Privacy Statement

1) Information on collecting personal data and contact details of the controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following sections we will inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.

1.2 The controller of data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is CodexPro GmbH, Schaumburgallee 7, 14052 Berlin, Germany, E-mail: info@codexpro.eu. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the data controller). You can recognise an encrypted connection by the character string 'https://' and the lock symbol in your browser line.

2) Data collection when visiting our website

During the purely informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (server log files). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

- Our visited website

- Date and time accessed

- Quantity of data sent in bytes

- Source/link from which you reached the page

- Browser used

- Operating system used

- IP address used (if necessary in anonymised form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of our legitimate interest to improve the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are specific indications of unlawful use.

3) Cookies

In order to make the visit to our website more appealing and to enable the use of certain functions, we use cookies on various sub-pages.

These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (session cookies). Other cookies remain on your device and enable your browser to be recognised the next time you visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data and IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser.

Sometimes cookies are used to simplify the ordering process by storing settings. If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b of the GDPR either for the execution of the contract, in accordance with Art. 6 para. 1 lit. a of the GDPR in the case of consent given or in accordance with Art. 6 para. 1 lit. f of the GDPR to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visited.

Please note that you can additionally set your browser so that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. This can be found for each browser via the following links:

Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d

Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en

Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Opera: https://help.opera.com/en/latest/web-preferences/

Please note that if you do not accept essential cookies, the functionality of our website may be limited.

4) Making contact

Personal data is collected when you make contact with us (e.g. by contact form or e-mail). Which data is collected when you use a contact form is apparent from the contact form itself. This data is stored and used exclusively for the purpose of answering your request or for making contact, and the associated technical administration. The legal basis for the processing of data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f of the GDPR. If you make contact with a view to concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b of the GDPR. Your data will be deleted after the final processing of your request. This is the case if the circumstances indicate that the matter in question has been conclusively clarified and provided there are no legal obligations to retain the data.

5) Data processing when opening a customer account and for contract processing

In accordance with Art. 6 para. 1 lit. b of the GDPR, personal data will continue to be collected and processed if you provide it to us for the purpose of executing a contract or opening a customer account. Which data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the data controller. We store and use the data provided by you for the purpose of processing the contract. After complete execution of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiry of these periods, unless you have expressly consented to a further use of your data or a legally permitted further use of data has been reserved on our part.

6) Use of customer data for direct advertising

6.1 Registration for our e-mail newsletter

If you register for our e-mail newsletter, we will regularly send you information about our offers. The only data mandatory for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. We use the double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in future by clicking on an appropriate link.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a of the GDPR. When you register for the newsletter, we store the date, the website used for registration and the time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter is used exclusively for the purpose of advertising in the newsletter. You can unsubscribe from the newsletter at any time by clicking on the link provided in the newsletter or by sending a message to info@codexpro.eu. Your data will then be stored on a separate server. Your data will then be noted on an unsubscriber list and you will no longer receive this newsletter in the future. In the event of a cancellation request, your e-mail address will be deleted immediately from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

6.2 Sending the e-mail newsletter to existing customers

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you e-mail offers for similar goods or services to those you have already purchased from our range. In accordance with § 7 para. 3 of the Unfair Competition Act (UWG), we do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalised direct advertising in accordance with Art. 6 para. 1 lit. f of the GDPR. If you have initially objected to the use of your e-mail address for this purpose, no e-mails will be sent by us. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with future effect by notifying the data controller named at the beginning. In this case, you will only be charged transmission costs according to the base rates. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately.

6.3 Newsletter dispatch via Mailchimp

Our email newsletters are sent via the technical service provider 'Mailchimp', a service of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, to which we pass on your data provided during newsletter registration. This transfer takes place in accordance with Art. 6 para. 1 lit. f of the GDPR and serves our legitimate interest in using a newsletter system that is effective in advertising, secure and user-friendly and is used on the basis of a commission processing agreement in accordance with Art. 28 para. 3 of the GDPR.

The privacy policy of Mailchimp can be found at: https://mailchimp.com/legal/privacy/

Your e-mail address will be deleted from the newsletter distribution list as soon as you unsubscribe. You can do this at any time by clicking on the link located at the end of the newsletter.

