Privacy Policy for Driver

 

Version: December 2022

 

The information provided below gives you an overview over the processing of your personal data by us and your rights under data protection law applicable in the Cayman Islandsin connection with the use of our app for procuring Journeys for Drivers (“THUMB Driver App”).

Which of your personal data is processed is substantively determined based on the services or products you use.

 

Table of Contents

1. Information Regarding the Data Controller
2. Definitions
3. Data Processing Activities and Purposes
4. Data Exchange within the THUMB Group
5. Processing in-/outside of the European Union / European Economic Area
6. Your Rights
7. Data Security
8. Storage Period
9. Updates and Changes

 

1. Information Regarding the Data Controller 

For Drivers in the Cayman Islands the data controller is:

Thumb Ltd (“THUMB“)

P.O. Box 505

George Town

Grand Cayman

Cayman Islands

KY1-1110
2. Definitions

“Personal data” is all information which relates to an identified or identifiable natural person. Among these are, for example, name, postal address, e-mail address or telephone number, but also usage data like your IP address.

“THUMB Group” consists of Haulmont UK Sherlock, Haulmont.

“Processing” is every process carried out with or without automated assistance or every sequence of such processes in connection with personal data, e.g. obtaining, capturing, organising, ordering, saving, adjusting or modifying, sorting, accessing, using, disclosing by transmission, distributing or any other form of making available, comparing or connecting, limiting, deleting or destroying.

“Journey” is every tour intermediated between a Passenger and a Driver through the THUMB Driver application.

 

3. Data Processing Activities and Purposes

Below, we will inform you about the various types of personal data we process and for what purpose(s). The THUMB Driver App makes it possible for you to procure Journeys through us with Passengers. For the use of our THUMB Driver App for procurement of Journeys, you must provide personal data which we process in order to perform the respective service. If additional information can be voluntarily shared, these are indicated as being “optional“.

3.1. Journey Procurement

To procure journeys through us, the following personal data is processed:

3.1.1. General including on-boarding

To register for use of the THUMB Driver App, you must provide the following information:

First name and surname, date of birth, city, country, e-mail address, fax number, mobile phone number, information regarding your license, your GPS coordinates while being logged in to the THUMB Driver App and the same at time of booking, at the start, during the course of and at the destination of a particular Journey, information regarding your end user device (Device ID, time of access of the THUMB Driver App, browser type and operating system), information regarding the Transportation Company (for Drivers who are employees), company address (for Drivers who are, at the same time, sole proprietors), statements regarding ratings by Passengers (1 to 5 stars for the Driver and the vehicle as well as the average rating), license plate number, color and make of the vehicle, readiness status, user ID, number of Journeys, revenue, rate of concluding or breaking off Journeys, statements regarding payment by the Passenger including tips and, in encrypted form, the password you have selected, profile picture (optional input).

If you have registered with the THUMB Driver App, but have not completed the Driver on-boarding process, we may contact you using the email address and phone number that you provided during the registration process to remind you that the on-boarding is not yet complete. We rely on our legitimate interests in resourcing our business  to carry out this processing.

You can consent to the usage of your GPS coordinates by THUMB during the installation of the THUMB Driver App. Via the operating system of your end user device (smartphone, tablet, etc.), you can also consent to the usage of your GPS coordinates by THUMB at a later point in time or withdraw your consent. In the absence of you sharing your GPS coordinates with us, we cannot procure Journeys for you or, as it may be, for your Transportation Company, since we communicate Passenger requests based on location in order to arrive at a short time delay until arrival.

For purposes of identification, we show your GPS coordinates as well as your name and, insofar as it has been provided to us, your profile picture and the license plate number to the Passenger who has booked a Journey with you. After accepting the Journey, during the Journey and for a certain period of time after the conclusion of the Journey, the Passenger is able to call you via the THUMB Passenger App. For this, we are using a phone number masking service (see point 3.1.2). In this way the Passenger can still call you after a Journey in order to ask, for example, about items forgotten in the vehicle but is not able to see your phone number at any time.

Without the processing of the foregoing personal data, we cannot procure any Journeys for you through your Transportation Company. This does not apply to optional inputs.

