General
cworc is committed to transparent and secure data processing. As a company based in the European Union, we are committed to processing all personal data in accordance with EU data protection standards and laws. In the following data protection declaration we inform you which personal data we process for which purposes, what rights you have and who you can contact if you have any questions or concerns regarding the processing of your personal data. We only process personal data if we have your consent or are entitled to do so for other legitimate reasons, in particular if (a) the processing is necessary for the provision of the service and enables us to enter into a contract with you in connection with the provision of the service complete the service, (b) the processing is necessary for compliance with a legal obligation to which we are subject; (c) the processing is necessary to protect legitimate interests, to be implemented by us as the controller or by a third party, unless the interests or fundamental rights and freedoms of you as the data subject that require the protection of personal data prevail , especially when the data subject is a minor. We do not process any special categories of personal data, i. H. we do not process personal data revealing racial or ethnic origin, political opinions, religious or other private views, genetic or biometric data to uniquely identify a natural person, data about health or data about sex life or sexual orientation a natural person. If you are not at least 16 years old, please consult your parents or another adult with legal guardianship before using cworc or any of the related services. Definitions and Interpretations Where a capitalized definition of a term used in this Privacy Policy is not defined below, please refer to our Terms of Use or Terms and Conditions for the interpretation of the term. Provider or cworc refers to the company cworc GmbH based in Prinzessinnenstr. 8-14 in 10969 Berlin Kreuzberg. cworc defines itself as an AISP (Account Information Service Provider). Offer means any unspecified marketing activity that can be displayed to the user. App means a special program (application) used by the User, including the cworc App and third-party applications. App Store means an app store platform that allows users to browse and download apps including the cworc app, e.g. B. Apple Store, Google Play Store and more. Bank details is an automated algorithm of the provider used by the user and with the user's permission by the provider to access information from different bank accounts of the user in order to read data from that bank account and put them in one app and only for the user to display. The user can, for example, authorize the provider in the cworc app by enabling other people to see the contents of the bank account via the sharing function and add content such as comments. The cworc app only displays information from bank accounts. The cworc app is not designed and therefore not able to change, modify or send information in the user's bank account. Cookies are small amounts of data, often including an anonymous unique identifier, that are sent to your browser from a website's computers and stored on your computer's hard drive. Third party or third party means an organization with which the provider cooperates and which may provide certain parts of the service or operate an application used by the user. Sharing means granting certain users access to online content in the cworc app or on websites or applications associated with the provider. This is done via the "Release / invite users" function, where the user can invite and select other users of their choice in order to grant them access and roles in order to display, manage or administrate content in the cworc app. User or User means a person who reads or uses the Applications, Services, websites or content created or made available by the Provider. Personal data or personal information is generally any information about an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, a telephone number, location data, an online identifier or to one or more special features that are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Premium Features are additional services that provide additional value to certain users and are accessible during the trial period or via an in-app purchase. This set of features is not final as the provider may add or remove premium features at any time. Content means something intended to be expressed in the cworc App, Website or other media in the form of speech, writing, film, clip, video or any other form. The content can be created by the provider or a third party, as well as by the user himself. Law means the laws of the Federal Republic of Germany or directly applicable regulations of the European Union. Service means a set of features that allow Users to track and analyze their financial status, or on a case-by-case basis, another service offered by cworc. The services can be different for users of different platforms – Android, iOS and web and can also be divided into free features and premium features. The provider has the right to expand or limit the scope of the services at any time. You can find more information in our general terms and conditions. cworc app or Application means a program or application created by Provider to record User's income and expenses and other financial or non-financial records or content of User's choice. The cworc app is designed for devices running on iOS systems and is available as a mobile app. The purpose of the cworc app is to track the expenses and income of the user and their group. Through the cworc app, you can give the provider permission to request information about your payment account from a third party that manages your payment account. Web beacons are images (single-pixel gifs) embedded in a web page or email to measure and analyze website usage and activity. Website means a coherent group of pages that can be accessed at www.cworc.com on the World Wide Web and can be viewed as a unit with certain content maintained by the provider. What information do we process about you and how is it collected? We process personal data that you provide to us when you create an account, submit your mobile phone number or fill out forms during the registration process. In order to register with cworc, you must create your username by providing us with your mobile phone number, which enables us to identify you as a registered user of cworc. You also have to create a password that protects your data within the app. After signing up you can update your personal information and add your name, surname, date of