Privacy Policy

Preamble

The protection of the personal data provided by the customer is very important for payever GmbH, Rödingsmarkt 20, 20459 Hamburg (“payever“, “we” or “us“). payever provides to its commercial and private customers (the “Users“) a web-based solution with which various services (the (“payever-Services”) can be used on the “payever-Platform”. To the extent services of third parties can be ordered through the payever-Platform, the data protection policy of the respective third party applies for those services.

Scope / personal data

These provisions on data protection apply for the use of the payever-Platform both through the website as well as by the app and for other services.


You can use the payever-Platform through our websites or apps. payever offers commercial customers the possibility to offer their own products and services through the payever-Platform and enables all Users to use further services and solutions of payever or other external service providers.


These provisions on data protection apply for the processing of personal data. Personal data constitute, pursuant to Art. 4 no. 1 GDPR, all information relating to an identified or identifiable natural person; this includes, for example, names or also identification numbers.

1

Data controller / contact

The data controller for the data processing through the websites, apps and other offerings of payever is:


payever GmbH

Rödingsmarkt 20

20459 Hamburg


Appointed as Data Protection Officer: Alexander Politz (Braun & Paul IT GmbH, Marienbergstraße 84, 90411 Nürnberg). If you have questions or suggestions, please feel free to also contact us by email at [privacy@getpayever.com].


If payever acts only as an intermediary for the services of a third party, for example, payment processing, the respective third party is the controller for the data processing.

2

Collection and use of your data

2.1

Access to the payever-PlatformUpon accessing the payever-Platform, usage data is collected and used to the extent necessary. We store the following data in this situation:

date and time of access

browser type / version

used operating system

URL of the previously visited page

the previously opened app or website (if you were linked from the other offering to us)

volume of transmitted data

the IP address assigned to the end-device

We process these data for technical reasons, in order to be able to provide our services. We also process these data for the purpose of recognizing and following up on misuse. We process these data in accordance with Art. 6 para. 1 sentence 1 b) (General Data Protection Regulation, “GDPR”), in order to perform a contract as well as in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in order to preserve our justified interests and secure the proper operation and availability of the payer-Services as well as the transactions processed through those services.


We processed the used browser type, date and time of use as well as the IP address for the purpose of analyzing statistics with regard to the payever-Services. We optimize the payever-Services on the basis of this analysis. This is based on the fact of our justified interest in providing services adapted and optimized for you and the used end-devices and needs of the customers and the fact that your interests and rights or freedoms do not have greater weight, Art. 6 para. 1 lit. f GDPR.


The use data are not combined with other data.

2.2

Registration

2.2.1

Registration with a payever customer accountWe process your following data for the registration of the payever-Services:

name

email address

company name, if applicable

business address, if applicable

telephone number, if applicable

information about the relevant online shop, if applicable

password

The data are processed in the course of registration so that we can provide the payever-Services to you. The processing of the data, therefore, is necessary to fulfill a contract, Art. 6 para. 1 lit. b GDPR.


After registration through the website, one of the payever apps or some other manner, the User receives a confirming email together with an activation link to complete the creation of the User’s customer account. If the User establishes a customer account when making a payment in a webshop, we send the access data to the entered email address and set up the customer account in parallel.

2.2.2

Registration with the user account of a third party providerThe User also has the possibility of registering with payever using an existing user account at third party providers, especially in a social media platform. Upon confirming the registration button at the requested service, the data are forwarded to the respective service provider. The provisions on data protection and terms and conditions of use of the respective third party provider, which is also the controller within the meaning of Art. 4 no. 7 GDPR, apply for using the third party services. payever receives, in this event and depending on the terms and conditions of use of the third party provider, the information designated as public in the respective account as well as possibly additional information, such as the email address and the date of birth of the User.Registration at payever is currently possible especially through the following third party providers in the course of the respectively linked data protection policies:

Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA;

http://www.facebook.com/policy.php;

Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043,

https://www.google.com/intl/de/policies/privacy/;

Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA;

https://twitter.com/privacy;

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA;

http://www.linkedin.com/legal/privacy-policy.