Mailchimp may use the recipients' data in pseudonymous form, to optimize or improve its services and/or for statistical purposes. However, Mailchimp does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

Mailchmp uses this information to send and statistically evaluate the newsletters on our behalf. This allows us to determine whether a newsletter message has been opened. Tracking collects technical information (e.g. time of retrieval, IP address, browser type and operating system). This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

If you wish to object to data analysis for personalized evaluation purposes, you can do so within the e-mail sent to you. If you wish to object to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.

6.4 Advertising by post

On the basis of our legitimate interest in personalised direct advertising, we reserve the right to store your first and last name, your postal address and – insofar as we have received this additional information from you as part of the contractual relationship – your title, academic degree, year of birth and your profession, industry or business name in accordance with Art. 6 para. 1 lit. f of the GDPR and to use it to send you interesting offers and information about our products by post. You can object to the storage and use of your data for this purpose at any time by sending a message to the data controller.

7) Data processing for order processing

7.1 In order to process your order, we work together with the service provider(s) listed below, who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the framework of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer of data is Art. 6 para. 1 lit. b of the GDPR.

7.2 Use of special service providers for order processing and handling

- PayPal

If you pay via 'PayPal', credit card via PayPal, direct debit via PayPal or – if offered – purchase on account or payment by instalments via PayPal, we shall pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg as part of the payment processing. The transfer takes place in accordance with Art. 6 para. 1 lit. b of the GDPR and only insofar as this is necessary for the payment processing.

For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – purchase on account or payment by instalments via PayPal, PayPal reserves the right to carry out a credit check. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

For further information on data protection law, including information on the credit agencies used, please refer to PayPal's data privacy policy: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full .You may object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

- bKash

If you pay via 'bKash', we shall pass on your payment data to bKash Limited (bKash), operating under the license and approval of the Central Bank (Bangladesh Bank) as a subsidiary of BRAC Bank Limited, corporate address: Shadhinata Tower, 1, Bir Sreshtha Shaheed Jahangir Gate, Dhaka Cantonment, Dhaka 1206.

For further information on data protection law, including information on the credit agencies used, please refer to bKash's data privacy policy: https://www.bkash.com/privacy-policy

8) Use of social media

8.1 Facebook plugins with Shariff solution

On our website, we use social plugins (plugins) of the 'Facebook' social network, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, with your consent.

In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you visit a page on our website that contains such buttons, no connection is yet established with Facebook's servers. When you click on the button, a new browser window opens and accesses the Facebook page, where you can interact with the plugins there (possibly after entering your login data).

The purpose and scope of data collection and the further processing and use of data by Facebook as well as your related rights and settings options for protecting your privacy can be found in the Facebook privacy policy: https://www.facebook.com/policy.php

8.2 Twitter plugin as Shariff solution

On our website, we use social plugins of the 'Twitter' microblogging service, which is operated by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, with your consent.

In order to increase the protection of your data when visiting our website, these buttons are not fully integrated into the page as plugins, but only using an HTML link. This type of integration ensures that when you visit a page of our website that contains such buttons, no connection is yet established with the servers of Twitter. When you click on the button, a new browser window opens and accesses the Twitter page, where you can interact with the plugins there (if necessary, after entering your login data). Please note that when you interact with the plugin, information collected (including your IP address) is transmitted from your browser directly to a Twitter Inc. server in the USA and stored there.

The purpose and scope of data collection and the further processing and use of data by Twitter as well as your related rights and settings options for protecting your privacy, can be found in the Twitter privacy policy: https://twitter.com/en/privacy

8.3 Instagram

On our website, we use content from the 'Instagram' online service, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, GrandCanal Harbour, Dublin 2 Ireland, with your consent.

The purpose and scope of data collection and the further processing and use of data by Instagram as well as your related rights and settings options for protecting your privacy, can be found in the Instagram privacy policy: https://help.instagram.com/155833707900388/

9) Use of social media: videos

9.1 Use of Vimeo videos

On our website, we use plugins from the video portal „Vimeo“ of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA, with your consent. When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Vimeo servers. The content of the plugin is transmitted by Vimeo directly to your browser and integrated into the page. Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is transmitted by your browser directly to a Vimeo server in the USA and stored there.

If you are logged in to Vimeo, Vimeo can directly assign your visit to our website to your Vimeo account. If you interact with the plugins (such as pressing a video start button), this information is also transmitted directly to a Vimeo server and stored there.

The described data processing operations are carried out in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of Vimeo's legitimate interest in market research and the needs-based design of the Vimeo service.

If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out from Vimeo before visiting our website.