birth and gender. This information helps us provide our services to you, including customer support and system alerts. Providing first name, last name, date of birth and gender is voluntary and you can use an alias as first and last name. If you would like to purchase a premium function of our app, third parties (e.g. payment service providers) collect information that is required to process the payment for our services. We do not process any information about your credit or debit card as the payment is processed via the relevant app store or service provider. We identify you in our system via your respective App Store ID, which is a digital code. We do not receive any information about your identity that you have communicated to the respective app store. If you use the cworc app and give us permission to do so, we can - See Contacts: helps us find accounts on the device and read your contacts to provide you with a better service with balance and sharing features - Read and modify photos/media/files: so you can read content such as images of receipts or receipts for your expenses – Read, change or delete content in your storage: You allow us to store your content on your device – Use camera: allows us to photograph your receipts and add your own audiovisual content – Show Wi-Fi connection: with this we can switch from offline to online mode to sync your content The above permissions are optional and you can change your settings at any time on your mobile device. When you use the cworc app to manage and track your finances, your transaction data is stored on our servers, including income, expenses, categories, amounts, currencies, denominations, account types, date, time and other details provided by the user. What we use your personal data for Your data can be used to provide services that you request in connection with the use of cworc or other services offered by cworc. We will send you notices or contact you with relevant information about our services or offerings. We use your data for system tests, maintenance and development or to process your request or complaint via our customer service channel. If you use an app provided by cworc, we may from time to time send you a push notification or an in-app message directly to your cworc app or an email with information. You can opt out of such communications in your cworc app settings or in your phone settings, or unsubscribe from this service by following the instructions at the bottom of each of these email communications. If you subscribe to our newsletter service, you authorize us to also send you commercial communications via email or push notification or in-app message directly in your application until you disable these communications in the cworc app or unsubscribe from it Unsubscribe from the email service by following the instructions at the bottom of each such email communication. We do not share this collected data with third parties unless it is anonymized or pseudonymised (e.g. by using your Apple ID code or Google ID code, which does not allow third parties to identify you) , or you ask us personally and explicitly to pass on the data and give us your express consent to such a transfer. Bank details, user-specific information This section applies whenever you, as a user, request that cworc provide you with an account information service (AIS) within the meaning of the relevant payment regulations, in particular, but not exclusively, the HBCI and/or Ebics and/or PSD2 and any law or regulation that applies, respectively apply in the area of responsibility of the provider and which come into force when using HBCI and/or Ebics and/or PSD2, regardless of which app you used to request the application to provide you with the AIS. Please note that other provisions of this Privacy Policy also apply, but only to the extent technically reasonable and possible. If you use cworc to activate the Account Information Services, you agree to be bound by our Terms of Service and any applicable license and/or terms of service of any third party as specified by them. All of your personal data that you provide in connection with your participation in the bank details function or that you access during your participation in the bank details function will only be processed in order to provide you or a third party authorized by you (e.g. an accountant or tax advisor) with the account information service to provide. Your account information and any other personal data accessed through the bank details feature is transmitted encrypted over secured protocols and temporarily stored on our servers. This information is temporarily stored in such a way that it cannot be read or processed by unauthorized third parties. The AIS is provided by the provider based on your consent. Your consent expires automatically after an average of 90 days. You will then be asked to give your consent again. You can withdraw this consent at any time through the following measures: – You can revoke the provision of cworc’s AIS at any time by blocking your bank account (either in the respective app you are using or in the settings of your respective bank account). – You can inform cworc via the e-mail address given below that you are revoking the AIS consent. – You can delete all user data in your profile settings in the respective app you use or delete your profile by sending your request to cworc to the email address given below or to the email address of your respective third-party provider send. Please note that the revocation or lapse of your AIS consent will not affect the actions of cworc in the period prior to the revocation or lapse. Data Retention Periods We keep your personal data for as long as you actively use your account in cworc. We have the authority to deactivate any account and to automatically delete any data you have entered into our system and not shared if you have not logged in to cworc for more than 24 months. We will delete all data not shared with third parties that you have made available to us while using cworc if you ask us to do so and provided that the deletion does not affect the rights of third parties. For technical reasons, your account will be deleted from our servers no later than 1 month after your deletion request. In the event of termination by the provider or the discontinuation of the service, your data will be permanently deleted. Consent If you have given us your consent to process your personal data, you can withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal, by withdrawing your consent in your phone settings or the application under Settings - section Personal Information & Privacy or by unsubscribing from email service by