2.3

Performance of the payever-ServicesIn the course of rendering performance, payever processes the following data:

complete name

billing and delivery address

personal circumstances

date of birth

banking account and other information for payment

order details and order history

interests and preferences

User generated content which the respective User uploads or has entered itself

The processing of the data serves the purpose of providing all payever-Services with all functions to the Users. This includes maintaining the user account, use of various payever-Services or external service providers, communication with the User in the course of providing the payever-Services as well as forwarding the data to third parties for performance of the contractual service.


The processing is carried out, in order to perform the use contract concluded with the Users, Art. 6 para. 1 lit. b GDPR.

2.4

Transfer of personal data

2.4.1

Transmission for performance of the contract or with consentAs a general rule, personal data cannot be disclosed to third parties unless this is necessary to fulfill contractual obligations, Art. 6 para. 1 lit. b GDPR, or if the customer has expressly consented, Art. 6 para. 1 lit. a GDPR or if there is another applicable authorization under the law.

2.4.2

We use in part service providers who are bound by our instructions (“contract processors”) to provide the services. In such cases, personal data are forwarded to these contract processors in order to enable them to do the further processing. These contract processors are carefully selected and examined by us on a regular basis, in order to make sure that your privacy is preserved. The contract processors can only process the data for the purposes we have determined and in accordance with our instructions and are additionally under an obligation towards us under contract to treat your data exclusively in accordance with this present data protection policy as well as the German laws on data protection. The legal requirements in Art. 28 GDPR are strictly complied with.

2.4.3

Transfer for foreign countriesIn this respect, processing can also take place in countries outside the European Economic Area, for example, because certain offerings are provided on servers located there.The European Commission decided with a resolution dated 12 July 2016 with regard to the USA that, subject to the provisions of the EU-US Privacy Shield, there is a reasonable level of data protection for the forwarding of data to the USA (so-called resolution on reasonableness under Art. 45 para. 1 GDPR). We transfer data to the following companies certified under the EU-US-Privacy Shield:

Amazon, Inc. and all subsidiaries

Amazon Web Services, Inc. and all subsidiaries

Atlassian Pty Ltd and the subsidiaries Atlassian, Inc.; Atlassian Network Service, Inc., Dogwood Labs, Inc.; Trello, Inc.

Bamboo HR LLC

Bugsnag, Inc.

Facebook Inc. and all subsidiaries

FullStory, Inc.

Google LLC and all subsidiaries

Microsoft Corporation and all subsidiaries

Stripe, Inc.

Twilio, Inc.

Zendesk, Inc.

[If data are transferred on the basis of EU standard contract clauses:] Furthermore, we transfer data using standard contract clauses of the EU Commission pursuant to Art. 46 para. 2 lit c GDPR, in order to assure a level of data protection. These clauses are available at any time at 

[ https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en]

and you can alternatively also request these documents from us at the stated contacts. This involves the following service providers:

PayPal (Europe) s.à r.l. et Cie, S.C.A.

PayPal Pte. Ltd.

SmartRecruiters Inc.

3

Subscriptions to newsletters and other notifications

You can voluntarily subscribe to our newsletter and other notifications from us by email on our website. The content of the respective notifications is set forth in the subscription.


We collect for this purpose your name as well as your email address and use these data to send to you by email the newsletter as well as the respective notifications you have subscribed to.


The legal basis for this processing is the consent granted by you pursuant to Art. 6 para. 1 lit. a GDPR.


You can revoke your consent to the sending of newsletters and other notifications at any time with effect for the future.

4

Receiving advertising

You have the possibility to consent to receiving advertising when using the payever-Services. In this event, we use the information you have provided to send you advertising by regular mail or any other communication channels you have requested (email, SMS, telephone, push messages in our mobile apps or using various other communications services, such as Facebook Messenger, Whatsapp Messenger, telegram and Skype). The specific content of the advertising results from the respective consent you have issued.