The purpose and scope of data collection and the further processing and use of data by Vimeo as well as your related rights and settings options for protecting your privacy, can be found in the Vimeo privacy policy: https://vimeo.com/privacy

In the case of videos from Vimeo that are embedded on our site, the Google Analytics tracking tool of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is automatically integrated. This is Vimeo's own tracking, to which we have no access and which cannot be influenced by our site. Google Analytics uses cookies for tracking, that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of the website will generally be transmitted to one of Google's servers. This may also result in a transmission to the servers of Google LLC in the USA.

This processing is carried out in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of Vimeo's legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes.

As far as legally required, we have obtained your consent in accordance with Art. 6 para. 1 lit. a of the GDPR for the processing of your data as described above. You can revoke your consent at any time with future effect.

9.2 Use of YouTube videos

With your consent, this website uses the 'YouTube' embedding function to display and play videos of the YouTube provider, which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The extended data protection mode is used here, which, according to the provider, only triggers the storage of user information when the video(s) is/are played. If the playback of embedded YouTube videos is started, the YouTube provider uses cookies to collect information about user behaviour. According to information from YouTube, these are used, for example, to collect video statistics, to improve user-friendliness and to prevent abusive behaviour. If you are logged in to Google, your data is directly assigned to your account when you click on a video. If you do not wish to have your data associated with your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of Google’s legitimate interests in the insertion of personalised advertising, market research and/or needs-based design of its website. You have the right to object to the creation of these user profiles; you must contact YouTube to exercise this right. Within the scope of using YouTube, personal data may also be transmitted to the servers of Google LLC in the USA.

Irrespective of whether the embedded videos are played or not, a connection to the Google network is established each time this website is opened, which may trigger further data processing operations without our influence.

Further information on data protection in regard to YouTube can be found in the provider's privacy policy at: https://policies.google.com/privacy?hl=en-GB&gl=de

10) Online marketing

10.1 Google AdSense

On our website, we use 'Google AdSense', a web advertising service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, with your consent. Google AdSense uses cookies, placed on your computer to help the website analyse how users use the site. In addition, Google AdSense also uses web beacons (small invisible graphics) to collect information, through the use of which simple actions such as visitor traffic on the website can be recorded, collected and evaluated. The information generated by the cookie and / or web beacon (including your IP address) about your use of the website will generally be transmitted to and stored by Google on one of its servers. This may also involve transmission to the servers of Google LLC in the USA.

Google uses the information thus obtained to carry out an evaluation of your usage behaviour with regard to the AdSense ads. The IP address transmitted by your browser in the context of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google.

The described processing of data is carried out in accordance with Art. 6 para. 1 lit. f of the GDPR for the purpose of targeting the user by third parties advertisers whose ads are displayed on this website on the basis of the evaluated user behaviour. This processing also serves our financial interest in exploiting the economic potential of our website by displaying personalised third-party advertising content in return for payment.

You can obtain further information about Google's data protection policy at the following Internet address: https://policies.google.com/privacy?hl=en-GB&gl=de

You can permanently disable cookies for ad preferences by setting your browser software to prevent them, or you can download and install the browser plug-in available at the following link: https://support.google.com/ads/answer/7395996?hl=en-GB

Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

10.2 Use of Google Ads conversion tracking

On our website, we use the 'Google Ads' online advertising program and, within the scope of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland with your consent. We use the Google Ads service to draw attention to our attractive offers with the help of advertising media (Google Adwords) on external websites. We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. Our aim is to show you advertising that is of interest to you, to make our website more interesting for you and to achieve a fair calculation of the advertising costs incurred.

The conversion tracking cookie is set when a user clicks on an ad placed by Google Ads. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across Google Ads customers' websites. The information collected using the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted in to conversion tracking. Clients will learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users. If you do not wish to participate in the tracking, you can block this use by deactivating the Google conversion tracking cookie via your internet browser under the keyword „user settings“. You will then not be included in the conversion tracking statistics. We use Google Ads based on our legitimate interest in targeted advertising in accordance with Art. 6 para. 1 lit. f of the GDPR. In the context of the use of Google Ads, there may also be a transmission of personal data to the servers of Google LLC in the USA.

