Imprint
Moonbase GmbH
Rosenthaler Street 72A
10119 Berlin
Commercial Register: HRB 200441 B
Register Court: District Court Charlottenburg
Represented by:
Luca Dierks and Elias Vides
Contact:
Email: hello@moonbase.social
VAT ID:
VAT Identification Number according to § 27 a German VAT Act:
DE321063352
Editorially Responsible:
Luca Dierks
Rosenthaler Str. 72A,
10119 Berlin, Germany
Consumer Dispute Resolution/Universal Arbitration Board:
We are not willing or obligated to participate in dispute resolution proceedings before a consumer arbitration board.
Central Contact Point under the Digital Services Act – DSA (Regulation (EU) 2022/265):
Our central contact point for users and authorities pursuant to Articles 11, 12 DSA can be reached as follows:
Email: hello@moonbase.social
I. General Information
1. Contact us
If you have any questions or suggestions regarding this information or would like to contact us to assert your rights, please send your request to
Moonbase GmbH
Rosenthaler Street 72A
10119 Berlin
E-Mail hello@moonbase.social
2. Legal basis
The data protection term “personal data” refers to all information relating to an identified or identifiable person. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. Data processing by us only takes place on the basis of legal permission. We only process personal data with your consent (Section 25 (1) TTDSG or Art. 6 (1) (a) GDPR), to fulfill a contract to which you are a party or at your request to carry out pre-contractual measures (Art. 6 (1) (b) GDPR), to fulfill a legal obligation (Art. 6 (1) (c) GDPR) or if processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Art. 6 (1) (f) GDPR).
If you apply for an open position in our company, we will also process your personal data to decide on the establishment of an employment relationship (Section 26 (1) sentence 1 BDSG or Art. 6 (1) (b) GDPR).
3. Duration of storage
Unless otherwise stated in the following information, we only store the data for as long as is necessary to achieve the purpose of processing or to fulfill our contractual or legal obligations. Such statutory retention obligations may arise in particular from commercial or tax law regulations. From the end of the calendar year in which the data was collected, we will store such personal data contained in our accounting data for ten years and store personal data contained in commercial letters and contracts for six years. In addition, we will retain data in connection with consents requiring proof and with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to processing for this purpose.
4. Categories of recipients of the data
We use processors in the context of processing your data. The processing operations carried out by such processors include, for example, hosting, e-mail dispatch, maintenance and support of IT systems, accounting and billing as well as marketing measures. A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Processors do not use the data for their own purposes but carry out data processing exclusively for the controller and are contractually obliged to guarantee suitable technical and organizational measures for data protection. We may also transfer your personal data to bodies such as postal and delivery services, your bank, tax consultants/auditors or the tax authorities. Further recipients may result from the following information.
5. Data transfer to third countries
Our data processing may involve the transfer of certain personal data to third countries, i.e. countries in which the GDPR is not applicable law. Such a transfer is permitted if the European Commission has determined that an adequate level of data protection is required in such a third country. If there is no such adequacy decision by the European Commission, personal data will only be transferred to a third country if there are suitable guarantees in accordance with Art. 46 GDPR or if one of the requirements of Art. 49 GDPR is met.
Unless there is an adequacy decision and unless otherwise stated below, we use the EU Standard Contractual Clauses as appropriate safeguards for the transfer of personal data to third countries. You have the option of obtaining or viewing a copy of these EU Standard Contractual Clauses. Please contact us at the address given under Contact.
If you consent to the transfer of personal data to third countries, the transfer takes place on the legal basis of Art. 49 (1) (a) GDPR.
6. Processing in the exercise of your rights
If you exercise your rights in accordance with Art. 15 to 22 GDPR, we process the personal data transmitted for the purpose of implementing these rights by us and to be able to provide proof of this. We will only process data stored for the purpose of providing and preparing information for this purpose and for the purposes of data protection monitoring and will otherwise restrict processing in accordance with Art. 18 GDPR.
This processing is based on the legal basis of Art. 6 (1) (c) GDPR in conjunction with. Art. 15 to 22 GDPR and § 34 (2) BDSG.
7. Your rights
As a data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:
In accordance with Art. 15 GDPR and Section 34 BDSG, you have the right to request information as to whether or not we process personal data relating to you and, if so, to what extent.
