Data Protection Policy

Data Protection Policy for pendect.com

Within the use of this website we, as the data controller, collect and store the data you provided as long and so far this is necessary to fulfil the specified purposes and legal obligations. In the following we will inform you what data is involved, how the data is processed and what rights you have in this regard.

According to Article 4 no. 1 General Data Protection Regulation (GDPR) personal data means any information relating to an identified or identifiable natural person (in the following „person concerned or user“).

  1. Name and contact data of the data controller

    This Data Protection Policy covers data processing on the website      https://pendect.com/ by:

    Pendect GmbH,
    Ossastr. 38,
    D- 12045 Berlin

    (in the following „Pendect“)

    Email: [email protected]
    Telephone: +4917641454900

    You can always reach out to us directly if you have any questions about data protection law or about your rights as a data subject. You can reach us via the address mentioned before or via email to [email protected]

  2. Collection and storage of personal data and also nature and purpose and their use
    1. Web hosting

      For the provision of this website, we use the web hosting service DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States  (hereinafter “DigitalOcean”)

      The offer of the website requires the commissioning of a web hosting service.

      The legal foundation for the utilization of DigitalOcean is Art. 6 Subs. 1 Sentence 1 lit. f GDPR due to our legitimate economic interest to make our offer available on this website. In connection with the hosting DigitalOcean collects data on our behalf, which accrues while the use of the website.

      We have concluded a data processing agreement with DigitalOcean.  Through this agreement the service provider ensures that he processes the data in accordance with the General Data Protection Regulation and ensures the protection of the data subject rights.

    2. When visiting the website 

      You can access the website https://pendect.com without disclosing your identity. The browser on your end device automatically sends information to our website server (e.g. IP address of the querying computer, date and time of the access, name and URL of the accessed file, browser type and version and also further information sent by the browser (such as your computer’s operating system, etc.)).

      This information, which also includes your ip-address, is temporarily stored in a log file. The following information is collected without any action on your part and deleted automatically after 4 weeks.

      We process this data to ensure trouble-free connection to the website, comfortable use of our website, for evaluating system security and stability and also for further administrative purposes.

      The legal foundation for the data processing is Art. 6 Subs. 1 Sentence 1 lit. f GDPR. Our legitimate interest follows from the above purposes for the data collection.

      Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

      In addition, we also use cookies and analytics services during visits to our website. Further explanations can be found under section 4 and 5 of this Data Protection Policy.

    3. When setting up a user account

      You can set up a password-protected user account with us in which we save your personal data. The purpose of this is to provide you with your own personalized account (e.g. a personalized feed when you follow topics, categories, or Pentributors).

      If you would like to set up a password-protected user account with us, we need the following information from you:

      - a valid email address;
      - possibly your name (alias).

      In addition, to open a user account you have to enter a password of your choice. Together with your email address this provides access to your user account.

      The data is processed upon your query and under Art. 6 Subs. 1 Sentence 1 lit. b GDPR are required for the stated purposes of fulfilling the contract and pre-contractual measures.

      Creating a user account is not required for using our website. We also offer you the possibility of using our website as a guest.

      After your user account is deleted, your personal data is automatically deleted, unless you have consented to a prolonged period under Art. 6 Subs. 1 Sentence 1 lit. a GDPR.

    4. When setting up a Pentributor account

      You can set up a password-protected Pentributor account with us in which we save your personal data. The purpose of this is to provide you with your own account and to give you the opportunity to participate and use extended functionalities be active on our website.

      If you would like to set up a password-protected Pentributor account with us, we need the following information from you:

      - a valid email address;
      - possibly your name (alias).

      In addition, to open a user account you have to enter a password of your choice. Together with your email address this provides access to your Pentributor account.

      The data is processed upon your query and under Art. 6 Subs. 1 Sentence 1 lit. b GDPR is required for the stated purposes of fulfilling the contract and pre-contractual measures.

      Creating a Pentributor account is not required for using our website. We also offer you the possibility of using our website as a guest or with a user account.

      After your user account is deleted, your personal data is automatically deleted, unless we are obliged to longer storage under Article 6 Subs. 1 Sentence 1 lit. c GDPR due to tax- and commercial-law retention and documentation duties or you have consented to a prolonged period under Art. 6 Subs. 1 Sentence 1 lit. a GDPR.