following the instructions at the bottom of each such email communication. Cookies What are cookies used for? Cookies help to identify users of the application and returning website visitors, they store the user's customized preferences, help the user to complete tasks without having to re-enter information when moving from one page to another or when he visited the site later. Cookies can also be used to track users' web browsing preferences in order to provide targeted online advertising and to serve ads relevant to something the user has searched for in the past. What type of cookies do we use? In order to offer you a better service, we use cookies when you visit our website www.cworc.com or use our cworc app. We use different types of cookies. We use the term "cookies" to refer to information that is sent to your browser and stored on your computer or device to store and track information about your preferences in order to deliver advertisements that are relevant to you. System cookies allow us to provide you with services that you have specifically requested and are essential in order to enable you to move around the website and the application and use its functions, such as B. Cookies used to identify the logged-in user. Without these cookies, some services you have requested cannot be provided. We also use cookies and third-party cookies to help us track your browsing history in order to provide you with relevant advertising. We only use these cookies if you give us your express consent. You can deactivate or refuse some or all cookies or delete the cookies that have already been set in the web browser you are using. The cookies we use can be divided into the following categories: session cookies, which are deleted when the browser is closed; they only exist in the temporary memory of your device while you navigate the website. Persistent cookies, which remain on the user's computer/device for a specified period of time; they stay on even when you've closed your browser and save your login and password so you don't have to re-enter them every time you visit the site. Third-party cookies are installed by third parties with the aim of collecting certain information in order to conduct various research on behavior, demographics, etc. Persistent and third-party cookies are automatically deleted if you are inactive and do not visit our website or use our application for more than 6 months. You can also delete these cookies if you change your settings. Web beacons are images (single-pixel gifs) embedded in a web page or email to measure and analyze website usage and activity. Web beacons or similar technologies help us to better manage the content of our Services by letting us know what content is effective, counting usage of the Services, analyzing how users navigate through the Services, counting how much we have sent emails were actually opened or how many specific articles or links were actually viewed. The provider does not link the information collected by web beacons to the personal data of cworc users. You can find more information about cookies at www.allaboutcookies.org, where you can also find other useful information about cookies and how to block cookies in different browsers. However, please note that blocking or deleting cookies used on the website or application may severely impact the availability and functionality of the website and the ability to provide services to you through our application. Security We follow strict security procedures when storing and sharing your personal information. In order to meet the highest technical standards, we host your data exclusively on servers on EU territory, taking into account the applicable technical and legal standards. We require all third party service providers to have appropriate technical standards in place to protect your personal information to the extent that we disclose your personal information to third party service providers who act as data processors for cworc as the personal data controller. Where do we store your data? We may process your personal data on third-party servers with whom we have entered into a data processing agreement in accordance with the standards of EU law to ensure the privacy and security of your data. We do not process personal data of EU users outside the EU, i.e. we do not transmit personal data for the purpose of processing them outside the EU. You can get information about which data processors we use and where we store personal data from our customer support at support@cworc.app. Physical Security The provider uses AWS servers operating on the territory of the EU. These data processors that we use to store your personal data have implemented the following data security measures: Biometric scanning for controlled data center access, Security camera surveillance at all data center locations, 24×7 on-site staff for added protection against unauthorized entry, Untagged facilities to remain unobtrusive, Physical security audited by an independent firm . Privacy We use different database systems. E.g. for storing user profiles, the next for their reference, which in turn accesses the database for individual user data. These databases are accessed via the secure SSL protocol. Communication All private data exchanged with the provider is always transmitted via SSL. We do not transfer your data outside of the EU. Contact You can contact the provider at the email address support@cworc.app or via the contact form on the website http://www.cworc.com. If you need information about the protection of personal data or want to assert your rights, please contact our data protection officer at dsgvo@cworc.com. Our data protection officer will respond to your inquiries within 24 hours during normal business hours. Right to access your data You have the right to request confirmation from us as to whether or not we are processing your personal data and, if so, to access the personal data and the following information: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; (d) where possible, the envisaged period for which the personal data will be stored or, if that is not possible, the criteria used to determine that period; (e) the existence of the right to request us to rectify or erase personal data concerning you, or to restrict the processing of it, or to object to such processing; f) the right to lodge a complaint with a supervisory authority; g) if the personal data were not collected from you, all available information about their origin; h) the existence of automated decision-making, including profiling, and - at least in these cases - meaningful information about the underlying logic and the significance