You have the right to demand that we rectify your data in accordance with Art. 16 GDPR.
You have the right to demand that we erase your personal data in accordance with Art. 17 GDPR and Section 35 BDSG.
You have the right to restrict the processing of your personal data in accordance with Art. 18 GDPR.
In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
If you have given us separate consent to process your data, you can withdraw this consent at any time in accordance with Art. 7 (3) GDPR. Such a revocation does not affect the legality of the processing that was carried out on the basis of the consent until the revocation.
If you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
8. Right of objection
As a data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:
In accordance with Art. 15 GDPR and Section 34 BDSG, you have the right to request information as to whether or not we process personal data relating to you and, if so, to what extent.
You have the right to demand that we rectify your data in accordance with Art. 16 GDPR.
You have the right to demand that we erase your personal data in accordance with Art. 17 GDPR and Section 35 BDSG.
You have the right to restrict the processing of your personal data in accordance with Art. 18 GDPR.
In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
If you have given us separate consent to process your data, you can withdraw this consent at any time in accordance with Art. 7 (3) GDPR. Such a revocation does not affect the legality of the processing that was carried out on the basis of the consent until the revocation.
If you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
9. Data Protection Officer
You can reach our data protection officer using the following contact details:
E-mail: datenschutzbeauftragter@moonbase.social
Herting Oberbeck Datenschutz GmbH
Hallerstr. 76, 20146 Hamburg
II. Data processing on our website
When you use the website, we collect information that you provide yourself. In addition, certain information about your use of the website is automatically collected by us during your visit to the website. Under data protection law, the IP address is also considered personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send and receive data.
1. Processing of server log files
When using our website for purely informational purposes, general information that your browser transmits to the web server is initially stored automatically (i.e. not via registration). By default, this includes browser type/version, operating system used, page accessed, the previously visited page (referrer URL), IP address, date and time of the server request and HTTP status code.
The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 (1) (f) GDPR. This processing serves the technical administration and security of the website. We are not in a position to identify you as a data subject on the basis of the information stored. Art. 15 to 22 GDPR therefore do not apply in accordance with Art. 11 (2) GDPR.
2. Contact options and inquiries
Our website contains contact forms that you can use to send us messages. The transfer of your data is encrypted (recognizable by the “https” in the address line of the browser). All data fields marked as mandatory are required to process your request. If you do not provide this data, we will not be able to process your request. The provision of further data is voluntary. Alternatively, you can also send us a message via the contact e-mail. We process the data for the purpose of answering your request.
We process the data provided based on our legitimate interest in contacting inquiring persons and carrying out pre-contractual measures. The legal basis for data processing is Art. 6 (1) (f) GDPR.
3. Applications
You have the opportunity to apply for a job via our website in the Jobs section. For this purpose, we collect personal data from you, including in particular your name, CV, letter of application and other content provided by you. For the selection of our applications, we use the service provider Workable, Workable Software Limited (United Kingdom), which works for us solely in accordance with the legal requirements for processing on behalf and is bound by our instructions.
Your personal application data will only be processed for purposes related to your interest in current or future employment with us and the processing of your application. Your application will only be processed and acknowledged by the relevant contact persons at our company.
All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you employment, we will retain the data you have provided for up to six months after completion of the application process for the purpose of answering questions in connection with your application and rejection. This does not apply if statutory provisions prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly consented to longer storage.
The legal basis for data collection is Section 26 (1) sentence 1 BDSG in conjunction with Art. 6 (1) (b) GDPR.
If we retain your applicant data for a period of six months and you have expressly consented to this, we would like to point out that this consent can be freely withdrawn at any time in accordance with Art. 7 (3) GDPR. Such a withdrawal does not affect the legality of the processing that took place until the withdrawal on the basis of the consent.
4. Newsletter
On our website, we offer you the opportunity to subscribe to our newsletter. Once you have registered, we will inform you regularly about the latest news on our offers. A valid e-mail address is required to register for the newsletter. To verify your e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). If you subscribe to the newsletter on our website, we process personal data such as your e-mail address and your name based on the consent you have given. The processing is based on the legal basis of Art. 6 (1) (a) GDPR. You can withdraw your consent at any time with effect for the future, for example via the ” Unsubscribe” link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing operations that have already taken place remains unaffected by the withdrawal.
