Privacy Policy | Asili.me

Name and Contact of the Controller according to Article 4 (7) GDPR:
Jan Priepke
Maria-Merian-Str. 12
85521 Ottobrunn
Germany
E-mail: asili@asili.me

Security and Protection of Your Personal Data
We consider it our primary responsibility to maintain the confidentiality of the personal data you provide and to protect it from unauthorized access. We therefore use the utmost care and state-of-the-art security standards to ensure maximum protection of your personal data.

As a privately held company with customers in the European Union, we are subject to the provisions of the European General Data Protection Regulation (GDPR). We have taken technical and organizational measures to ensure that the data protection regulations are observed by both us and our external service providers.

Definitions
The legislator requires personal data to be processed lawfully, fairly, and in a transparent manner in relation to the data subject (“lawfulness, fairness, transparency”). To ensure this, we inform you of the legal definitions used in this privacy policy:

Personal Data
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Processing
“Processing” means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of Processing
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.

Profiling
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Pseudonymization
“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Filing System
“Filing system” means any structured set of personal data that are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis.

Controller
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient
“Recipient” means a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not.

Third Party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Lawfulness of Processing
Processing of personal data is only lawful if there is a legal basis for the processing. According to Article 6(1) lit. a–f GDPR, the legal basis for processing can be:

The data subject has given consent to the processing of their personal data for one or more specific purposes;

Processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract;

Processing is necessary for compliance with a legal obligation to which the controller is subject;

Processing is necessary in order to protect the vital interests of the data subject or of another natural person;

Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, particularly where the data subject is a child.

Information about the Collection of Personal Data
(1) Below we inform you about the collection of personal data when using our website. Personal data includes e.g. name, address, email addresses, user behavior.

(2) When contacting us by e-mail or through a contact form, the data you provide (your email address, possibly your name and telephone number) will be stored by us in order to answer your questions.

Collection of Personal Data When Visiting Our Website
When you use our website for informational purposes only, meaning without registering or otherwise transmitting information to us, we only collect the personal data your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (legal basis: Art. 6(1)(f) GDPR):

IP address

Date and time of the request

Time zone difference to Greenwich Mean Time (GMT)

Content of the request (specific page)

Access status/HTTP status code

Amount of data transferred

Website from which the request originates

Browser

Operating system and its interface

Language and version of the browser software

Use of Cookies
(1) In addition to the aforementioned data, cookies are stored on your device when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and through which the party setting the cookie (in this case, us) receives certain information. Cookies cannot execute programs or transmit viruses to your computer. Their purpose is to make the internet offering more user-friendly and effective overall.

(2) This website uses the following types of cookies, whose scope and functionality are explained below:

Transient cookies (see a.)

Persistent cookies (see b.)

a. Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. They store a so-called session ID, which allows various requests from your browser to be assigned to the same session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.

b. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in your browser's security settings.

You can configure your browser settings according to your preferences and, for example, refuse the acceptance of third-party cookies or all cookies. Please note that if you disable cookies, you may not be able to use all the functions of this website.

We also offer our users the option to select which cookies they want to allow. Some cookies serve security purposes or are necessary for the operation of our online offering (e.g., for the display of the website) or to store user decisions (e.g., acceptance or rejection of cookies). In addition, we and our technology partners use cookies for reach measurement and marketing purposes, about which users will be informed in this privacy policy. Users can object to the use of cookies for marketing purposes via the cookie banner shown when they first visit the website.

A general objection to the use of cookies for online marketing purposes, especially in the case of tracking, can be made via the U.S. page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com. Furthermore, cookies can be disabled in the browser settings. However, please be aware that some website functions may no longer be available if you disable cookies.

If users do not want cookies for advertising purposes to be stored, they can set their preferences in a popup when opening the website. In that case, no marketing-related cookies will be used.

If users do not want any cookies to be stored on their device at all, they should disable the corresponding option in their browser's system settings. Stored cookies can also be deleted in the browser settings. Disabling cookies may lead to functional limitations of the online offer.