and likely consequences of such processing for you. If your data has been transferred to a third country or to an international organization outside the European Union, you have the right to be informed of the appropriate safeguards related to the transfer. Upon request, we will provide you with a copy of your personal data that we process. For additional copies requested by you, we may charge a reasonable fee based on normal administrative costs. If you have submitted the application electronically, cworc will provide you with the information in a common electronic form, unless you request otherwise. The right to obtain a copy must not infringe on the rights and freedoms of others. Right to Rectification You have the right to demand that we correct any incorrect personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by providing a supplementary statement. Right to Erasure You have the right to request that we erase your personal data immediately if (a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) we process your personal data on the basis of your consent and you withdraw your consent and where there is no other legal basis for the processing; (c) you object to the automated individual decision-making and there are no overriding legitimate grounds for the processing, (d) the personal data have been unlawfully processed; (e) the personal data must be erased to comply with a legal obligation in the European Union or under the law to which the provider is subject; (f) the personal data were collected in relation to the offer of information society services addressed to a minor under 16 years of age. This does not apply if the processing is necessary: (a) to fulfill a legal obligation that requires processing under European Union law or the law to which the provider is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller; or (b) to establish, exercise or defend legal claims. Data Erasure Policy You have the right to request that data to which you hold sole rights be deleted from our primary production servers. You own this data. If you want this data removed from our system, you can request us to delete your account from our production servers. As a result, your data will be permanently and irrevocably removed from our production servers and further access to your account will no longer be possible. Also, any connection we have made to your account details will be permanently broken from this point forward. However, to ensure that we can continue to serve you in the event of a disruption or damage to our production servers, we keep backup copies of portions of your data derived from your account information on our production servers. Your aggregated data will be stored on these servers indefinitely. We reserve the right to use aggregated or anonymous data derived from or containing your personal data or affecting the rights of third parties. You are responsible for the accuracy of the information you provide to us, such as B. Your contact information that you provide during account registration. If your Personal Information changes, or if you no longer wish to use our Services, you may correct or delete inaccuracies or change information by making the change at any time through the Application. However, in some rare cases we cannot delete all of the information we hold about you. Right to restriction of processing You have the right to request that we restrict processing where one of the following applies: (a) the accuracy of the personal data is contested by you for a period of time enabling us to verify the accuracy of the personal data check; (b) the processing is unlawful and you oppose erasure of the personal data and instead request that its use be restricted; (c) we no longer need the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims. If processing has been restricted, this personal data, with the exception of storage, may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest in the European Union or a Member State are processed. You have the right to be informed by us before the restriction on processing is lifted. Right to portability of your data You have the right to receive the personal data concerning you that you have provided to us when registering in our system or when using our application in a structured, commonly used and machine-readable format, and you have the right to this data to be freely transmitted to another service provider where: (a) the processing is based on your consent or on a contract; and (b) the processing is carried out using automated procedures. We provide you with this data in the formats .csv, .xls or .pdf by e-mail, which we also use when using our system. You can request that we transmit the data directly to the other service provider, provided this is technically possible. Exercising the right to data portability does not mean that you have to stop using our services or that you have to withdraw your consent to our further processing of your personal data. This will not affect the services we provided to you prior to this request. We may refuse your request for data portability if it affects the rights and freedoms of others. Complaints If you discover or believe that your personal data is being processed in violation of your privacy or the law, in particular if personal data is inaccurate with regard to the purpose of the processing, you can request an explanation at support@cworc.app and request that the state is changed. In particular, this may involve blocking, correcting, supplementing or deleting personal data. We will grant the request if we determine that the objection is justified. If you have suffered damage other than financial damage as a result of the processing of personal data, you have the right to appeal under German law. According to the law, in the event of a request for blocking, correction, supplementation or deletion of personal data, we will inform other recipients if this is possible and does not require a disproportionate effort. If you have concerns about the processing of your data and you have not received satisfactory information from us, you can lodge a complaint with the relevant data protection authority. Other The relationship between cworc and you with regard to your data protection is governed by the laws of the Federal Republic of Germany and the directly applicable regulations of the European Union. We may need to change the information contained in this Privacy Policy from time to time. We encourage you to periodically review our privacy policy for the latest version. We will notify you of material changes in the way we treat personal information by email or by a notice on our website.