You can obtain further information about Google's data protection policy at the following Internet address: https://policies.google.com/privacy?hl=en-GB&gl=de

You can permanently object to the setting of cookies by Google Ads conversion tracking by downloading and installing the Google browser plug-in available at the following link: https://support.google.com/ads/answer/7395996?hl=en-GB

Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

11) Web analysis services

11.1 Google Analytics

On our website, we use 'Google Analytics', a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, with your consent. Google Analytics uses cookies, which are placed on your device, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will generally be transmitted to one of Google's servers. This may also result in a transmission to the servers of Google LLC in the USA.

This website exclusively uses Google Analytics with the extension '_anonymizeIp()', which ensures anonymisation of the IP address by shortening it and excludes direct personal references. As a result of the extension, your IP address is first shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a server of Google LLC server in the USA and shortened there. Google will use such data on our behalf to interpret your use of the website, to compile reports on website activities and to provide us with other services connected with the website and internet use. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

All processing described above, in particular the setting of Google Analytics cookies for reading out information on the device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a of the GDPR. Without this consent, Google Analytics will not be used during your visit to our website.

You can revoke your consent at any time with future effect. We have concluded an order processing agreement with Google for the use of Google Analytics, which obliges Google to protect the data of our site visitors and not to pass it on to third parties.

For the transfer of data from the EU to the USA, Google refers to standard data protection clauses of the European Commission, which are intended to ensure compliance with the European level of data protection in the USA.

Further information on Google Analytics can be found here: https://policies.google.com/privacy?hl=en-GB&gl=de.

12) Tools and other services

12.1 - Google Maps

On our website, we use 'Google Maps' from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Google Maps is a web service for displaying interactive (land) maps in order to visually display geographical information. By using this service, you will be shown various locations, and it will be easier for you to find them.

Information about your use of our website (such as your IP address) is transmitted to Google servers and stored there when you visit those sub-pages in which the Google Maps map is integrated; this information may also be transmitted to Google LLC servers in the USA. This occurs regardless of whether Google provides a user account via which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to have your data associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage and analysis are carried out in accordance with Art. 6 para. 1 lit. f of the GDPR on the basis of Google's legitimate interest in displaying personalised advertising, market research and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.

You can view Google's terms of use at https://policies.google.com/terms?hl=en-GB&gl=de , and the additional terms of use for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html

Detailed information on data protection in connection with the use of Google Maps can be found on Google's website (Google Privacy Policy): https://policies.google.com/privacy?hl=en-GB&gl=de. https://policies.google.com/privacy?hl=en-GB&gl=de.

12.2 Thinkific

Our courses are presented on the 'Thinkific' learning platform. The platform is operated by Thinkific Labs Inc, #400 - 369 Terminal Ave, Vancouver, BC, V6A 4C4, Canada.

An account is required to participate in the course. The following information will be collected: First name, last name and your email address (or your parent or guardian's email address if you are under 16). Thinkific collects information about how you interact with the course, including but not limited to your progress through the course, quiz results, survey results, discussion or forum posts, and other course participant activities.

Thinkific's privacy policy can be found at: https://www.thinkific.com/privacy-policy/.

In addition, if you are in the European Economic Area (EEA), you have certain rights under European law in relation to your personal data, including the right to request access to, correct, amend, delete or restrict the use of your personal data. To exercise these rights, please contact us at the above address or by email at: info@thinkific.com .

12.3 Scratch

For our beginners' course we use the online community platform 'Scratch'. This platform is operated by Scratch Foundation, 7315 Wisconsin Ave, 4th Floor West, Bethesda, MD 20814, USA. An account is required to participate in the course, and the following information will be collected: username, your country, birth month and year, gender, and your email address (or your parent or guardian's email address if you are under 16 years old).

Scratch's privacy policy can be found at: https://scratch.mit.edu/privacy_policy

12.4 Zoom

We use the tool 'Zoom' to conduct telephone conferences, online meetings, video conferences or live online courses. This video communication platform is operated by Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA. The EU Data Protection Officer can be contacted at: Lionheart Squared Ltd, Attn: Data Privacy., 2 Pembroke House, Upper Pembroke Street 28-32, Dublin, DO2 EK84, Ireland, email: zoom@LionheartSquared.eu.

Processing of personal data collected by Zoom when you register for a free Zoom account: Date of birth (only as proof of age, Zoom does not store or use this information for any other purpose), First name, Last name, Phone number (optional), Email, Preferred language, User IDs and password (if single sign-on is not used), Profile picture for avatar (optional), Meeting scheduling.