    5. When registering for our newsletter 

      In so far as you have expressly consented under Art. 6 Subs. 1 Sentence 1 lit. a GDPR, we will use your email address to regularly send you our personalised newsletter. Providing an email address is sufficient for receiving the newsletter.

      You will then receive a registration notification by email, which you must confirm in order to receive the newsletter (so-called double opt-in). This serves us as proof that the registration was actually initiated by you.

      Cancellation is possible at any time, e.g. via a link at the end of every newsletter. Alternatively, you can cancel at any time by sending an email to [email protected]

      Your email address will be deleted after you withdraw your consent for receiving the newsletter.

      We distribute our newsletter via MailChimp, a newsletter dispatch platform of the US provider The Rocket Science Group, LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA  (“MailChimp”). We have concluded a data processing agreement with MailChimp.

      With the help of "Mailchimp" we can measure and evaluate the behaviour of our newsletter recipients. This includes the opening, click, bounce, delivery, cancellation, conversion and social sharing rates. This evaluation is carried out on the basis of our legitimate interests in accordance with Art. 6 Subs. 1 Sentence 1 lit. f GDPR in order to optimise and evaluate our newsletters. This is to be seen as a legitimate interest in the sense of the regulation mentioned above. Further information on data protection in connection with "Mailchimp" can be found in their privacy policy.

  3. Transfer of data

    Your personal data will not be transferred to third parties for purposes other than those specified below.

    We will only transfer your personal data to third parties, if:

    - you have expressly given your consent pursuant to Art. 6 Subs. 1 Sentence 1 lit. a GDPR;

    - in cases where transfer of your data is necessary for compliance with a legal obligation pursuant to 6 Subs. 1 Sentence 1 lit. c GDPR;

  4. Cookies and Pixel-Tags
    1. Cookies

      We use cookies on our website. These are small files that your browser automatically creates and saves on your end device (laptop, tablet, smartphone or suchlike) when you visit our website. Cookies do not cause any harm to your computer and do not contain any viruses, trojans or other malware.

      The cookie stores information which arises in conjunction with the specifically used end device. This does not mean, however, that this gives us direct knowledge of your identity.

      Cookies are used on the one hand so that we can make the use of our offerings more pleasant for you. Therefore, we use session cookies to recognise that you have already visited individual pages of our website.

      In addition, we use temporary cookies saved on your end device for a certain defined period to optimise user friendliness. If you visit our website again to use our services, it is automatically recognised that you were already here before and which entries and settings you made so that you do not have to repeat them.

      On the other hand, we use cookies to compile statistics on the use of our website and to evaluate the optimisation of our offerings for you (see section 5). These cookies enable us to automatically recognise that you were here before the next time you visit our website. These cookies are automatically deleted after a defined period of time.

      On the one hand, the data processed by cookies are required for the stated purposes to protect our legitimate interests and also of third parties under Art. 6 Subs. 1 Sentence 1 lit. f GDPR. Certain cookies are used exclusively on the basis of your consent under Art. 6 Subs. 1 Sentence 1 lit. a GDPR. You will find the respective legal basis in the information of the respective service.

      Most browsers accept cookies automatically. You can configure your browser, however, so that no cookies are saved on your computer or a message always appears before a new cookie is created. Complete deactivation of cookies can, however, lead to you not being able to use all the functions of our website.

    2. Pixel

      We use pixel tags (also called tracking pixels) within the scope of our online services. Pixels are small graphics, which are integrated via the HTML code of our site. The pixel-tag itself does not store or change any information on your device, so pixels do not cause any damage on your device, do not contain viruses, trojans or other malware.

      The pixels send your IP address, the referrer URL of the visited website, the time at which the pixel was viewed, the browser used, and previously set cookie information to a web server. This enables us to carry out range measurements and other statistical evaluations, which serve to optimise our offerings.

      We use pixels exclusively on the basis of your consent (Art. 6 Subs. 1 Sentence 1 lit. a GDPR). You can use appropriate tools or browser add-ons to block the use of pixels on our pages (e.g. the "AdBlock" add-on for the Firefox browser).

      Further opt-out possibilities can be found in the following information about the tools we use.

  5. Analytic tools 

    The following tracking and targeting measures which we use are carried out on the basis of Art. 6 Subs. 1 Sentence 1 lit. f GDPR.

    With the deployed tracking measures we want to ensure an appropriate design and continuous optimisation of our website. On the other hand, we use tracking measures to compile statistics on the use of our website and to evaluate the optimisation of our offerings for you.

