of this advertising.

https://mailchimp.com/legal/privacy/

●  Borlabs

We include services from Borlabs on our website to display a cookie banner and store your preferences regarding cookie use. Personal data that you enter while using our website may be passed on to Borlabs. We use the above services to comply with our legal obligations.

●  Personio

We use Personio to advertise vacancies and to contact potential new employees. Should they apply or contact us as part of an application, their data may be passed on to Personio.

https://www.personio.de/datenschutzerklaerung/

●  etracker

We use the German service provider etracker (etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany) for the analytical measurement of website usage. Here, internet protocol addresses, which are anonymised as soon as possible by default, and user identifiers from randomly generated values (example: 108bf9a85547edb1108bf9a85547edb1), which may be stored in cookies after the user's consent.

https://www.etracker.com/datenschutzerklaerung/

8.     International data transfers

  Data is transferred to third-party countries outside the European Union. Information we collect from you could be processed in the United States or other non-EU countries. Some third-party countries, for example the United States, have not currently received an adequacy decision from the European Union under Article 45 of the GDPR, which means that your data may not receive the same level of protection there as under the GDPR.

International data transfers are made on the basis of contractual and other regulations provided for by law, which are intended to ensure adequate protection of your data and which you can view on request. In doing so, we rely on the rules laid down in Article 49 of the GDPR or, where applicable, on guarantees pursuant to Article 46 of the GDPR. We and our contractors are committed to applying appropriate safeguards to protect the privacy and security of your personal data. Therefore, we will only process your personal data in accordance with the practices described in our Privacy Policy.

9.     Duration of storage

We only store your personal data for as long as it is necessary to fulfil the purpose of the processing. We store your data if you have consented to the processing at most until you revoke your consent, if we need the data to perform a contract at most for as long as the contractual relationship with you exists, if we use the data on the basis of a legitimate interest until you request deletion or anonymisation.

In addition, storage may take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. In these cases, the data is deleted when a storage or retention period prescribed by the aforementioned standards expires.

10.     Your rights

As a data subject, you may have the right under applicable data protection law to:

○  Information, pursuant to Art. 15 GDPR,

○  Correction, pursuant to Art. 16 GDPR,

○  Data erasure ("right to be forgotten"), pursuant to Art. 17 GDPR,

○  Restriction of processing, pursuant to Art. 18 GDPR,

○  Data portability, pursuant to Art. 20 GDPR and/or

○  Objection to processing, pursuant to Art. 21 GDPR.

 10.1.   Information on the right to object pursuant to Art. 21 Para. 4 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. We no longer process personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your data for such marketing; this also applies to profiling insofar as it is related to direct marketing.

 10.2.   Revocation of consent

You also have the right to withdraw consent to the processing of personal data at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

 10.3.   Right of appeal to a supervisory authority

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR or other data protection provisions.

11.     Requirement or obligation to provide data

Unless expressly stated at the time of collection, the provision of data is not required or mandatory. Such an obligation may result from legal requirements or contractual regulations. Failure to provide required personal data will generally result in a contract not being able to be concluded and/or us not being able to provide a requested service. Our employees will explain on a case-by-case basis whether the provision of personal data is required by law or contract, or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.

12.     Automated decisions

We do not use automated decision-making mechanisms, including profiling, that have legal effect on the data subject or similarly significantly affect the data subject.

13.     Data backup

We have taken extensive technical and organisational measures to protect your data against possible threats, such as unauthorised access, unauthorised disclosure, modification or dissemination, as well as against loss, destruction or misuse. To protect your personal data from unauthorised access by third parties during transmission, we secure data transmissions using SSL encryption where necessary. This is a standardised encryption procedure for online services, especially for the web. Emails are sent unencrypted.

14.       Cookies

Our website uses cookies and similar technologies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. Cookies contain a characteristic string of characters that can uniquely identify the browser when the website is accessed again. Similar technologies are used to refer to other technical tools that enable the identification of website visitors, such as tracking pixels.

Technically necessary cookies and technologies are those without which our website is not functional and usable. This category only contains cookies and technologies that ensure basic functions and security features of the website. Technically necessary cookies and technologies can be set without the user's consent.

Non-essential cookies are all cookies and technologies that are not particularly necessary for the functioning of the website and are used specifically to collect personal data from the user via analytics, ads and other embedded content. Non-essential cookies and technologies (for example, cookies for marketing, advertising or customer analysis purposes) require the consent of the website user.

Please refer to our cookie banner to see which cookies and technologies we use and for what purpose. You can check and/or revoke your existing consents at any time using the link below: [link]

You can also deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for the website, it may no longer be possible to use all the functions of the website to their full extent.

15.        Status of this privacy policy & changes

We reserve the right to change this privacy policy at any time with effect for the future.

Status: June 2022

Lust auf ein gemeinsames Projekt?