When registering for the newsletter, we also store the IP address and the date and time of registration. The processing of this data is necessary to be able to prove that consent has been given. The legal basis arises from our legal obligation to document your consent (Art. 6 (1) (c) in conjunction with Art. 7 (1) GDPR).
We also analyze the reading behavior and opening rates of our newsletter. For this purpose, we collect and process pseudonymized usage data that we do not merge with your e-mail address or your IP address. The legal basis for the analysis of our newsletter is Art. 6 (1) (f) GDPR and the processing serves our legitimate interest in optimizing our newsletter. You can object to this at any time by contacting one of the contact channels listed above.
5. Cookies
We use cookies and similar technologies (“cookies”) on our website. Cookies are small data records that are stored by your browser when you visit a website. This identifies the browser used and can be recognized by web servers. You have full control over the use of cookies through your browser. You can delete cookies at any time in the security settings of your browser. You can object to the use of cookies through your browser settings in principle or for certain cases.
The use of cookies is in part technically necessary for the operation of our website and is therefore permitted without the user’s consent. We may also use cookies to offer special functions and content and for analysis and marketing purposes. These may also include cookies from third-party providers (so-called third-party cookies). We only use such technically unnecessary cookies with your consent in accordance with Section 25 (1) TTDSG and, if applicable, Art. 6 (1) (a) GDPR. Information on the purposes, providers, technologies used, stored data and the storage duration of individual cookies can be found in the cookie settings of our consent management tool.
6. Consent Management Tool
This website uses the Consent Management Tool CookieHub of CookieHub ehf. to control cookies and the processing of personal data.
The consent banner enables users of our website to give their consent to certain data processing operations or to withdraw their consent. By confirming the “Allow all cookies” button or by saving individual cookie settings, you consent to the use of the associated cookies. The legal basis under data protection law is your consent within the meaning of Art. 6 (1) (a) GDPR.
The banner also helps us to provide evidence of the declaration of consent. For this purpose, we process information about the declaration of consent and other log data relating to this declaration. Cookies are also used to collect this data. The processing of this data is necessary to be able to prove that consent has been given. The legal basis arises from our legal obligation to document your consent (Art. 6 (1) (c) in conjunction with Art. 7 (1) GDPR).
You can withdraw your consent for cookies here: (…)
7. Analysis of our website
WordPress Stats
We use the statistics function of our web hosting provider WordPress to analyze the use of our website. The provider of this function is Aut O’Mattic A8C Ireland Ltd (Ireland, EU).
WordPress Stats provides us with various statistics about the use of our website, e.g. the number of website visitors and their origin. These statistics allow us to improve our website and tailor it to the needs of our visitors.
When using the service, WordPress collects, among other things, your IP address, visitor URL, referrer URL, as well as the timestamp of an event, your browser language and the country code. WordPress stores this information for 28 days. As the operator of the website, we do not have access to this personal data, but only receive aggregated usage statistics from WordPress.
Your data is processed on the basis of Art. 6 (1) (f) GDPR and is based on our legitimate interest in the optimization and economic operation of our website.
You can find more information about the WordPress stats here: https://wordpress.com/de/support/stats/. General information on data protection can be found here: https://automattic.com/de/privacy/.
8. Tracking & Retargeting
a) Google Analytics
We use the Google Analytics service of the provider Google Ireland Limited (Ireland, EU) on our website.
Google Analytics is a web analytics service that allows us to collect and analyze data about user behavior on our website. Google Analytics enables us to measure interaction data from different devices and from different sessions. This allows us to put individual user actions into context and analyze long-term relationships.
Google Analytics uses cookies for this purpose, which enable us to analyze the use of our website. In addition, personal data in the form of IP addresses, device identifiers and information about interaction with our website is processed. Some of this data is information that is stored on the device you are using. In addition, further information is stored on your device via the cookies used.
Google Ireland will process the data collected in this way on our behalf to evaluate the use of our website by users, to compile reports on the activities within our website and to provide us with further services associated with the use of our website and the use of the Internet. Pseudonymous user profiles can be created from the processed data.