    Via the deployed targeting measures we want to ensure that you only see advertising tailored to your actual or presumed interests on your end devices.

    These interests are to be considered as legitimate within the meaning of the aforementioned regulation.

    The pertinent data processing purposes and data categories can be found in the corresponding tracking and targeting tools.

    1. Google Analytics 

      We use Google Analytics, a web analytics service provided by Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google") for the purpose of creating a website experience tailored to users' needs and continuing optimisation of our website. In this context, pseudonymised user profiles are created and cookies (see sect. 4) are used. The information generated through the use of cookies about your usage of this website such as

      - web browser type / version,
      - operating system used,
      - referrer URL (the previously visited website),
      - host name of the accessing computer (IP address),
      - time of server request,

      are usually transmitted to and stored on a server belonging to Google in the USA. Google complies with the privacy policy of the “US Privacy-Shield” and is registered with the Privacy Shield Program of the US Department of Commerce. This guarantees compliance with EU data protection law.

      The use of Google Analytics is based on our legitimate interests (Art. 6 Subs. 1 sentence 1 lit. f GDPR) in the analysis and optimisation of our online offering and the economic operation of this website. Google therefore processes the information on our behalf to evaluate the use of the website, to compile reports on website activities and to provide us with other services related to website activity and internet usage for the purposes of market research and the needs-based design of these websites.

      We have also concluded a data processing contract with Google for the use of Google Analytics. In this contract Google undertakes to process data in accordance with the General Data Protection Regulation and to ensure that the rights of the persons concerned are protected.

      We only use Google Analytics with activated IP anonymisation. This means that the IP address of users is shortened by Google within member states of the European Union or in other states which are parties to the Agreement on the European Economic Area. The full IP address is transferred to a Google server in the USA and is shortened there only in exceptional cases.

      We do not use Universal Analytics with User ID offered by Google.

      If necessary, the collected data will be transferred to third parties if this is required by law or if third parties process the data by order.

      The user data collected via cookies is automatically deleted after 14 months.

      You can block the installation of cookies by selecting the appropriate settings in your web browser software; however, please note that if you do so, you may not be able to use the full functionality of this website.

      You can also block the collection of the data generated by the cookie and relating to your usage of our website (including your IP address) and the processing of such data by Google by downloading and installing a web browser add-on.

      As an alternative to the web browser add-on, in particular for web browsers installed on mobile end devices, you can also block tracking by Google Analytics by clicking on the following link.

      Analytics Opt-Out

      An opt-out cookie is created which prevents the tracking of your data when you visit this website in the future. The opt-out cookie applies only to the web browser you are using and only to this website and will be stored on your end device. If you delete the cookies on this web browser, you will have to set another opt-out cookie.

      More information on data privacy in relation to Google Analytics can be found on the Google Analytics Help page. You can find information on the data usage of Google in their privacy policy.


    2. Facebook Custom Audience and Facebook Pixel

      In addition, we also use Facebook Website Custom Audiences with Facebook Pixel, an analysis tool of  Facebook Inc.,1 Hacker Way, 94025 Menlo Park, USA or if you are located in the EU, Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland (hereinafter “Facebook”). This is a marketing service at Facebook. It enables us to have individually co-ordinated and interest-based advertising on Facebook shown to certain groups of pseudonymised visitors to our website who also use Facebook.

      A Facebook custom audience pixel is integrated into our website. This is a JavaScript code that is used to store non-personal data about the use of the website. This includes your IP address, the browser used as well as the originating and destination page. This information is transmitted to Facebook servers, which may also be located in the USA. Facebook is certified under the US-EU data protection agreement "Privacy Shield '' and therefore commits itself to comply with the European data protection regulations.

      There, the system automatically checks whether you have saved a Facebook cookie. The Facebook cookie is used to automatically determine whether you belong to the target group which is relevant for us. If you belong to the target group, we will display the relevant ads on Facebook. During this process, neither we nor Facebook will identify you personally by comparing the data.

      The Facebook pixel allows us to see how you react to our ads on Facebook, for example, when you click on a link in the ad that leads to our website. This gives us a better overview of how successful our campaigns are on Facebook and allows us to continuously optimize them. With the help of the pixel it is also possible to recognize you as a visitor of our website in order to identify you as a target group for displaying ads. Accordingly, we use the Facebook pixel to display the ads we display on Facebook only to those Facebook users who are likely to have an interest in our offerings, either because they have previously visited our website or because they have certain characteristics (e.g. interest in certain topics or products determined by the websites visited).