If you are not at least 16 years old, please contact your parents or another adult who has parental authority before using cworc or any of its associated services.
Definitions and interpretations
If a definition of a capitalized term used in this Privacy Policy is not defined below, you can find the interpretation of the term in our Terms of Use or in the General Terms and Conditions.
Provider or cworc refers to the company cworc GmbH, located at Prinzessinnenstr. 8-14 in 10969 Berlin Kreuzberg. cworc defines itself as an AISP (Account Information Service Provider).
Offer means any unspecified marketing activity that can be displayed to the user.
App means a specific program (application) used by the user, including the cworc app and third-party applications.
App Store refers to an app store platform that allows users to search and download apps including the cworc app, e.g. Apple Store, Google Play Store and others.
Bank details is an automated algorithm of the provider, which is used by the user and with the permission of the user by the provider to access information from different bank accounts of the user, to read data from this bank account and to display it in an app and only for the user. The user can authorize the provider, for example, in the cworc app by enabling it, to allow other people to see the content of the bank account via the sharing function and to add content such as comments. The cworc app only displays information from bank accounts. The cworc app is not designed and therefore not able to change, modify or send information in the user's bank account.
Cookies are small amounts of data, often containing an anonymous unique identifier, that are sent from a website's computers to your browser and stored on your computer's hard drive.
Third or Third Party means an organization with which the Provider cooperates and which may provide certain parts of the Service or operate an Application used by the User.
Release means granting certain users access to online content in the cworc App or on websites or apps connected to the provider. This is done via the "Share / Invite User" function, where the user can invite and select additional users of their choice to grant them access and roles to view, manage or administer content in the cworc App.
User or user means a person who reads or uses the Applications, Services, Websites or Content created or provided by the Provider.
Personal data or personal information generally means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, a telephone number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Premium features are additional services that provide additional benefits to certain users and are accessible during the trial period or via an in-app purchase. This set of features is not final, as the provider can add or remove premium features at any time.
Content means something that is to be expressed in the cworc app, on the website or in other media in the form of speech, writing, film, clip, video or any other form. The content can be created by the provider or a third party, as well as by the user himself.
Law means the laws of the Federal Republic of Germany or directly applicable regulations of the European Union.
Service means a set of functions that allow users to track and analyze their financial status or, on a case-by-case basis, another service offered by cworc. The Services may be different for Users of different platforms - Android, iOS and Web - and may also be divided into Free Features and Premium Features. The Provider has the right to expand or limit the scope of the Services at any time. You can find more information in our Terms and Conditions.
cworc app or application means a program or application created by the Provider to record the Users' income and expenses and other financial or non-financial records or content of the User's choice. The cworc App is designed for devices running on iOS systems and is available as a mobile app. The purpose of the cworc app is to track the expenses and income of the user and their group. Through the cworc App, you can give the Provider permission to request information about your Payment Account from a third party that maintains your Payment Account.
Web Beacons are images (single-pixel gifs) embedded in a web page or email to measure and analyze website usage and activity.
Website refers to a coherent group of pages that can be accessed at www.cworc.com on the World Wide Web and can be considered as a single entity with certain content maintained by the provider.
What information do we process about you and how is it collected?
We process personal data that you provide to us when you create an account, submit your mobile phone number, or fill out forms during the registration process. To register with cworc, you must create your username by providing us with your mobile phone number, which allows us to identify you as a registered user of cworc. You will also need to create a password that will protect your data within the app. After registration, you can update your personal information and add your name, last name, date of birth and gender. This information helps us provide you with our services, including customer support and system alerts. Entering your first name, last name, date of birth and gender is optional and you can use an alias as your first and last name.
If you wish to purchase a premium feature of our app, third parties (e.g., payment service providers) collect information necessary to process payment for our services. We do not process any information about your credit or debit card, as the payment is processed by the respective App Store or service provider. We identify you in our system via your respective App Store ID, which is a digital code. We do not receive any information about your identity that you have provided to the respective App Store.