The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for data processing in connection with the Google Analytics service is therefore Article 6(1)(a) GDPR. You can withdraw this consent at any time via our Consent Management Tool with effect for the future.
We only use Google Analytics with activated IP anonymization. This means that the IP address of users is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user’s browser is not merged with other data. The IP address is truncated on servers in the EU.
The data on user actions is stored for a period of 2 months and then automatically deleted. Data whose storage period has expired is automatically deleted once a month.
We also use the Google Analytics advertising functions (remarketing). This function enables us, in conjunction with Google’s cross-device functions, to display advertisements in a more targeted manner and to present website visitors with advertisements that are in line with their interests. Remarketing is used to show website visitors ads and products for which interest has been identified on other websites in the Google network. We can use the function to link advertising target groups created via Google Analytics Remarketing with the cross-device functions of Google Ads. In this way, interest-based, personalized advertising messages that have been adapted to a user depending on previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of the user’s devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you sign in with your Google account. The aggregation of the data collected in your Google Account is based solely on your consent, which you can give or withdraw from Google. For these linked services, data is then collected for advertising purposes via Google Analytics. To support the remarketing function, Google Analytics collects the Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data. This is used to define and create target groups for cross-device advertising.
Further information on how Google uses data from websites or apps for advertising purposes can be found in Google’s information at: www.google.com/policies/technologies/ads/.
b) Google Ads
We use the online advertising program Google Ads from Google Ireland Limited (Ireland, EU) on our website, through which we place advertisements on the Google search engine. If you reach our website via a Google ad, Google places a cookie on your end device (“conversion cookie”). A different conversion cookie is assigned to each Google Ads customer so that the cookies are not tracked across the websites of different Ads customers. The information collected with the help of the cookie is used to create conversion statistics. This tells us the total number of users who have clicked on one of our Google ads. However, we do not receive any information that can be used to personally identify users.
Your data is processed based on your consent in accordance with Art. 6 (1) (a) GDPR.
Cookies are set with your consent, which you can withdraw at any time with effect for the future via the Consent Management Tool. When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section “Data transfer to third countries”. Further information on data protection at Google can be found in Google’s privacy policy at https://policies.google.com/privacy#infocollect.
c) Meta pixel
We use the Meta pixel on our website, a Meta business tool from Meta Platforms Ireland Limited (Ireland, EU). Information on the contact details of Meta Platforms Ireland Ltd (“Meta”) and the contact details of Meta’s data protection officer can be found in Meta’s data policy at https://www.facebook.com/about/privacy.
The meta pixel is a JavaScript code snippet that enables us to track the activities of visitors to our website. The meta pixel collects and processes the following information (so-called event data) for this purpose:
Information on the actions and activities of visitors to our website, such as searching for and viewing a product or purchasing a product;
Specific pixel information such as the pixel ID and the Facebook cookie;
Information on buttons clicked by visitors to the website;
Information present in HTTP headers, such as IP addresses, information about the web browser, the location of the page and the referrer;
Information on the status of the deactivation/restriction of ad tracking.
Some of this event data is information that is stored on the device you are using. In addition, cookies are also used via the meta pixel to store information on the device you are using. Such storage of information by the meta pixel or access to information that is already stored on your device only takes place with your consent in accordance with Section 25 (1) TTDSG.
The event data collected via the meta pixel is used to target our advertisements and to improve ad delivery on meta products such as the social media platforms Facebook and Instagram, to personalize functions and content and to improve and secure the Meta products. For this purpose, the event data collected on our website using the meta pixel is transmitted to Meta. This collection and transmission of event data is carried out by us and Meta as joint controllers. We have entered into an agreement with Meta on processing as joint controllers, which sets out the distribution of data protection obligations between us and Meta. In this agreement, we and Meta have agreed, among other things
that we are responsible for providing you with all information in accordance with Art. 13, 14 GDPR on the joint processing of personal data;
that Meta is responsible for enabling the rights of data subjects under Art. 15 to 20 GDPR with regard to personal data stored by Meta after joint processing.
You can access the agreement concluded between us and Meta at https://www.facebook.com/legal/controller_addendum.