You can revoke your consent to receiving advertising at any time with effect for the future.

5

Communication through services of third party providers

payever provides to commercial customers the embedding of various communications services of third party providers (e.g. Facebook Messenger, Whatsapp Messenger, telegram and Skype). This enables the respective commercial customer to send messages and recommendations directly to its customers.


payever is not the controller for the sent content of the communications or the operation of and the related processing in the communications services. The controllers for the sending of the content of the communications are the respective commercial customers. The controllers for purposes of Art. 4 no. 7 GDPR for the operation of these communications services and the related data processing are the respective service providers. The terms and conditions of use and data protection of the respective service provider always additionally apply for the use of those services.

6

Sessions and Cookies

payever uses so-called “cookies” or sessions on the side of the servers. “Cookies” are small text data files which are stored on your computer. They make it possible for a computer or another device to be again recognized when using the payever platform. Cookies are only used to enable better use of the payever-Services, or to the extent necessary for billing.


Cookies serve the following purposes in this regard:

conducting a session (i.e. so that entered content is retained)

identification of the User

personal greeting with the member’s name

attribution to the visited shop and merchandise pages and used payer-Services together with the beginning, end and scope of the respective use

as well as the further personalization of the services of payever, as well as

use analysis as described in more detail in Point 7 of this data protection policy

The described processing of cookies is carried out on the basis of our justified interests in structuring our services in accordance with the demand as well as statistical analysis of the payever-Services and the circumstance that your justified interests do not have greater weight (Art. 6 para. 1 lit. f GDPR).


You can also deactivate the cookie function in your internet browser by deactivating the storage of cookies or setting the browser so that it is informed when cookies are sent. Permission for cookies is not necessarily required for the navigation and functionality of the website, but we wish to point out that it is possible that not all functions of the payever-Service will also be available when the cookies are switched off.

7

Analysis of use by third party providers

7.1

Use profiles with cookiesWhen using the payever-Services, we prepare use profiles for purposes of advertising, market research or structuring the website appropriately for the demand by using pseudonyms. Exclusively data about your use of the payever-Platform is used, but not the content which you have transmitted. This involves especially features for the identification of the User (pseudonym), information about the beginning, end and scope of the use of the payever-Services and log-in data. You can object at any time to the use of your data for such purposes with effect for the future. Since the use analysis functions by using cookies, you can also deactivate the cookie function in your internet browser. Permission for cookies is not necessarily required for the navigation and functionality of the website, but we wish to point out that it is possible that not all functions of the payever-Service will also be available when the cookies are switched off.Cookies are used on the basis of our justified interest in structuring our service appropriately for the demand as well as for the statistical analysis of the payever-Services and the circumstance that your justified interests do not have greater weight, Art. 6 para. 1 lit. f GDPR as well as on the basis of § 15 para. 3 German Telemedia Act [Telemediengesetz, “TMG”].

date and time of access

browser type / version

used operating system

URL of the previously visited page

the previously opened app or website (if you were linked from the other offering to us)

volume of transmitted data

the IP address assigned to the end-device

We process these data for technical reasons, in order to be able to provide our services. We also process these data for the purpose of recognizing and following up on misuse. We process these data in accordance with Art. 6 para. 1 sentence 1 b) (General Data Protection Regulation, “GDPR”), in order to perform a contract as well as in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in order to preserve our justified interests and secure the proper operation and availability of the payer-Services as well as the transactions processed through those services.


We processed the used browser type, date and time of use as well as the IP address for the purpose of analyzing statistics with regard to the payever-Services. We optimize the payever-Services on the basis of this analysis. This is based on the fact of our justified interest in providing services adapted and optimized for you and the used end-devices and needs of the customers and the fact that your interests and rights or freedoms do not have greater weight, Art. 6 para. 1 lit. f GDPR.


The use data are not combined with other data.

