Effective Date : 28-11-2018
This Policy is meant to inform you, which Personal Data we collect, store, process, use and/or disclose, for which purposes and on which legal basis. We further inform you about your rights with regard to your Personal Data. We erase your Personal Data when they are no longer required for the purposes listed in this Policy. We also erase your Personal Data according to your request and if further storage is neither required nor permitted by applicable laws.
This Policy was lastly updated on the effective date noted above. This Policy may be amended or updated from time to time to reflect changes in our privacy practices with respect to the processing of Personal Data, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.
● ‘Controller’ means the entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
●‘Data Protection Authority’ means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
● ‘EEA’ means the European Economic Area.
●‘Process’, ‘Processing’ or ‘Processed’ means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
● ‘Processor’ means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
● ‘Services’ means any services provided by us.
●‘Sensitive Personal Data’ means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under applicable law.
2. Name and contact details of the Controller
Lukso Blockchain GmbH
Torstr. 149, 10119 Berlin
Which Personal Data we process
If you subscribe to the newsletter we and our data processors might collect the following data:
● Personal details: name, gender, date of birth / age, nationality;
● Contact details: address, e-mail address, social media accounts details;
● Technical information of your device which you use for orders and communication (cell phone, tablet, notebook, personal computer, etc. (e.g. IP address),
We involve the following data processors in this process:
Data processor MailChimp:
To send out newsletters, we are using “MailChimp”, a service provided by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States. MailChimp stores your personal data in the USA, where the level of data protection is lower than in the EU/EEA.
Data processor Google:
To store your personal data, we are using Google Cloud, G Suite and Google Analytics, a service provided by Google Ireland Limited, a company incorporated under the laws of Ireland with offices at Gordon House, Barrow Street, Dublin 4, Ireland. Google stores your personal data in EU/EEA and the USA, where the level of data protection is lower than in the EU/EEA.
3. For which purposes and how we process your Personal Data
We will use the contact details you gave us to inform you about progress and stages of development of the project, as well as affiliation with other Companies if we wish so.
For marketing purposes, we use your email address only if and as long as we have received your explicit prior consent and in accordance with respectively applicable additional legal requirements in your jurisdiction. By subscribing to the newsletter you are giving us such consent.
III. Coin Sales
We use your email address to inform you about coming coin sales to participate in the LUKSO network, and all information related to that.
4. Your rights when we process your Personal Data
You have the following rights if the legal conditions of such rights are met. You may exercise them at any time.
Right of access
You have the right at any time to demand information on if we process your Personal Data.
Right of rectification
You have the right to demand us to correct and/or complete your personal data if your personal data processed is incorrect or incomplete.
Right of erasure
You may demand your personal data to be deleted if (i) the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed; (ii) you revoke your consent to the processing and there is no other legal basis for the processing; (iii) your personal data have been processed illegally; (iv) the deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.
Right to restriction of processing
You may request to restrict the processing of your personal data if (i) you deny the accuracy of the personal data for a period of time that enables us to verify the accuracy of the personal data; (ii) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data; (iii) we no longer need your personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims.
Right to data portability
You have the right to obtain your personal data in a structured, commonly used and machine-readable format. You have the right to transmit your data to another Controller. Where technically feasible, you have the right to have your data transmitted directly from us to another Controller.
Right to withdraw consent
Any consent is provided freely. If you give us your consent to process your Personal Data, you have the right to revoke your consent at any time. The revocation of consent does not affect the lawfulness of processing based on consent before its revocation. To withdraw your consent, please send us an e-mail to email@example.com.
Right to object
You have the right to object to the processing) for certain processing purposes. If we process your data on the basis of a legitimate interest (pursuant to Art. 6 para. 1 f GDPR), you have the right to object to this processing at any time for reasons arising from your particular situation. Such reasons exist in particular if they give special weight to your interests and therefore outweigh our interests, for example if we are not aware of these reasons and could therefore not be taken into account in the context of weighing up interests.
If your Personal Data are processed in order to carry out direct advertising, you have the right to object at any time to the processing of Personal Data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.
Right to lodge a complaint with the supervisory authority
You have the right to address the supervisory authority for any questions or complaints. The supervisory authority is Berliner Beautragte für Datenschutz und Informationsfreiheit, https://datenschutz-berlin.de/.
Please note that if you withdraw your consent to any or all use or disclosure of your personal data, depending on the nature of your request, we may not be in a position to continue to provide our services or products to you or administer any contractual relationship in place. Such withdrawal may also result in the termination of any agreement you may have with us. Our legal rights and remedies are expressly reserved in such event.