      The pixel is loaded onto your device when you visit our website or respond to an ad placed by us on Facebook, for example because you click on a link contained on our site. In this context, a pixel ID is created and stored in a cookie so that we can obtain evaluations of your user behaviour. The pixel is not used for personal identification. We have concluded a data processing agreement with Facebook. In this agreement, Facebook assures to process the data in accordance with the GDPR and to protect the rights of the persons concerned. If you do not want us to evaluate your user behavior in connection with Facebook pixels, you can prevent tracking via the Facebook pixel at any time by clicking.

      Disable Facebook Pixel 

      This sets a cookie that is used to prevent tracking of the pixel.

      As a Facebook user, you also have the option to object to the tracking of the Facebook pixel in the settings for Facebook advertisements after logging into your account.

      You can find more information about data protection of Facebook in the data policy of Facebook.

    3. Google Tag Manager

      We use the Google Tag Manager tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: "Google"). Google Tag Manager helps us to manage the tools about which we inform users in this Data Privacy Statement. You can find more details regarding these tools in the information on the respective tool.

      The tag manager tool itself (which implements the tags) is a cookie-free domain. The tool controls the triggering of other tags which again may collect data under certain circumstances. Google Tag Manager will not access that data. If deactiva-tion was made at the domain or cookie level, this continues to apply to all tracking tags which are deployed with Google Tag Manager.

      You can find more information about Google Tag Manager in the Use policy for this product.

  6. Data subject rights

    You have the right:

    - pursuant to Art. 7 Subs. 3 GDPR to withdraw your consent to us at any time. This means that we may no longer continue processing the data based on that consent for the future;

    - pursuant to Art. 15 GDPR to demand information about your personal data we process. In particular, you can demand information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your data were or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction or revocation of processing, the existence a right to lodge a complaint, the origin of your data, in so far as not collected by us, and also about the existence of automated decision-making including profiling and where appropriate meaningful information about to details thereof;

    - pursuant to Art. 16 GDPR to demand immediate rectification of inaccurate or completion of your personal data saved with us;

    - pursuant to Art. 17 GDPR to demand deletion of your personal data saved with us, in so far as the processing is not required for exercising the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;

    - pursuant to Art. 18 GDPR to demand restriction of processing of your personal data, in so far as you contest the accuracy of the data, the processing is unlawful but you oppose deletion and we no longer need the data but you do to establish, exercise or defend legal claims or you have objected to processing pursuant to Art. 21 GDPR;

    - pursuant to Art. 20 GDPR to receive your personal data you have provided us in a structured, commonly used and machine-readable format or to demand transmission to another controller;

    - pursuant to Art. 77 GDPR to lodge a complaint to a supervisory authority. As a rule, you can contact the supervisory authority for your habitual residence or place of work or our registered offices.

  7. Right to object pursuant to  Art. 21 GDPR 

    Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 Subs. 1 Sentence 1 lit. e and Art. 6 Subs. 1 Sentence 1 lit. f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, in so far as there are grounds arising from your particular situation or it relates to objection to direct marketing. In the latter case, you have a general right to object which we shall heed without the stating of a particular situation; This also applies to profiling based on those provisions as defines in Art. 4 no 4 GDPR.

    If you submit an objection we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is necessary for the establishment, exercise or defence of legal claims.

    If your objection is to the processing of data for direct marketing purposes, we shall cease processing immediately. In this case it is not necessary for you to assert a particular situation. This also applies to profiling to the extent that it is related to such direct marketing.

    If you want to exercise your right to object, simply send an email to [email protected]

  8. Data Security 

    All the data you personally transfer will be sent encrypted with the customary and secure TLS standard (Transport Layer Security). TLS is a secure and proven standard, which is also used for online banking, for example. You can recognise a secure TLS connection inter alia by the "s" appended to the http (i.e. https://..) in the address bar of your browser or by the lock symbol at the bottom of your browser.

    We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continually monitored and improved to reflect technological developments.

  9. Actuality of and changes to this Data Protection Policy

    This Data Protection Policy is the latest version and was last amended as of March 2020.

    The further development of our website and offers on it or changes in statutory or public-authority requirements many render it necessary to amend this Data Protection Policy. The latest version of Data Protection Policy can be downloaded and printed out at any time from the website under
    https://beta.pendect.com/data