Newsletter
(1) With your consent, you may subscribe to our newsletter, through which we inform you about our current and interesting offers. The promoted goods and services are specified in the declaration of consent.

(2) We use the so-called double opt-in procedure for newsletter registration. This means that after your registration, we will send an email to the provided address in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. We also store the IP addresses used and the times of registration and confirmation. The purpose of this procedure is to provide proof of your registration and, if necessary, to investigate any potential misuse of your personal data.

(3) The only mandatory information for sending the newsletter is your email address. Providing further, separately marked data is voluntary and will be used to address you personally. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.

(4) You may revoke your consent to receive the newsletter at any time and unsubscribe. You can declare the revocation via email to info@gogimedia.de or by contacting us through the details provided in the legal notice.

(5) Please note that we analyze your user behavior when sending the newsletter. For this analysis, the emails contain so-called web beacons or tracking pixels—one-pixel image files stored on our website. For the analysis, we link the data mentioned in section 3 and the web beacons with your email address and a unique ID. The data is collected exclusively in a pseudonymized manner, meaning the IDs are not linked to your other personal data, and direct identification is excluded. You may object to this tracking at any time by clicking the separate link provided in every email or by contacting us via another communication method. The information is stored as long as you are subscribed to the newsletter. After unsubscribing, the data is stored only in an anonymized and statistical format.

Children
Our offer is generally aimed at adults. Persons under the age of 18 should not transmit personal data to us without the consent of their parents or legal guardians.

Rights of the Data Subject
(1) Right to Withdraw Consent
If the processing of your personal data is based on your consent, you have the right to withdraw this consent at any time. The lawfulness of processing based on consent before its withdrawal remains unaffected.
You may contact us at any time to exercise your right of withdrawal.

(2) Right to Confirmation
You have the right to request confirmation from the controller as to whether we are processing your personal data. You can request confirmation at any time using the contact details provided above.

(3) Right of Access
If your personal data is being processed, you can request access to that data and the following information at any time:

the purposes of processing;
the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data has been or will be disclosed, especially if these are in third countries or international organizations;
if possible, the intended period for which the data will be stored or, if not possible, the criteria used to determine that period;
the existence of a right to rectification or erasure of the personal data or restriction of processing or a right to object;
the right to lodge a complaint with a supervisory authority;
if the data was not collected directly from the data subject, any available information about the source;
the existence of automated decision-making, including profiling, under Art. 22(1) and (4) GDPR and meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing.

If personal data is transferred to a third country or an international organization, you have the right to be informed about appropriate safeguards under Art. 46 GDPR. We provide a copy of the personal data undergoing processing. For any additional copies requested, we may charge a reasonable fee based on administrative costs. If you make the request electronically, the information will be provided in a commonly used electronic format, unless you request otherwise. The right to obtain a copy must not adversely affect the rights and freedoms of others.

(4) Right to Rectification
You have the right to request that we correct any inaccurate personal data concerning you without delay. Taking into account the purposes of processing, you have the right to have incomplete personal data completed, including by means of a supplementary statement.

(5) Right to Erasure (“Right to be Forgotten”)
You have the right to request the erasure of your personal data without delay where one of the following grounds applies:

The data is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent and there is no other legal basis for processing.
You object to the processing under Art. 21(1) or (2) GDPR, and there are no overriding legitimate grounds.
The data has been unlawfully processed.
The data must be erased for compliance with a legal obligation.
The data was collected in relation to services offered to a child per Art. 8(1) GDPR.

If the controller has made the data public and is obliged to erase it, they shall take reasonable steps to inform other controllers processing the data that the data subject has requested the deletion of all links to or copies of the data.

This right does not apply to the extent processing is necessary:

to exercise freedom of expression and information;
for compliance with a legal obligation or a task carried out in the public interest;
for public health purposes under Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
for archiving, research, or statistical purposes in the public interest, where the right to erasure would seriously impair the objectives;
for the establishment, exercise, or defense of legal claims.

