Privacy & Data Protection Statement

woop.la

Last Change: June 8th, 2018

The following statement gives you an overview of what kind of personal data woopla GmbH (also "we") collects during your visit to our web pages, how this data is used and for what purpose.

Legal basis of the processing

Insofar as we obtain your consent for the processing of personal data, Art. 6(1)(a) EU General Data Protection Regulation (GDPR) serves as the legal basis.

When the processing of personal data is necessary for the performance of a contract to which you are party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations which are required in order to take measures prior to entering into a contract and which are carried out at your request.

If the processing of personal data is necessary to safeguard the legitimate interests of woopla GmbH, Art. 6(1)(f) GDPR serves as the legal basis.

Data deletion/duration of storage

Your personal data will be deleted as soon as the purpose of the storage no longer applies. Storage may be extended beyond this period by the European or national legislator in EU regulations, laws or other regulations to which the woopla GmbH is subject. The deletion of the data shall also take place if a storage period prescribed by the standards mentioned expires, unless there is a need to continue to store the data for the conclusion or the performance of a contract.

Logging website traffic

Whenever you acccess any of our websites, your browser submits various data automatically. Data submitted can be type of browser and version number, operating system, name and URL of the file requested, referer URL (the linking page), hostname and/or IP address of your device, date and time of the request. We do not merge or link this data with any other data source. We do not store or process this data. Web Server logging is disabled. Occassionally we do read your browser's language setting to show you an appropriate version of our website.

Contacting us

You may contact us via the Internet. You can get in touch with us by using the contact form or by calling us. When you contact us, data such as your name, telephone number and E-Mail address will be recorded. The processing of this data takes place in the context of measures taken prior to a contract being concluded, which are required for the provision of the service offered. Alternatively, you can contact us via the E-Mail address provided. In this case, the user's personal data transmitted by e-mail will be collected.

We use services provided by Zendesk Inc., based in San Francisco, USA, to handle contact requests. The data collected from the contact form will be forwarded to the servers of the provider in the USA and deleted after processing the request on our part, unless the data is still required for the performance of a contract or measures taken prior to a contract being concluded.

Zendesk complies with the EU-US Privacy Shield. Details of the certification can be found here: https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active.

Cookies

We also use so-called cookies for the purposes of data collection and storage. Cookies are data packets that, at our instigation, your browser stores in your end device, where they do not cause any damage. They contain no executable code and therefore no viruses and do not allow us to spy on you. There are two types of cookies: temporary ones (so-called session cookies), and persistent cookies.

Session cookies expire automatically at the end of a browser session, i.e. when you close the browser. They store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The use of session cookies is necessary so that we can make the website available to you. The legal basis for the processing of your personal data using session cookies is Art. 6(1)(f) GDPR. You may object to the use of session cookies, but please note that at least some features of our website cannot be used without the use of cookies.

Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time. Cookies enable us to analyses and understand your usage behavior and thus improve our service to you. They are designed to also give you an optimized browsing experience on our website. The use of persistent cookies is done with your consent. The legal basis for the data processing is Art. 6(1)(a) GDPR. You can revoke your consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation. You can also set your Internet browser so that our cookies cannot be stored on your device or so that already stored cookies can be deleted. If you do not accept cookies, this may result in restrictions on the functioning of the website.

Google Web Fonts

Our website uses so-called web fonts, a service of Google Inc. from California, USA.

Web fonts are used for the uniform display of fonts. When you call up a page, your browser loads the required Web fonts into your browser cache to display texts and fonts correctly. The browser you are using must connect to Google's servers. The browser will transmit your IP address and the address of the page accessed to Google.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. The legal basis for this is Art. 6 para. 1 lit. f) DSGVO. Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/ Google has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Third-party cookies

We do not use third-party cookies

.

Mandatory Session Cookie

To fully provide our services Callthrough, Phone Calls for IFTTT and Tariffic, you will need to accept a session cookie. Rejecting the cookie can lead to the following issues:

Callthrough: speed dial function won't work
Phone Calls for IFTTT: the Dashboard area won't be accessible
Tariffic: topping up your account won't be possible

Feel free to delete our cookies here.