3.1.2. Multi-factor authentication and phone number masking via Twilio

For security reasons, when you register for the first time or log in from a new mobile device in the THUMB Driver App, we verify your registration with a code via SMS or email (“multi-factor authentication”). We use the service provider Twilio Inc. 375 Beale St, Suite 300 San Francisco, CA 94105, USA (“Twilio”) to send the SMS. In order to best protect your data, we also use Twilio’s calling service to mask your phone number to the relevant passenger. The passenger will still be able to call you (via Twilio) but will not know your phone number.

Legal basis to use the services of Twilio is our legitimate interest pursuant to improve the security of our services.

We have entered into a data processing agreement with Twilio to ensure that your personal data will only be processed in accordance with our instructions and with applicable data protection law. The lawfulness of the data transfer to the USA is ensured by Twilios’ binding corporate rules. Additionally, standard contractual clauses (SCCs) have been concluded. Further information on the privacy settings of Twilio can be found at www.twilio.com/legal/privacy.

3.1.3. Contact with THUMB

THUMB provides several means of contact for its customers such as our online contact form: https://thumb.ky/. You can further contact THUMB per letter or phone. Whenever you get in touch with THUMB, we store and process your personal data.

Depending on the means of contact you chose, THUMB is processing the following of your personal data:

name, e-mail address, country, phone number, voice recordings, content of your messages, attachments

Legal basis for this processing generally is our legitimate interest, in responding to your messages. When you initiate a contact in order to enter into a contract or because of a contract with THUMB.

To use our online form you are only required to provide us with your e-mail address for us to respond to your message. Communication with THUMB is deleted after 3 years, based on our legitimate interest, for the establishment, exercise or defence of legal claims.

When calling THUMB your phone call may be recorded, based on our legitimate interest in improving our customer service quality, training our agents and verifying call contents. Call recordings get automatically deleted after 90 days. You can object to the processing of your personal data, please contact us at https://thumb.ky/ or or send a formless letter to the address given at the top.

Parts of your communications with THUMB concerning individual passengers may be subject to disclosure to those passengers exercising their rights. Where THUMB receives such a request, it will either seek your consent to disclose any information which identifies you or where it is reasonable to comply with the request without your consent (such as when the passenger is already aware of your identity), THUMB will take steps to minimise and redact information about you.

3.1.4. Integration of Google Maps

The THUMB Driver App uses the Google Maps API which is provided by Google LLC organized under the laws of the State of Delaware, USA, and operating under the laws of the USA. 1600 Amphitheatre Parkway, Mountain View, California 94043 USA. In this way, you can be shown maps in the THUMB Driver App and you can also have the ability to interact with said maps. Without the Google Maps API application, THUMB Driver App will not function. The terms of use for Google Maps can be found at: https://www.google.com/help/terms_maps.html. There, you will also find a notice regarding the privacy policy of Google: https://policies.google.com/privacy?hl=de. We use Google Maps in order to calculate the anticipated cost of the Journey and in order to interactively show you the distance to the Passenger who booked the Journey. We process your GPS coordinates, if you have agreed to the usage. Your GPS coordinates will only be transmitted to Google in an anonymised manner. An identification of your person is impossible.

3.2. Payment

In order to make it possible to conduct payment pursuant to the respectively applicable “THUMB Procurement Framework Agreement” and the respectively valid “Terms and Conditions for Taxi Companies”, the following personal data will be processed for the purpose of performance of the contract:

Your first name and surname, the number of Journeys, revenue and, if you are yourself a Transportation Company, information regarding payments and bank account.

3.3. Rating of Drivers and Passengers

Via the THUMB Passenger App, Passengers can rate you and your vehicle after a Journey with between 1 to 5 stars. The individual rating flows into the average value which we have determined for you and your vehicle. The individual rating is only visible to the respective Passenger who provides it, to you as the Driver and to THUMB. For Drivers who are employed with a Transportation Company, we only transmit the individual rating to your Transportation Company with your consent.

Further, Passengers can add Drivers as favorite Drivers in their THUMB Passenger App profiles. In this context, your first name and surname, your rating and the profile picture will be saved in the THUMB Passenger App of the respective Passenger.

The processing of this data takes place on the basis of our legitimate interest to ensure a reasonable standard of quality and ensure Passenger security.

