We, as the operator of the Website and our Platform (including the Web App, iOS App, and Android App) at https://www.bavest.co sand other subdomains of this domain (hereinafter also referred to as "website" or "platform"), are responsible for the collection and use of personal data of users (hereinafter referred to as "users" or "you") on our platform and when using our services in accordance with applicable data protection law, in particular the General Data Protection Regulation ("GDPR"). In the following, we inform you within the scope of our information obligations (Art. 13 et seq. DSGVO) which data is processed when you visit our website and on which legal basis this is done.
Information about the responsible person
Bavest Technologies GmbH
If you have any questions about the collection and use of data, you can contact us at any time.
Processing of personal data
Cookies are very small text files used by Internet sites that your browser stores on your computer and by the body that sets the cookie (here by us), certain information flows. Cookies cannot execute programs or transmit viruses to your computer. Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser. Persistent cookies are deleted automatically after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time. This information is used to optimize our offer and to provide you with more comfort and protection while surfing our pages. The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. You can set your internet browser to inform you as soon as a web server wants to send you a cookie. You can then agree to accept the cookie or refuse this. You can configure your browser setting according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website. You can find out more about this in the help system of your Internet browser.
General storage period of personal data
Legal basis for the storage of personal data
Links on social media platforms
Each time you access our website, we collect the following personal data, which are automatically processed in the log files :
- Access status/http status code
- Überträgte amount of data
- Website IP called
-Address of the requesting computer
- Type of internet browser used
- Language of the Internet browser used
- Version of the Internet browser used
- Operating system and its version
- Date and time of the visit
- Time zone difference from Greenwich Mean Time (GMT)
- Referrer- websites accessed by the visitor's system via our website
- Internet service provider of the users.
The remaining data is stored for a limited period of time. We use this data for the operation of our website, in particular to detect and eliminate website errors, to determine the utilization of the website and to make adjustments or improvements, thus it is technically necessary (legal basis: Art. 6 para. 1 p. 1 lit. f DSGVO).
User account opening at Bavest via the website or the apps
You can open a user account (account) on our website or in our apps. Within the scope of registration, the following data will be requested and processed by us.
- First and last name
- E-mail address
The purpose of the data processing is the initiation of a customer relationship between the user and Bavest, but also the compliance with legal requirements. We base the data processing of this personal data when opening an account on the legal basis of Art. 6 (1) lit. b DSGVO (contract initiation) as well as Art. 6 (1) lit. c DSGVO in connection with the respective relevant legal obligation. Bavest stores this data only as long as we need it. Once you are a user with us, your data will remain stored for the duration of the customer relationship. In addition, due to legal obligations, it may be necessary for us to store your data beyond the contractual relationship, i.e. beyond the time of termination of the customer relationship.
Amazon Web Services (website host)
Our website (including the apps) is hosted by AWS (Amazon Web Services), an external service provider (hereinafter "hoster"). The personal data collected on this website is stored on the hoster's servers. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data. AWS stores our data exclusively on European servers.
Google Analytics Deactivation
We use Google Analytics Firebase (hereinafter Google Firebase) to analyze user behavior. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.Google Firebase includes various functions that allow us to analyze your In-APP behavior. This allows us, for example, to analyze your screen views, button presses, In-APP purchases, or the effectiveness of advertising efforts. We can also determine which features within our platform are used frequently or infrequently. Google Firebase stores for these purposes, among other things, the number and duration of sessions, operating systems, device models, region and a number of other data.
A detailed overview of the data collected by Google Firebase can be found under https://support.google.com/firebase/answer/6318039?hl=de
The use of Google Firebase may require the transfer of your personal data to the USA. The storage period for the data collected in this way is regulated as follows: Google Firebase is used to optimize this platform and to improve our offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
For more information about Google Firebase, visit: https://firebase.google.com/ https://www.firebase.com/terms/privacy-policy.html
We offer the option to process the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510,Townsend St., San Francisco, CA 94103 (Stripe). This is in line with our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f DSGVO). In this context, we share the following data with Stripe to the extent necessary for the performance of the contract (Art. 6 para. 1 lit. b. DSGVO).
- Name des Karteninhabers
- E-mail address
- Customer number
- Order number
- Bank details
- Credit card details
- Credit card expiration date
- Credit card verification number (CVC)
- Date and time of the transaction
- Transaction amount
- Name of the provider
The processing of the data provided under this section is not required by law or contract. Without the transfer of your personal data, we cannot process a payment via Stripe. Stripe is required for you to subscribe to Bavest Plus or Bavest Pro, without a payment via Stripe a full use of the Pro versions is not possible. This is in line with our legitimate interest in offering an efficient and secure payment method.
Stripe has a dual role as a controller and processor in data processing activities. As a controller, Stripe uses your übermitted data to fulfill regulatory obligations. This is in accordance with Stripe's legitimate interest (pursuant to Art. 6 para. 1 lit. f DSGVO) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b DSGVO). We have no influence on this process..
Stripe acts as a processor in order to be able to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively according to our instructions and has been contractually obligated to comply with the provisions of data protection law within the meaning of Art. 28 DSGVO.
Stripe has implemented compliance measures for international data transfers. Diese gelten für alle weltweiten Aktivitäten, bei denen Stripe personenbezogene Daten von natürlichen Personen in der EU verarbeitet. Diese Maßnahmen basieren auf den EU-Standardvertragsklauseln (SCCs).
For more information about opt-out and removal options with respect to Stripe, please visit: https://stripe.com/privacy-center/legal
Your data will be stored by us until the completion of payment processing. This also includes the period required for the processing of refunds, receivables management and fraud prevention. For us, according to [§ 147 AO / § 257 HGB], a statutory retention period of 6 years applies.
Other service providers
We would like to use our newsletters to inform you about news at Bavest, technical updates on the platform and our range of services, among other things. In addition, we would like to use our newsletters to inform you about current economic developments and news from the world of finance.
Provided that you have expressly consented in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an e-mail address. Unsubscribing is possible at any time, for example via a link at the end of each newsletter. Alternatively, you are welcome to send your unsubscribe request at any time by e-mail to: email@example.com.
If you confirm your e-mail address, we store your e-mail address, the time of registration and the IP address used for registration. The purpose of processing the data is to send you our newsletters and to be able to prove your registration, as well as to understand your interaction with our newsletters.
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.Information, deletion and correctionYou have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing, as well as a right to correction or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Right to restriction of processing
You have the following rights vis-à-vis us with regard to the personal data concerning you:
- Right to information
- Right to rectification or erasure
-Right to restriction of processing
- Right to object to processing
- Right to data portability.
You also have the right to complain to a data protection supervisory authority about our processing of your personal data.