(6) Right to Restriction of Processing
You have the right to request the restriction of processing if:

the accuracy of the data is contested by you, for a period enabling verification;
the processing is unlawful and you oppose erasure and request restriction instead;
the controller no longer needs the data, but you require it for legal claims;
you have objected to processing under Art. 21(1) GDPR and verification of legitimate grounds is pending.

If processing has been restricted, such data shall only be processed with your consent or for legal claims, protection of others, or reasons of public interest.

(7) Right to Data Portability
You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and to transmit it to another controller, provided that:

the processing is based on consent or a contract, and
the processing is carried out by automated means.

You may request the direct transfer of data to another controller, where technically feasible. This right does not affect the right to erasure and does not apply to tasks in the public interest.

(8) Right to Object
You have the right to object at any time to processing based on Art. 6(1)(e) or (f) GDPR, including profiling.
We will stop processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is for legal claims.
You may object to processing for direct marketing purposes at any time, including profiling related to direct marketing.
You may exercise your right to object via automated means using technical specifications.
You also have the right to object to processing for research or statistical purposes unless it is necessary for a task in the public interest.

(9) Automated Decision-Making Including Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects you, unless:

it is necessary for a contract,
authorized by law with safeguards, or
based on your explicit consent.

We take reasonable measures to safeguard your rights and freedoms, including the right to human intervention, to express your point of view, and to contest the decision.

(10) Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a supervisory authority, particularly in your place of residence, workplace, or the place of the alleged infringement, if you believe that the processing of your data violates the GDPR.

(11) Right to an Effective Judicial Remedy
You also have the right to an effective judicial remedy if you believe your rights under the GDPR have been infringed due to non-compliant data processing.

Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, text files stored on your device that help analyze your use of the site. The data generated by cookies is usually transmitted to a Google server in the USA and stored there. By default, we use IP anonymization, which means Google shortens your IP address within the EU or EEA. Only with your explicit consent for marketing cookies will the full IP be transferred and used.

(2) The IP address transmitted by your browser will not be merged with other Google data.

(3) You can prevent cookie storage by adjusting your browser settings. However, this may limit the website’s functionality. You can also prevent data collection via cookies and processing by Google by downloading and installing the browser plugin: http://tools.google.com/dlpage/gaoptout?hl=de.

(4) This website uses Google Analytics with the “_anonymizeIp()” extension, which ensures IPs are processed in shortened form and excludes personal identification.

(5) We use Google Analytics to analyze and improve our website. In exceptional cases where data is transferred to the USA, Google is certified under the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. Legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR.

(6) Third-party info: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Terms: http://www.google.com/analytics/terms/de.html, Privacy: http://www.google.com/intl/de/analytics/learn/privacy.html and https://www.google.de/intl/de/policies/privacy.

(7) This website also uses Google Analytics for cross-device visitor analysis via a user ID. You can disable this in your account under “My Data,” “Personal Information.”

Processors
We use external service providers (processors) for tasks such as shipping goods, newsletters, or payment handling. A data processing agreement is in place with each provider to ensure data protection.

We work with the following providers:

Copecart
Address: Copecart GmbH, Ufnaustraße 10, 10553 Berlin, Germany
We link to Copecart as our distribution partner. Their privacy policy: https://www.copecart.com/datenschutz/

Google
Address: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
We use Google for email and cloud storage. Google is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Privacy policy: https://policies.google.com/privacy

Facebook
Address: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
We use Facebook plugins for content sharing. Facebook is certified under the EU-U.S. Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Privacy policy: https://de-de.facebook.com/policy.php

ActiveCampaign
Address: 1 North Dearborn St, 5th Floor, Chicago, IL 60602
Used for direct marketing with double-opt-in and one-click opt-out. Privacy policy: https://www.activecampaign.com/legal/terms-of-service

All-Inkl.com
Address: Hauptstraße 68, D-02742 Friedersdorf, Germany
Used for hosting and email services. Privacy info: https://all-inkl.com/datenschutzinformationen/