If you use the cworc app and give us permission to do so, we can
- See contacts: helps us find accounts on the device and read your contacts to better serve you with balance and sharing features
- Read and modify photos/media/files: so you can read content like images of receipts or receipts for your expenses
- Read, modify or delete content in your memory: you allow us to store your content on your device
- Use camera: allows us to photograph your receipts and add your own audiovisual content
- Show Wi-Fi connection: with it we can switch from offline to online mode to synchronize your content
The above permissions are optional and you can change your settings at any time on your mobile device.
When you use the cworc app to manage and track your finances, your transaction data is stored on our servers, including income, expenses, categories, amounts, currencies, denominations, account types, date, time, and other details provided by the user.
What we use your personal data for
Your information may be used to provide services that you request in connection with your use of cworc or other services offered by cworc. We may send you communications or contact you with relevant information about our services or offers. We use your information for system testing, maintenance and development, or to process your request or complaint through our customer service channel.
If you use an App provided by cworc, we may from time to time send you a push notification or in-app message directly to your cworc App or an email with information. You can disable such notifications in the settings of your cworc App or in the settings of your phone, or opt out of this service by following the instructions at the bottom of each such email notification.
If you subscribe to our newsletter service, you authorize us to also send you commercial communications via email or push notification or in-app message directly to your app until you opt-out of these communications in the cworc app or unsubscribe from this email service by following the instructions at the bottom of each such email communication.
We do not share this collected data with third parties unless it is anonymized or pseudonymized (e.g., by using your Apple ID code or Google ID code, which does not allow third parties to identify you), or you personally and explicitly ask us to share the data and give us explicit consent to do so.
Bank details, user-specific information
This section applies whenever you, as a user, request that cworc provide you with an account information service (AIS) as defined by the applicable payment regulations, including but not limited to HBCI and/or Ebics and/or PSD2 and any laws or regulations that may apply in each case within the provider's jurisdiction and that are in effect when you use HBCI and/or Ebics and/or PSD2 in each case, regardless of the app through which you have requested the application to provide you with the AIS. Please note that other provisions of this Privacy Policy also apply, but only to the extent technically reasonable and possible.
If you use cworc to have the account information services activated, you agree to be bound by our Terms of Service and by the applicable license and/or service terms of any third party in accordance with their terms. All of your personal information that you provide in connection with your participation in the Bank Connect feature or that you access during your participation in the Bank Connect feature will only be processed to provide you or third parties authorized by you (e.g., an accountant or tax advisor) with the Account Information Service. Your account information and any other personal information accessed through the bank connection feature is transmitted in encrypted form via secure protocols and temporarily stored on our servers. This information is temporarily cached in such a way that it cannot be read or processed by unauthorized third parties.
The AIS is provided by the provider based on your consent. Your consent expires automatically after an average of 90 days. After that, you will be asked to give your consent again.
You may revoke this consent at any time by doing the following:
- You can revoke the provision of AIS by cworc at any time by blocking your bank account (either in the respective app you are using or in the settings of your respective bank account).
- You may notify cworc via the email address provided below that you are revoking AIS consent.
- You may delete all User Data in your profile settings in the applicable App you are using or delete your profile by sending your request to cworc at the email address provided below or to the email address of your applicable Third Party Provider. Please note that the revocation or expiration of your AIS consent will not affect cworc's actions for the period prior to such revocation or expiration.
Data retention periods
We keep your personal data as long as you actively use your account in cworc. We have the authority to deactivate any account and automatically delete any unshared data you have entered into our system if you have not logged into cworc for more than 24 months. We will delete all non-shared data that you have provided to us while using cworc if you request us to do so and provided that the deletion does not affect any third party rights. For technical reasons, your account will be deleted from our servers within 1 month after your deletion request at the latest. In case of termination by the provider or discontinuation of the service, your data will be permanently deleted.
Consent
If you have given us your consent to process your personal data, you may withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent prior to the withdrawal, by revoking your consent in the settings of your phone or application under Settings - Personal Data & Privacy section or by unsubscribing from the email service by following the instructions at the bottom of each of these email communications.
Cookies
What are cookies used for? Cookies help identify users of the application and returning website visitors, they store the user's custom preferences, help the user complete tasks without having to re-enter information when moving from one page to another or when visiting the website later. Cookies can also be used to track users' preferences when they browse the Internet, to serve targeted online advertisements, and to play ads that are relevant to something the user has searched for in the past.