Beyond this, you have the possibility of rating Passengers. The ratings are only visible to THUMB and will only be transmitted to the affected Passenger upon request in an anonymised form. The processing of personal data by THUMB will take place on the basis of your consent which you have given by providing a rating.

3.4. Fraud Prevention

3.4.1 General

THUMB is invested to make its platform a secure space for passengers and drivers. Therefore, THUMB has implemented measures to detect and prohibit fraudulent behaviour in order to protect passengers and drivers. Also, THUMB wants to reduce the risk of financial damages due to fraudulent behaviour. For this reason THUMB will conduct an evaluation of risk for fraudulent behaviour on the basis of a mathematical-statistical model (scoring). This processing is based on the abovementioned legitimate interest.

To determine the score, the following personal data will be processed:

• Passenger and Driver data such as: phone number, email address, name, device identifiers,
• Tour data such as: length of the tour, distance to the passenger, used incentives, tour value, starting location and destination location,
• Payment data such as: payment method.

The values stemming from this data are compared to a set of previously defined scenarios that indicate fraudulent behaviour. Based on the number of scenarios that we identify, our fraud prevention service provider will calculate a score revealing the likelihood of fraudulent behaviour.  Based on that score a specially trained THUMB employee will further investigate if there can be any confirmation of fraudulent behaviour. The score will not be used for any automated decision-making. Any actions taken will never be justified by the score and will always involve human oversight.

3.4.2 GPS Tracking

In order to prevent fraudulent activity, we store your GPS location data sent to us by your mobile device at short intervals from the time of acceptance until the end of a tour. This allows THUMB to create a map of the entire course of a tour. In this way, we want to ensure that drivers do not deliberately extend the route in order to achieve a higher fee. At the same time, we can rectify unjustified passenger complaints by being able to follow the actual course and route to a tour. The processing of your GPS location data during a tour takes place for your own protection, as well as for the protection of the passenger and for our protection.

3.5. Bug Fixing and Functionality Improvements  

In order to fix bugs in the THUMB Driver App and to improve functionality of the THUMB Driver App and to adjust it to suit the needs of Drivers, we process the following personal data on the basis of our legitimate interest:

First name and surname, date of birth, city, country, e-mail address, fax number, mobile phone number, information regarding your license, your GPS coordinates while being logged into the THUMB Driver App and at the time of booking, time of starting and during the course and at the destination of a particular Journey, information regarding your end user device (Device ID,  time of access of the THUMB Driver App, browser type and operating system), information regarding the Transportation Company (for Drivers who are not themselves Transport Companies), company address (for Drivers who are, at the same time, Transportation Companies), information regarding the rating of Passengers (1 to 5 stars for the Driver and the vehicle as well as the average rating), license plate, color and make of the vehicle, readiness status, user ID, number of Journeys, revenue, rate of concluding or breaking off Journeys, statements regarding payment by the Passenger including tips and, in encrypted form, the password you have selected.

Inasmuch as it is sufficient for the performance of the respective purpose, we work with anonymous data and not with personal data.

3.6. News & Personalised Offers

3.6.1. General

When you provide THUMB the permission to send push notifications during THUMB Driver App installation, THUMB will send you push notifications based on your provided consent. This consent is overridden if, in the context of the registration process or later in the profile of the THUMB Driver App under the rubric “Privacy“, consent is given to receive news & personalized offers (advertising, coupons and special offers) and to show usage-based advertising („Retargeting“), and the correspondingly placed toggle has been activated, you will receive offers and advertising from us, and also for products and services of other companies of the THUMB Group. In this respect, your end user device (smartphone, tablet, PC, etc.) will receive personalized advertisements via electronic post (e-mail, SMS, MMS) or by another electronic means (via in-app messages, push messages).

In connection with this, we process the following personal data, insofar as you have given us the corresponding consent:

First name and surname, driver ID, e-mail address, business address, mobile phone number, profile picture (optional input), registration data, language setting, type of Journey (booking, try-out ride), version of the THUMB Driver App, login information, your GPS location data at the time of the booking and at the time of the end of the Journey or, as it may be, the pickup and destination locations, device ID (device identifier), IDFA (advertising identifier Apple Identifier for Advertisers), IFV (advertising identifier, Identifier Vendor), GAID (Google Advertising Identifier), IP address and usage data (usage frequency, information relating to the downloading of the THUMB Driver App, status of the registration of Journeys), language, time zone and city.