Meta is the sole controller of the processing of the submitted Event Data following the submission. For more information on how Meta processes personal data, including the legal basis on which Meta relies and how to exercise your rights against Meta, please refer to Meta’s Data Policy at https://www.facebook.com/about/privacy.
We have also commissioned Meta to prepare reports on the impact of our advertising campaigns and other online content (campaign reports) and to create analyses and insights about users and their use of our website, products and services (analyses) on the basis of the event data collected via the Meta pixel. We transmit personal data contained in the event data to Meta for this purpose. Meta processes this data as our processor to provide us with the campaign reports and analytics.
The collection and transfer of personal data by us to Meta and the commissioned processing of personal data by Meta for the creation of analyses and campaign reports only takes place if you have given your prior consent. The legal basis for the processing of personal data is therefore Article 6 (1) (a) GDPR.
The data processed on our behalf is transmitted by Meta Platforms Ireland Ltd. to Meta Platforms, Inc. in the USA. Meta Platforms Ireland Ltd. transfers the data on the basis of suitable guarantees in accordance with Art. 44 et seq. GDPR (in particular Standard Contractual Clauses).
d) LinkedIn Insight Tag
We use the LinkedIn Insight tag on our website, a marketing product of LinkedIn Ireland Unlimited Company (Ireland, EU). For information on LinkedIn Ireland’s contact details and the contact details of LinkedIn Ireland’s data protection officer, please refer to LinkedIn’s data policy at https://www.linkedin.com/legal/privacy-policy.
The LinkedIn Insight tag is a JavaScript code snippet that is triggered by LinkedIn when you visit our website and stores a cookie on the device you are using. Such storage of information by the LinkedIn Insight tag or access to information that is already stored on your device and any further processing of personal data in connection with the LinkedIn Insight tag will only take place with your consent. The legal basis for the collection and transmission of personal data by us to LinkedIn Ireland is therefore Art. 6 (1) (a) GDPR.
We can perform various functions via the LinkedIn Insight tag, which we describe in detail below.
LinkedIn conversion tracking is an analysis function that is supported by the LinkedIn Insight tag. The LinkedIn Insight tag enables the collection of data on visits to our website, including URL, referrer URL, IP address, device and browser characteristics (user agent) and timestamp. The IP addresses are shortened or (if they are used to reach members across devices) hashed. LinkedIn does not provide us with any personal data, but only offers reports (in which you are not identified) about the website target group and ad performance. This allows us to measure the effectiveness of LinkedIn ads for statistical and market research purposes.
The direct identifiers of the members are removed by LinkedIn within seven days to pseudonymize the data. LinkedIn then deletes this remaining pseudonymized data within 180 days.
This processing is carried out for the purpose of obtaining information about our website target group and a report on the effectiveness of LinkedIn campaigns.
We also use the “Matched Audiences” service to target our advertising campaigns to specific audiences. LinkedIn Matched Audiences and related data integrations allow us to target advertising to specific audiences based on data we provide to LinkedIn (e.g. company lists, hashed contact information, device identifiers or event data such as websites visited).
This processing is carried out for the purpose of marketing our offers by displaying advertising to specific target groups.
We have entered into a joint controllership agreement with LinkedIn, which sets out the allocation of data protection obligations between us and LinkedIn. You can view this here: https://legal.linkedin.com/pages-joint-controller-addendum.
Please note that in accordance with the LinkedIn Privacy Policy, personal data is also processed by LinkedIn in the USA or other third countries. LinkedIn only transfers personal data to countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 GDPR or based on appropriate guarantees in accordance with Art. 46 GDPR.
e) Google Ads
We use the online advertising services Google AdSense and Google AdManager from Google Ireland Limited (Ireland, EU) on our website. We use the advertising services for marketing and optimization purposes, in particular to display ads that are relevant and interesting to you and to prevent you from seeing the same ads more than once. In addition, we may enable other companies to place advertisements on our website.
To display the advertisements, Google Ireland collects your IP address, browser type, browser language, the date and time of your request and sets one or more cookies. Google is responsible for this data processing. We have no influence on the data collection and the further handling of your data by Google. You can find information on how Google processes your data here: https://policies.google.com/technologies/ads. Specific information on how Google sets cookies can be found here: https://policies.google.com/technologies/cookies.