What kind of cookies do we use?
To provide you with a better service, we use cookies when you visit our website www.cworc.com or use our cworc app. We use different types of cookies. We use the term "cookies" to mean information that is sent to your browser and stored on your computer or device to store and track information about your preferences in order to deliver relevant advertising to you. System cookies enable us to provide you with services that you have specifically requested and are essential for you to navigate the Site and Application and use their features, such as cookies used to identify the logged-in user. Without these cookies, some services you have requested cannot be provided. We also use cookies and third-party cookies that help us track your browsing history to provide you with relevant advertising. We only use these cookies if you give us your explicit consent. You can disable or refuse some or all cookies, or delete the cookies already set in the web browser you are using. The cookies we use can be divided into the following categories:
Session cookieswhich are deleted when you close the browser; they exist only in the temporary memory of your device while you navigate the website.
Persistent cookieswhich remain on the user's computer/device for a certain period of time; they remain in operation even if you have closed the browser and store your login details and password so that you do not have to re-enter them every time you visit the website.
Third party cookies are installed by third parties with the aim of collecting certain information in order to conduct various research on behavior, demographics, etc.
Persistent and third-party cookies are automatically deleted if you are inactive and do not visit our website or use our application for more than 6 months. You can also delete these cookies when you change your settings.
Web beacons are images (single-pixel gifs) that are embedded in a web page or email to measure and analyze website usage and activity. Web beacons or similar technologies help us better manage the content of our Services by informing us which content is effective, counting the usage of the Services, analyzing how users navigate through the Services, counting how many emails we send have actually been opened or how many specific articles or links have actually been viewed. The provider does not link the information collected by web beacons with the personal data of cworc's users.
You can find more information about cookies at www.allaboutcookies.org, where you can also find more useful information about cookies and blocking cookies in different browsers. Please note, however, that blocking or deleting cookies used on the Website or in the Application may severely affect the availability and functionality of the Website and the provision of services to you through our Application.
Security
We follow strict security procedures when storing and sharing your personal data. To meet the highest technical standards, we host your data exclusively on servers located on the territory of the EU, in compliance with the applicable technical and legal standards. We require all third party service providers to have appropriate technical standards to protect your personal information if we share your personal information with third party service providers who act as data processors for cworc as the controller of the personal information.
Where do we store your data?
We may process your personal data on third-party servers with which we have entered into a data processing agreement in accordance with the standards of EU laws to ensure the protection and security of your data. We do not process personal data of EU users outside the EU, i.e. we do not transfer personal data outside the EU for the purpose of processing it. For information about which data processors we use and where we store personal data, please contact our customer support at support@cworc.app.
Physical security
The Provider uses AWS servers that are operated on the territory of the EU. These data processors that we use to store your personal data have implemented the following data security measures:
Biometric scanning for controlled access to the data center, monitoring by security cameras at all data center locations, 24×7 on-site staff for added protection against unauthorized access, unmarked facilities to remain inconspicuous, verification of physical security by an independent firm.
Privacy
We use different database systems. E.g. for storing user profiles, the next one for their reference, which in turn accesses the database for individual user data. Access to these databases is done through the secure SSL protocol.
Communication
All private data exchanged with the provider is always transferred via SSL. We do not transfer your data outside the EU.
Contact
You can contact the provider at the e-mail address support@cworc.app or via the contact form on the website http://www.cworc.com. If you require information about the protection of personal data or wish to exercise your rights, please contact our data protection officer at dsgvo@cworc.app. Our data protection officer will respond to your inquiries within 24 hours during normal business hours.
Right of access to your data
You have the right to request confirmation from us as to whether or not we are processing your personal data and, if so, to obtain access to the personal data and the following information: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; (d) where possible, the envisaged period for which the personal data will be stored or, if this is not possible, the criteria for determining this period; (e) the existence of the right to obtain from us the rectification or erasure of personal data concerning you or the restriction of its processing, or to object to such processing; (f) the right to lodge a complaint with a supervisory authority; (g) if the personal data have not been collected from you, any available information about their origin; (h) the existence of automated decision-making, including profiling, and, at least in such cases, meaningful information about the underlying logic and the significance and likely consequences of such processing for you. If your data has been transferred to a third country or to an international organization outside the European Union, you have the right to be informed about the appropriate safeguards in connection with the transfer. Upon request, we will provide you with a copy of your personal data that we process. For additional copies requested by you, we may charge a reasonable fee based on standard administrative costs. If you have made the request electronically, cworc will provide you with the information in a commonly used electronic form unless you request otherwise. The right to receive a copy must not interfere with the rights and freedoms of others.
