Thank you very much for visiting our website. This document is to inform you about how we process your personal data regarding the use of our website.
Responsible Party
WhateverPayments GmbH
Elfriede-Lohse-Wächtlerweg 46
22081 Hamburg
Germany
info@whateverpayments.com
Questions Related to Data Protection and Exercising your Rights
If you have any questions related to data protection, or if you wish to exercise your rights, please contact the address stated above, adding the keyword “Data Protection”.
As soon as you visit our website, the company we have entrusted with the website’s operation will store the public IP address of the computer you are using to visit our website. This includes the access date and time. The IP address is a unique numeric address, through which your computer sends and receives data via the internet. Usually, neither we nor our service provider will know whom the IP address belongs to, unless you provide us with any data permitting us to identify you while using our website. Also, a user can be identified if we take legal action (in cases of cyber-attacks on our website, for instance) and are informed of the user’s identity during the process of investigation. So as a general rule, you will not have to worry we will be able to draw a connection between you and your IP address.
Our service provider is using the IP address to enable you to visit and use our website, and to discover and prevent attacks on our websites. Unfortunately, websites are attacked frequently, in order to harm the operators and users (for example blocking the access, spying on data, distributing malware like viruses or other illegal purposes). Such attacks would adversely affect our website’s intended use as well as the security of our website’s visitors. The IP address, along with the visit’s time, is being processed to prevent such attacks and potential dangers resulting from them for ourselves and for our website’s users. Via our service provider we are pursuing the justified interests of maintaining our business operations as well as of preventing unlawful interference affecting ourselves or our website’s visitors. The legal basis of this processing activity is article 6 paragraph 1 f) of the General Data Protection Regulation (GDPR). The stored IP data will be deleted by de-personalization, provided they are no longer necessary for the purpose of identifying or preventing attacks.
In creating a customer account, we are processing the data provided by you for this purpose, to store and maintain them, as well as to enable you to make use of the services related to your customer account. The legal basis of this processing activity is article 6 para. 1 a) of the General Data Protection Regulation (GDPR). If the customer account is created to serve the purpose of concluding or performing a contract, article 6, paragraph 1 b of the General Data Protection Regulation (GDPR) will be an additional legal basis of the processing activity. The data will be stored until the customer account is deleted. In cases in which we are obligated to store the data beyond this event (to fulfill accounting obligations, for instance), or if we are legally entitled to store the data beyond this event (in case of a current lawsuit against the user account owner, for instance), the data will be deleted as soon as the obligation or the legal authorization to store the data ceases to exist.
Whenever you contact us via one of the ways of contact provided, we will make use of the data provided by you to process your inquiry. The legal basis for this is our justified interest in replying to your request according to article 6 paragraph 1 f of the General Data Protection Regulation (GDPR). If your request is serving the purpose of concluding or processing a contract with us, the additional basis of the processing activity is article 6 paragraph 1 b of the General Data Protection Regulation (GDPR). The data will be deleted after your request has been completed. In cases in which we are obligated by law to store the data for a longer period, they will be deleted after the expiry of this period.
We are using Google Webfonts for our website’s display. This is a collection of fonts by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland, which can be used for websites in particular. On accessing the font used on our website via your browser, the public IP address of the computer you are using will be transferred to Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland. The IP address is a unique numeric address, through which your computer sends and receives data via the internet.
On accessing our website, your browser will load the required font in order to display the website the way we have intended. If your browser does not support webfonts, your computer’s standard font will be used to display our website. For further information concerning Google Webfonts, please refer to https://developers.google.com/fonts/faq. For this, the general privacy policy of Google applies, which can be accessed via https://policies.google.com/privacy?hl=en. Our justified interest in using Google Webfonts is to ensure a consistent appearance of our website and therefore its functionality on all devices. Therefore, the legal basis of this processing activity is article 6 paragraph 1 f of the General Data Protection Regulation (GDPR).
We use no cookies.
According to article 15 of the General Data Protection Regulation (GDPR) you have the right to demand a confirmation from our side, stating whether we are processing personal data concerning you. If that is the case, you are entitled to intelligence about these personal data and to further information, as stated in article 15 of the General Data Protection Regulation (GDPR).
According to article 16 of the General Data Protection Regulation (GDPR) you are entitled to demand of us to rectify any incorrect personal data concerning you with no delay. With regard to the processing purposes you are also entitled to demand incomplete personal data to be completed – also by an additional statement.
You have the right to demand of us to delete your personal data with no delay. We are obligated to delete any personal data immediately, if the relevant conditions according to article 17 of the General Data Protection Regulation (GDPR) are met. For details, we would like to refer you to article 17 of the General Data Protection Regulation (GDPR).
According to article 18 of the General Data Protection Regulation (GDPR) you are entitled to demand of us to limit the processing of your personal data, provided certain pre-conditions are met.
According to article 20 of the General Data Protection Regulation (GDPR) you are entitled to receive your personal data you have provided to us in a structured, established and machine-readable format. You are also entitled to transfer the data to another responsible party without any hinderance from our side, provided the processing is based on any agreement based on article 6 paragraph 1 letter a, or article 9 paragraph 2 letter a, or on a contract according to article 6 paragraph 1 letter b, and the transfer is done via automated tools.
According to article 21 of the General Data Protection Regulation (GDPR) you are entitled to object against your personal data’s processing based on article 6 paragraph e or f of the General Data Protection Regulation (GDPR). This does also apply for profiling based on these regulations.
If we are processing your personal data for direct advertisement, you have the right to object to the processing of your personal data for the use of such advertisement at any time. This does also apply to profiling, if it is connected to such advertisement.
If you would like to exercise any of the rights you are entitled to, please contact us as the responsible party via the contact data given above, or use any of the other ways of contact provided to notify us. If you have any questions regarding this, please contact us.
According to article 77 of the General Data Protection Regulation (GDPR) you are entitled to the right of appeal to the supervisory authority without prejudice to any wider administrative or judicial remedy. This right applies particularly within the member state of your abode, of your working place or of the suspected contravention, if you consider the processing of your personal data to be a violation of the General Data Protection Regulation (GDPR).