If you are logged in with your Google account, your data can be directly assigned to it. If you do not agree with the assignment to your Google profile, you must log out of your Google profile.
We only use Google advertising services with your consent, which you can withdraw at any time. The corresponding data processing is based on Art. 6 (1) (a) GDPR. Cookies are placed on your end device to integrate the service. The setting of cookies and access to information stored on the device you are using takes place with your consent, which you can withdraw at any time with effect for the future via our Consent Management Tool. When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section “Data transfer to third countries”.
Further information on data protection at Google can be found in Google’s privacy policy at https://www.google.com/policies/privacy.
9. External media and third-party services
a) Google Tag Manager
We use the Google Tag Manager of the provider Google Ireland Limited (Ireland, EU) on our website. The Google Tag Manager is used to manage our website tags via an interface. The Google Tag Manager is a cookie-free domain to which the IP address is transmitted for technical reasons. The Google Tag Manager only triggers other tags, which in turn may collect data without accessing this data themselves. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
Your data is processed based on Art. 6 (1) (f) GDPR and is based on our legitimate interest in the optimization and economic operation of our website as well as the administration of our website services and the triggering of tags.
Further information on data processing can be found at: https://support.google.com/tagmanager/answer/7157428 and https://policies.google.com/privacy.
b) Cloudflare
We use the Cloudflare service from Cloudflare Inc (USA) on our website to display content. For such integration, it is technically necessary to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to Cloudflare. You can object to this data processing at any time via the settings of the browser used or certain browser extensions. Please note that this may result in functional restrictions on the website.
Your data is processed on the basis of Art. 6 (1) (f) GDPR and is based on our legitimate interest in the optimization and economic operation of our website and in the display of videos.
When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section “Data transfer to third countries”. Further information on data protection at Cloudflare can be found in Cloudflare’s privacy policy at https://www.cloudflare.com/privacypolicy/.
10. Use of contact data for customer matching
a) Google Customer Match
We use the Customer Match function as part of the Google Ads service provided by Google Ireland Ltd (Ireland, EU). The function makes it possible to display advertising in Google services in a more targeted manner on the basis of customer lists and thus increase the relevance of advertising for users. If we have previously collected this data from you, we will transmit your e-mail address, telephone number, postal address and mobile device ID to Google Ireland Ltd (Google). Before we transmit the data to Google, we perform one-way encryption of the data using the SHA256 algorithm. The so-called hash strings of the data are then automatically compared by Google with those of the corresponding data from existing Google accounts. In the event of a match, the respective Google account is added to a customer list created for us. If the data does not match, it can still be used by Google as part of the policy compliance checks. Once the data has been compared and the compliance check has been completed, the data is deleted by Google.
The processing of your data takes place on the legal basis of Art. 6 (1) (f) GDPR and is based on our legitimate interest in targeting our advertising more precisely.
As a Google user, you can control which ads you see on Google services via the Google advertising settings. This also applies to ads with the “Customer Match” function. Information on data protection for Google Ads Customer Match can be found at: https://support.google.com/google-ads/answer/6379332?hl=de. General information on data protection at Google can be found here: https://policies.google.com/privacy?hl=de.
b) Facebook Custom Audiences
We use the personal data you provide to match customers using the Customer Audiences function offered by Meta Platforms Ireland Limited (Ireland, EU).
The Custom Audiences function enables us to create target groups – a so-called Custom Audience – from users of meta services based on customer lists to display advertisements in meta services such as the Facebook platform in a more targeted manner and thus increase the relevance of advertising for users. For this purpose, we transmit your e-mail address, telephone number and address to Meta Platforms Ireland Limited (Meta). We use this personal data to create target groups for advertisements. Before the data is used by Meta for matching, the data is hashed using one-way encryption and thus pseudonymized. These so-called hash strings of the data are then automatically compared by Meta with the hash strings of the corresponding data on users of Meta services that are already available at Meta. If there is a match, the users are added to the target group. As soon as the custom audience has been created by Meta, the hashed data is deleted both if there is a match and if there is no match. Further information on the Custom Audiences function can be found here.
The processing of your data takes place on the legal basis of Art. 6 (1) (f) GDPR and is based on our legitimate interest in targeting our advertising more precisely.