If you do not wish to receive the foregoing stated news & personalized offers, you can – just as easily as you consented – withdraw your consent by activating the corresponding toggle. Of course, you can also contact us via https://thumb.ky/ or send a formless letter to Thumb Ltd, P.O. Box 505, George Town, Grand Cayman, KY1-1110.

Please note that the withdrawal and ensuing changes are valid only for the future and will be effective or, as it may be, implemented by no later than 48 hours from withdrawal. This is for reasons of a technical nature, which do not permit faster implementation.

3.6.2. Direct Advertising for Existing Customers

If, in connection with the performance of our procurement services, we have received your e-mail address or mobile phone number and you have completed at least one Journey which we procured, we will use these exclusively for our own direct advertising of our own products and services via electronic post (e-mail, SMS and MMS), unless you have rejected such direct advertising. To this purpose, on the basis of our legitimate interest, we process the following data: e-mail address and mobile phone number. Our legitimate interest lies in intensifying customer relationships by proposing appropriate and interesting product information. The objection to direct advertising is possible at any time with effect for the future by clicking on the corresponding link in a relevant e-mail (e.g. to unsubscribe to a newsletter) or by contact via SMS. The direct advertisement sent by us is not personalized. Please take into account that the objection and the modifications required thereby are valid only for the future and will be effective or, as it may be, implemented by no later than 48 hours from withdrawal. This is for reasons of a technical nature, which do not permit faster implementation.

3.6.3. Sending news and service communications

For sending news, service communication and advertising e-mails, SMS, service communications and in-app messages, we make use of the service provider Mailgun Technologies, Inc., a Delaware corporation (“Mailgun”).

The personal data processed includes

• contact data, e.g. e-mail address, phone number, name
• location data, e.g. language, country, city
• content data, e.g. tour data, incentives data
• usage data, e.g. log-in times, log-out times

We have concluded data processing agreements with our service providers which ensures that the service provider exclusively processes your personal data pursuant to our instructions and in accordance with current data protection law.

We have concluded standard contractual clauses (SCCs) with Mailgun to ensure an adequate level of data protection when processing your data.

Our legitimate interest in the engaging of these service providers lies in the professional and reasonable organization of automated processes in an economically sensible way which makes it possible to provide you a positive user experience.

You can object to data processing at any time by sending a message via https://thumb.ky/.

3.7. Studies & Surveys

3.7.1. General

If you have consented in the course of the registration process or, later, in the profile of the THUMB Driver App under “Data Protection“, to receive studies & surveys, and have activated the corresponding toggle, we will contact you after a Journey or at some other time in the context of personalized (sent only to you and based on an analysis of the THUMB Driver App usage frequency) studies & surveys sent by electronic post (e-mail, SMS, MMS) or otherwise electronically (in-app messages, push messages) and request your participation. For example, we carry out quest campaigns at regular intervals, with the help of which we aim to increase and optimise the tours we arrange. In studies and surveys, the following personal data may be processed by us in accordance with Art. 6 (1) a) GDPR:

First name and surname, Driver ID, e-mail address, business address, mobile phone number, profile picture (optional input), method of payment, registration data, language set, THUMB Driver App profile (business or private customer), type of Journey (booking, try-out ride), THUMB Driver App version, login information (user name), your GPS coordinates at the time of booking and at the end of the Journey and usage data (usage frequency, information regarding the download of the THUMB Driver App, status of registrations or Journey), registration data, date of last login, push tokens, Device ID (device identifier), IDFA (advertising identifier, Apple Identifier for Advertisers), IFV (advertising identifier, Identifier Vendor), GAID (Google Advertising Identifier) and IP address

If you do not wish to be contacted in this regard, you can – just as easily as you gave consent – declare your withdrawal by accordingly activating the “Studies & Surveys” toggle. Of course, you can also contact us via https://thumb.ky/ or send a formless letter to Thumb Ltd, P.O. Box 505, George Town, Grand Cayman, KY1-1110, Cayman Islands.