Rate finder

Some of our products offer you the chance to search for phone call rates when you specify a phone number. We will not save the phone number and it will be deleted immediately after the appropriate tariff has been displayed. The processing of the telephone number takes place within the context of measures taken prior to entering into a contract, which are required in order to provide the service offered.

Processing registrations

Some of our products allow you to register by providing personal information. The data is entered into an input mask and transmitted to us and saved. Data such as phone numbers, destination phone numbers and E-Mail addresses are collected during the registration process. Registration is required for provisioning certain content and services on the website. Data is processed within the framework of pre-contractual measures that are necessary for the provision of the service offered. Subsequently, the data will be deleted after four weeks, unless the data is still required for the performance of a contract or pre-contractual measures.

Processing payments

Some of our products allow you to pay via our website. For the processing of certain payment transactions, an anonymous UserID is generated from your data and passed on to the payment service providers involved. Data is processed within the framework of pre-contractual measures that are necessary for the provision of the service offered. Subsequently, the data will be deleted after four weeks, unless the data is still required for the performance of a contract or pre-contractual measures.

Categories of recipients

Cloud Provider/Hosting Partner
Data that you provide when using our products is stored in databases hosted by international cloud providers in European locations. These include Microsoft, based in the USA, and Amazon Web Services, based in the USA.
Microsoft complies to the EU-US-Privacy Shield.
Amazon Web Services complies to the EU-US-Privacy Shield.

Telecommunications network operators
We automatically pass phone numbers on to our telecommunications network operators when making phone calls in order to be able to make the call.

Payment service providers
Anonymized user IDs are passed on to payment service providers.

Security

We cannot guarantee the security of data transmitted online. Messages sent via e-mail are not encrypted. Without encryption,  your e-mails can thus potentially be accessed by third parties. We therefore recommended that you send confidential information by post only.

Data controller

The data controller within the meaning of the General Data Protection Regulation is:
woopla GmbH
Bismarckstr. 142a
47057 Duisburg
Germany

Your rights

If your personal data is processed, you are a data subject within the meaning of the GDPR and you are entitled to the rights described below. Please always address your request to the above-mentioned person responsible.

Information:
You have the right to receive free information from us at any time as well as confirmation of the personal data stored about you and a copy of this data.

Rectification:
You have the right to rectification and/or completion if the personal data processed concerning you is incorrect or incomplete.

Limitation of data processing:
You have the right to request a limitation of the processing if one of the following conditions is met:

  • You dispute the accuracy of your personal data for a period of time that enables us to verify the accuracy of your personal data.
  • The processing is unlawful, you refuse to delete the personal data and instead demand a restriction on the use of the personal data.
  • We no longer need the personal data for the purposes of processing, but you do need it to assert, exercise or defend legal claims.
  • You have filed an objection against the processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether our justified reasons outweigh yours.

Deletion:
You have the right to have your personal data deleted immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:

  • The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
  • You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
  • You file an objection to the processing pursuant to Art. 21 para. 1 GDPR, and there are no overriding legitimate grounds for processing, or you file an objection to the processing pursuant to Art. 21 para. 2 GDPR.
  • The personal data have been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.

Data portability:
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person in charge without our interference. In exercising this right, you also have the right to request that the personal data concerning you be transferred directly by us to another person responsible, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

Contradiction:
You have the right to object at any time to the processing of personal data concerning you, which "only" takes place on the basis of justified interests of us or third parties (Art. 6 para. 1 lit. f GDPR). We will no longer process personal data in the event of an objection, unless we can prove compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Revocation of consent:
You have the right to revoke your consent at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.

To exercise your rights, please contact the Data Protection Officer of woopla GmbH: privacy@woop.la

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you are entitled to complain to a supervisory authority, in particular in the Member State of the country of your residence, your place of work or place of alleged infringement, if you believe that the processing of your personal data violates the GDPR.