2.2

Registration

8

Social media links and plugins

8.1

Social networkspayever has the own social media sites at third party providers which are reached through links from this website. When using the links, you arrive at the respective internet sites of the third party providers (e.g. Facebook, Twitter, Google+). If you have accessed the site of the third party provider, you are within the area controlled by the respective service provider so that also that service provider’s data protection policy or its policies concerning the use of data apply. The respective third party provider is the controller within the meaning of Art. 4 no. 7 GDPR. payever is not the controller for the data processing in this situation.You can find more detailed information about the collection and use of the data by Facebook and your corresponding rights and possibilities to protect your privacy in the data protection information of Facebook at

[https://www.facebook.com/about/privacy/]

The customer can review the data protection information for Google at

[http://www.google.com/policies/privacy/?hl=de]

You can find further information about the use of data at Twitter in the Twitter data protection policy at

[http://twitter.com/privacy]

You can find the details concerning data processing by LinkedIn as well as your rights and possibilities for settings at the data protection information of LinkedIn. LinkedIn has this information available at

[http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv]

8.2

Social media plugins / ShariffWe use website plugins on our website from the social networks Facebook, Twitter, Google+, LinkedIn and Xing only through the tool Shariff. Our buttons for parts of the content are activated through social networks with the software “Shariff” and the data is first then forwarded to the respective operator of the networks when you click the buttons. You can find more about Shariff here:

[http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html]

date and time of visiting the website

URL of the website where the visitor is located

URL of the website which the visitor visited beforehand

used browser

used operating system

IP address of the visitor

If you are logged in in parallel in the respective social network during the visit to our site (Facebook, Twitter, Google+, LinkedIn or Xing), the possibility cannot be precluded that the provider will attribute the visit to your network account. If you use the plugin functions (e.g. clicking on the “Like” button, making a comment), this information is also transmitted directly from your browser to the respective social network and may be stored there. Information about the purpose and extent of the collection of data and the further processing and use of the data by the networks can be found in the data protection information at the respective social network.

8.3

Use ofYouTubeThis website and the integrated offerings contain so-called embedded videos on YouTube. This enables a connection to YouTube and the videos placed there. YouTube is offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google is the sole controller for purposes of Art. 4 no. 7 GDPR for the data processing when using YouTube.You can find the purpose and extent of the data processing and use of data by Google as well as your rights and possibilities for settings for purposes of protection as a customer in the data protection information of Google. You can find this information at:

https://www.google.com/intl/de/policies/privacy/

8.4

Use of VimeoThis website uses plugins from Vimeo.com. Vimeo.com is operated by Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA (“Vimeo”). If the customer accesses a site with a plugin through that internet site, a connection to the severs of Vimeo.com is established and the plugin is displayed on the internet page through a message to the customer’s browser. As a result of this process, which of our internet sites the customer has visited are transmitted to the servers of Vimeo.com. Vimeo is the sole controller for the processing of the data when using the Vimeo services.If the Customer is a member at Vimeo.com, the visits by the customer can be attributed to the personal user account when the customer is logged in. The customer can prevent this attribution by logging out from the customer’s personal user account. The customer can find the details about the handling of the customer’s personal data and information about the collection and use of the data at Vimeo.com in the data protection information of Vimeo.com at

[https://vimeo.com/privacy]

9

Contact

9.1

Direct contact / contact formYou can contact payever at any time using the above referenced contact data.We also provide a form on our website with which you can contact us, in order to ask us questions, for example, about the payever-Services. We use your entered data (name, address, telephone number, email address) exclusively to handle the contact with you.We process these data in order to be able to receive and answer your question, Art. 6 para. 1 lit. b GDPR.

9.2

Contact with payever through services of third party providerspayever can be contacted by its customers through various other channels. Exclusively communications services of third party providers are used for this purpose (especially Facebook Messenger, Whatsapp Messenger and Skype).The communications services through which payever can be contacted can change. payever especially has no influence on these communications services. The terms and conditions for use and data protection of the respective communications services provider apply. payever is not responsible for the availability of the respective communications service. payever is not the controller within the meaning of Art. 4 no. 7 GDPR for the processing of data in connection with using these services. The controllers are solely the respective service providers.

date and time of visiting the website

https://de-de.facebook.com/policy.php

date and time of visiting the website

https://de-de.facebook.com/policy.php

date and time of visiting the website

https://de-de.facebook.com/policy.php

The purpose of using these communications services is to make it possible for the customer to have simple, uncomplicated and direct contact with payever. payever does not guarantee that it can be contacted immediately and on every weekday as well as at every time of the day through each service.