Please note that the withdrawal and ensuing changes are valid only for the future and will be effective or, as it may be, implemented by no later than 48 hours from the withdrawal. This is for reasons of a technical nature, which do not permit faster implementation. In case of withdrawal, we reserve the right to process your personal data in anonymous form for internal analysis purposes.

3.8.1. Facebook

When entering our Facebook-page (via a link on our website, in our newsletter or directly) you reach the technical platform provided by Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (“Facebook“). We would like to inform you that you use the Facebook-page and its functions on your own responsibility. This especially applies for the use of the interactive functions (e.g. comments, sharing, rating). During you visit on our Facebook-page, THUMB basically processes personal data only if you interact with us via the page, e.g. when leaving a comment, press a like-button or sending us a message. Moreover, your data can be processed with your consent when you like or comment one of our posts or provide content on our page yourself. You can withdraw your consent any time with future effect by deleting the comment or your content. The revocation does not affect the legitimate consent-based processing that was performed until the revocation. Additionally, we analyze the visits and interactions on our page. For this Facebook creates usage profiles and provides the data in form of page-insights (“page-insights”). Page-insights are summarized data that allows us to get an overview on how users interact with our Facebook-page. For further information please visit: https://www.facebook.com/help/pages/insights. Please mind that your personal data is not only processed by THUMB, but also by Facebook while using and interacting with our Facebook-page. THUMB and Facebook are jointly responsible for the processing of insight-data. The respective responsibilities for THUMB and Facebook regarding the processing of insight-data are available in the page insights addendum: https://www.facebook.com/legal/terms/page_controller_addendum. How Facebook uses insight-data for its own purposes, to what extent insight data can be matched with certain users, for how long this data is stored and if data resulting from your visit on a Facebook-page is handed over to third parties is solely the responsibility of Facebook. Regarding the data processing via our Facebook-page, you can not only assert your rights towards THUMB, but also towards Facebook. Further details can be found in Facebook’s data policy under: https://www.facebook.com/about/privacy. Additional to the before-mentioned processing activities, Facebook also processes your data for analysis and advertising purposes, respectively to display personalized advertisements. According to our knowledge, Facebook makes use of cookies, pixels and other techniques which process your usage behaviour (even across different devices. This enables Facebook to display target-oriented advertisements on its own platforms and third-party websites, as well. The data collected about you in this context are transmitted to the United States of America and other non-EU countries. Which exact information Facebook receives and how it is used, is generally described in Facebook’s privacy policy. There you will also find ways to contact Facebook directly and information on settings for advertisements. The privacy policy is available under https://www.facebook.com/about/privacy . The complete privacy policy can be found here: www.facebook.com/full_data_use_policy Furthermore, Facebook offers its users the possibility to object to certain processing activities. More information on this and opt-out-possibilities can be found here: https://www.facebook.com/settings?tab=ads.

3.8.2. Links to social networks Instagram, Twitter, LinkedIn, Xing, YouTube

On our website and in our newsletters we link our accounts on other social media platforms Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; „Instagram“), LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; „LinkedIn“); Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland; „Twitter“), YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; „YouTube“) and Xing (New Work SE, Dammtorstraße 30, 20354 Hamburg, UKy; „Xing“) via the icon of the respective social network. When you click the links or visit our pages on the platform directly, you are on the website of the respective social media platform. The general terms and conditions and privacy policies of the respective social media network provider. We would like to inform you that we do not receive any information about the content and extent of the data processing performed by the social media network. Information on how the respective social media platform handles your data can be found in the following privacy policies:

• for Instagram under http://instagram.com/about/legal/privacy/ 
• for LinkedIn under https://www.linkedin.com/legal/privacy-policy
• for Xing under https://privacy.xing.com/en und https://privacy.xing.com/en/privacy-policy
• for Twitter under: https://twitter.com/en/privacy and https://help.twitter.com/en/rules-and-policies/twitter-cookies
• for YouTube: https://policies.google.com/privacy?hl=en&gl=de

We process personal data on our social media pages as far as the user interacts with us directly, by commenting or liking our posts or sending messages. Legal basis for this kind processing is the user‘s consent. As the case may be, we share content on our social media page, if this is a function of the social media platform and communicate with you via this platform. The processing is performed due to a legitimate interest in public relations and communications.