Right to rectification
You have the right to request that we correct any inaccurate personal data relating to you without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, also by submitting a supplementary declaration.
Right to deletion
You have the right to request that we delete your personal data without undue delay if (a) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; (b) we process your personal data on the basis of your consent and you revoke your consent, and if there is no other legal basis for the processing; (c) you object to automated decision-making on a case-by-case basis and there are no overriding legitimate grounds for the processing; (d) the personal data has been processed unlawfully; (e) the personal data must be erased for compliance with a legal obligation in the European Union or under the law to which the provider is subject; (f) the personal data has been collected in relation to the provision of information society services aimed at a minor under the age of 16. This shall not apply to the extent that processing is necessary: (a) for compliance with a legal obligation requiring processing under European Union law or the law to which the provider is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or (b) for the establishment, exercise or defense of legal claims.
Data Deletion Policy
You have the right to request that data to which you hold the exclusive rights be deleted from our primary production servers. You are the owner of this data. If you want this data removed from our system, you can ask us to delete your account from our production servers. This will result in your data being permanently and irrevocably removed from our production servers and no further access to your account will be possible. In addition, any connection we have made to your account data will be permanently broken from that point forward. However, to ensure that we can continue to serve you in the event of a disruption or damage to our production servers, we retain backup copies of portions of your data derived from your account information on our production servers. Your aggregated data will be stored on these servers indefinitely. We reserve the right to use aggregated or anonymous data that is derived from or includes your personal information or that affects the rights of third parties. You are responsible for the accuracy of the information you provide to us, such as your contact information provided as part of the account registration process. If your personal information changes or if you no longer wish to use our services, you may correct or delete inaccuracies or change information by making the change at any time through the Application. However, in some rare cases, we may not be able to delete all of the information we have stored about you.
Right to restriction of processing
You have the right to request that we restrict processing if one of the following cases applies: (a) the accuracy of the personal data is contested by you for a period of time which allows us to verify the accuracy of the personal data; (b) the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of its use; (c) we no longer need the personal data for the purposes of processing, but they are required by you for the assertion, exercise or defense of legal claims. If the processing has been restricted, this personal data, with the exception of storage, may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State. You have the right to be informed by us before the restriction of processing is lifted.
Right to transfer your data
You have the right to receive the personal data concerning you that you provided to us when registering in our system or using our application in a structured, commonly used and machine-readable format, and you have the right to have this data freely transferred to another service provider if: (a) the processing is based on your consent or on a contract; and (b) the processing is carried out using automated procedures. We will provide this data to you by email in .csv, .xls or .pdf formats, which we also use when using our system. You may request that we transfer the data directly to the other service provider, if this is technically possible. Exercising the right to data portability does not mean that you must stop using our services or that you must withdraw your consent for us to continue processing your personal data. This will not affect the services we provided to you prior to this request. We may refuse your request for data portability if it would affect the rights and freedoms of others.
Complaints
If you notice or believe that your personal data is being processed in violation of your privacy or the law, in particular if personal data is inaccurate with regard to the purpose of the processing, you can request an explanation at support@cworc.app and demand that the situation be changed. In particular, this may involve the blocking, rectification, integration or deletion of personal data. We will grant the request if we determine that the objection is justified. If you have suffered damage other than pecuniary loss as a result of the processing of personal data, you are entitled to legal remedies under German law. By law, we will inform other recipients in the event of a request to block, correct, amend or delete personal data, provided this is possible and does not require a disproportionate effort. If you have concerns about the processing of your data and you have not received satisfactory information from us, you may lodge a complaint with the competent data protection authority.
Other
The relationship between cworc and you with respect to your privacy is governed by the laws of the Federal Republic of Germany and the directly applicable regulations of the European Union. We may need to change the information contained in this Privacy Policy from time to time. We encourage you to periodically review our Privacy Policy for the most current version. We will notify you of material changes in the way we treat personal information by email or by posting a notice on our website.