The general data protection information of Meta Platforms Ireland Limited can be found at: https://de-de.facebook.com/privacy/explanation.
III. Data processing on our social media pages
We have a company page on several social media platforms. In this way, we would like to offer further opportunities for information about our company and for exchange. Our company has company pages on the following social media platforms:
Instagram of Meta Platforms Ireland Limited, (Ireland, EU), hereinafter referred to as “Meta”;
LinkedIn of LinkedIn Ireland Unlimited Company, (Ireland, EU), hereinafter referred to as “LinkedIn”.
When you visit or interact with a profile on a social media platform, personal data about you may be processed. The information associated with a social media profile used also regularly constitutes personal data. This also includes messages and statements made using the profile. In addition, certain information is often automatically collected during your visit to a social media profile, which may also constitute personal data.
1. Visiting a social media page
When you visit our social media page, which we use to present our company or individual products from our range, certain information about you is processed. The operators of the social media platforms are solely responsible for this processing of personal data. Further information on the processing of personal data can be found in their privacy policies, which we link to below:
Meta (https://www.facebook.com/privacy/explanation). Meta offers the option of objecting to certain data processing; information and opt-out options in this regard can be found at https://www.facebook.com/settings?tab=ads;
LinkedIn (https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy)
The operators of the social media platforms collect and process event data and profile data and provide us with statistics and insights for our pages in anonymized form, with the help of which we gain knowledge about the types of actions that people take on our site (so-called “page insights”). These Page Insights are created based on certain information about people who have visited our site. This processing of personal data is carried out by the social media operators and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions taken on our site and improving our site based on these findings. The legal basis for this processing is Article 6 (1) (f) GDPR.
We cannot assign the information obtained via Page Insights to individual user profiles that interact with our pages. We have entered into agreements with the operators of the social media platforms on processing as joint controllers, in which the distribution of data protection obligations between us and the operators is defined. Details on the processing of personal data for the creation of Page Insights and the agreement concluded between us and the operators can be found under the following links:
Meta (https://www.facebook.com/legal/terms/information_about_page_insights_data);
LinkedIn (https://legal.linkedin.com/pages-joint-controller-addendum).
You also have the option of asserting your rights against the operators. You can find further information on this under the following links:
Meta (https://www.facebook.com/privacy/explanation);
LinkedIn (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de).
We have agreed with Meta and LinkedIn that the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or any other supervisory authority.
2. Communication via social media sites
We also process information that you have made available to us via our company page on the respective social media platform. Such information may include the username used, contact details or a message to us. This processing is carried out by us as the sole controller. We process this data on the basis of our legitimate interest in contacting people who make inquiries. The legal basis for data processing is Article 6 (1) (f) GDPR. Further data processing may take place if you have given your consent (Art. 6 (1) (a) GDPR) or if this is necessary to fulfill a legal obligation (Art. 6 (1) (c) GDPR).
IV. Further data processing
1. Contact by e-mail
If you send us a message via the contact email provided, we will process the data transmitted for the purpose of responding to your request. We process this data based on our legitimate interest in contacting inquiring persons.
The legal basis for data processing is Art. 6 (1) (f) GDPR.
2. Customer and interested party data
When you contact our company as a customer or prospective customer, we process your data to the extent necessary to establish or execute the contractual relationship. This regularly includes processing the personal master, contract and payment data provided to us as well as contact and communication data of our contact persons at commercial customers and business partners. We also process customer and interested party data for evaluation and marketing purposes.
This processing takes place on the legal basis of Art. 6 (1) (f) GDPR and serves our interest in contacting our customers, providing our services, further developing our offer and informing you specifically about our offers.
Further data processing may take place if you have given your consent (Art. 6 (1) (a) GDPR) or if this is necessary to fulfill a legal obligation (Art. 6 (1) (c) GDPR).
3. Use of the e-mail address for marketing purposes
We may use your e-mail address provided in the context of our cooperation to inform you about similar products and services offered by us.
The legal basis is Art. 6 (1) (f) GDPR in conjunction with. Section 7 (3) UWG. You can object to this at any time without incurring any costs other than the transmission costs according to the basic rates. To do so, you can unsubscribe by clicking on the unsubscribe link contained in in every mailing or by sending an email to hello@moonbase.social.