4. Data Exchange within the THUMB Group

For internal administration and standardization purposes, we may transfer personal data of drivers or passengers within the THUMB Group.

4.1. Joint Controller Agreement

THUMB has entered into a Joint Controller Agreement with Haulmont UK, Labs House, 15-19 Bloomsbury Way, WC1A 2TH. The Parties have jointly determined the order of the processing of your personal data in each section of processing.

The purpose of this agreement is to unify the handling of Driver data and billing across the entire THUMB Group. The Parties jointly agreed on which obligations each party fulfils.

Haulmont UK is processing jointly the Drivers’ personal data of THUMB to improve the software of the THUMB Driver application and provide technical know-how to THUMB. THUMB is responsible for all data processing with regard to the local usage of the THUMB Driver application.

Despite the existence of a joint controllership, the Parties fulfil the obligations under data protection law in accordance with their respective competences. The Parties shall provide any information referred to in Articles 13 and 14 GDPR to you free of charge in a concise, transparent, intelligible and easily accessible form, using clear and plain language. For this purpose, each Party shall provide the other Party with all necessary information relating to their respective operating range. The Parties shall immediately inform each other about the exertion of your rights and provide the other Party with all necessary information referred to the right of access. Pursuant to Articles 15 through 22 GDPR, you may exercise your rights under the GDPR in respect of and against each of the Parties. However, to speed up the response, we would kindly ask you to contact THUMB to exercise your rights via https://thumb.ky/.

 

5. Processing in-/outside of the Cayman Islands

In part, we arrange for external service providers to process your data (e.g. troubleshooting, creation of mailings). To this end it is necessary for us to transmit your personal data to our external service providers for a specified purpose (confined to the purpose in question). We have selected our service providers carefully and engaged them in writing. They are bound by our instructions and we have obtained information about their technical and organisational measures for the secure processing of personal data. We also require that our service providers comply with the applicable data protection regulations. We work with service providers from the Cayman Islands, USA, EU and EEA countries. We have concluded data processing agreements with our external service providers in accordance with Art. 28 (3) GDPR, inasmuch as this is required for the contractual purpose. The transfer to service providers outside of the Cayman Islands and the Global Area takes place correspondingly on the basis of decisions by the Cayman Islands Government and the EU Commission pursuant to The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 and Art. 45 GDPR respectively (an ‘adequacy’ decision) or on the basis of standard EU contractual clauses.

We store all our data with a cloud service provider within the US or in IT infrastructures and systems (employee computers) at our sites within the Cayman Islands or the EU.

We do not sell any personal data to third parties.

However, we do reserve the right to disclose information about you if we are legally obligated to do so or if we are asked to surrender it by administrative or law enforcement bodies (e.g. police or Prosecution Service).

 

6. Your Rights

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed by us. Where this is the case, we will be pleased to give you access to the personal data and the information listed in Art. 15 GDPR.

In addition, you have the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR), subject to the relevant legal requirements. In addition, you have the right to object to the processing under the statutory conditions (Art. 21 GDPR) or to withdraw any consent you have given at any time with effect for the future (Art. 7 (3) GDPR).

In order to assert your rights against us, it is sufficient to send a message via https://thumb.ky/ or a postal letter to the address mentioned under “1. Information regarding the Data Controller”.

7. Data Security

We have taken appropriate technical and organisational measures to guarantee data security, in particular to protect your personal data against access by third parties, as well as accidental or intentional modification, loss or destruction. Such measures are reviewed periodically and adapted in line with the state of the art. The transfer of your personal data from your end user device (e.g. smartphone) to us is always encrypted. THUMB is PCI DSS (Payment Card Industry Data Security Standard) certified.

 

8. Storage Periode

The data provided by you to us is only stored for as long as is required to perform the respective purpose for which you have transmitted your data, or inasmuch as it is required for conformity with statutory or official requirements. personal data is anonymised by us, in principle, after three years, unless we have a legitimate interest in a longer storage period (e.g. bookkeeping requirements).

 

9. Updates and Changes

We retain the right to modify this privacy policy at any time in the future in accordance with the applicable data protection laws and regulations.