We process the personal data which you transmit to us when communicating through these communications services in order to handle the contact with you. We process these data in order to be able to receive and process your inquiry, Art. 6 para. 1 lit. b GDPR.

10

Storage period / deletion of data

We delete or anonymize your personal data as soon as the data are no longer needed for the purposes for which we have collected or used the data under the preceding points. We normally store your personal data for the period of use and the contract through the payever-Services to the extent these data are no longer required for purposes of criminal investigation or to secure, assert or enforce legal claims.


If you cancel your user account, your profile is deleted.


To the extent data must be retained for legal reasons, these data are deleted only after the expiration of this period and are blocked until then. The data are then no longer available for any further use except for the purposes of the legal retention period.


After deletion from our operational systems, the data remain for a certain period in the back-up copies in our revolving data-backup process and are then, however, automatically deleted in the course of this process at the end of the backup cycle.

11

Your rights as a data subject

11.1

Right to informationYou have the right to obtain from us at any time, upon request, information about the data we have processed and the personal data relating to you in the scope set forth in Art. 15 GDPR. You can submit a request by regular mail or by email to the address set forth above.

11.2

Right to correction of incorrect dataYou have the right to demand from us the correction of the personal data related to you without undue delay if these data are incorrect. Please, use the contact addresses set forth above for this purpose.

11.3

Right to deletionYou have the right to demand from us the deletion from the personal data related to you under the prerequisites set forth in Art. 17 GDPR. These prerequisites especially provide for a right to deletion of the personal data are no longer needed for the purposes for which they were collected or otherwise processed as well as in cases of incorrect processing, the existence of an objection or the existence of a duty to delete under the law of the European Union or the law of the Member State which governs us. Aside from this, reference is made to point 13 of this data protection policy with regard to the time for which data are stored. In order to assert your above right, please, contact the addresses set forth above.

11.4

Right to limit the processingYou have the right to demand that that we limit the processing in accordance with Art. 18 GDPR. This right exists especially when the accuracy of the personal data is in dispute between the User and us, and this right exists for the duration which is needed to examine the accuracy as well as in the event that the User demands limited processing instead of deletion in the event that there is a right to deletion. Furthermore, the right to limit use also exists in the event that the data are no longer needed for our intended purposes, but the User needs the data to assert, exercise or defend against legal claims as well as if the successful exercise of an objection is still a matter of dispute between us and the User. Please contact the above stated addresses for the purpose of asserting your above right.

11.5

Right to transferability of dataYou have the right to receive the personal data related to you which you have provided in a structured, common, machine-readable format in accordance with Art. 20 GDPR. Please contact the above stated contact addresses for the purpose of asserting your above right.

11.6

Right to object

You have the right to submit an object under Art. 21 GDPR against the processing of personal data related to you which is taken place, among other bases, on the basis of Art. 6 para. 1 lit. e or f GDPR for reasons resulting from your particular situation. We will stop the processing of your personal data unless we can prove mandatory reasons for the processing which are deserving of protection which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend against legal claims.

11.7

Right to make complaintsYou also have the right to address complaints to the relevant supervisory authority.

11

Amendments to the data protection policy

The current version of this data protection policy is always available at

[https://payever.org/privacy]

Status: [10.08.2018]

Help Center

Vacancies

About payever

API Documentation

Ressources

Become a Merchant

Become a Partner

Contact Us & FAQ

Contact Us & FAQ

Become a Partner

Become a Merchant

Help Center

API Documentation

Press

Vacancies

About payever

Ressources

English (United Kingdom)

© payever. All rights reserved.