Insofar as personal data is processed by employees of CodexPro GmbH, § 26 BDSG is the legal basis for data processing. If, in connection with the use of Zoom, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of Zoom, the legal basis for data processing is Article 6 (1) (f) DSGVO. In these cases, our interest lies in the effective implementation of online meetings.

Otherwise, the legal basis for data processing when conducting „online meetings“ is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here too, our interest is in the effective conduct of online meetings.

Zoom's privacy policy can be found at: https://zoom.us/de-de/privacy.html.

13) Rights of data subjects

13.1 The applicable data protection law grants you comprehensive data subject rights with respect to the data controller responsible for processing your personal data (rights of access and intervention) about which we inform you below:

- Right to information in accordance with Art. 15 of the GDPR: In particular, you have a right of access concerning your personal data processed by us, the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or is disclosed, the planned storage duration or the criteria for determining the storage duration, the existence of any right to rectification, erasure, restriction of processing, objection to processing, complaining to a supervisory authority, the source of your data if it was not collected from you by us, the existence of any automated decision making including profiling and if necessary important information on the logic involved and the scope concerning you and the desired effects of such processing as well as your right to notification about which guarantees exist as per Art. 46 of the GDPR on transferring your data to third countries;

- Right to rectification in accordance with Art. 16 of the GDPR: You have a right to immediate rectification of incorrect data concerning you and/or completion of your incomplete data stored by us;

- Right to erasure in accordance with Art. 17 of the GDPR: You have the right to demand erasure of your personal data subject to the provisions of Art. 17 para. 1 of the GDPR. However, this right shall not apply in particular if the processing is necessary to exercise the right to free expression of opinion and to information, to fulfil any legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

- Right to restriction of processing in accordance with Art. 18 of the GDPR: You have the right to demand restriction of the processing of your personal data as long as the accuracy of our data disputed by you is reviewed, if you reject erasure of your data on account of unreliable data processing and instead demand restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims, after we no longer require such data once it has achieved its purpose or if you have submitted an objection for reasons pertaining to your specific situation, unless it is yet to be determined whether our legitimate reasons prevail;

- Right to information in accordance with Art. 19 of the GDPR: If you have asserted the right to rectification, erasure or restriction of processing to the data controller, this entity is obliged to inform all the recipients to whom the personal data concerning you has been disclosed of such rectification or erasure of data or restriction of processing, unless this proves to be impossible or is associated with disproportionate costs. You have the right to be informed of such recipients;

- Right to data portability in accordance with Art. 20 of the GDPR: You have the right to receive your personal data which you have made available to us in a structured, accessible and machine-readable format or to demand transmission to another data controller insofar as this is technically feasible;

- Right to revoke consent given in accordance with Art. 7 para. 3 of the GDPR: You have the right to withdraw your consent to the processing of data at any time with future effect. In the event of withdrawal, we will immediately delete the data concerned, unless further processing can be legally based on processing that does not require consent. The withdrawal of the consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal;

- Right to lodge a complaint in accordance with Art. 77 of the GDPR: If you are of the opinion that the processing of personal data concerning you is in breach of the GDPR, you have – regardless of any other administrative or legal remedy – the right to complain to a supervisory authority, particularly in the member state of your place of residence, your workplace or the place of the presumed infringement.

13.2 RIGHT TO OBJECT

IF AS PART OF THE BALANCING OF INTERESTS WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PREVAILING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO SUBMIT AN OBJECTION TO SUCH PROCESSING WITH FUTURE EFFECT FOR REASONS ARISING FROM YOUR SPECIFIC SITUATION.

IF YOU MAKE USE OF YOUR RIGHT OF OBJECTION, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN PROVE COMPELLING GROUNDS FOR PROCESSING WORTHY OF PROTECTION WHICH OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US IN ORDER TO CONDUCT DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE. IF YOU MAKE USE OF YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA IN QUESTION FOR THE PURPOSE OF DIRECT ADVERTISING.

14) Duration of storage of personal data

The duration of the storage of personal data is measured on the basis of the respective legal basis, the processing purpose and - if relevant - also on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When personal data is processed on the basis of express consent in accordance with Art. 6 para. 1 lit. a of the GDPR, this data is stored until the person concerned revokes his or her consent.

If there are statutory retention periods for data that is processed within the scope of legal obligations or similar obligations on the basis of Art. 6 para. 1 lit. b of the GDPR, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the performance of the contract or the initiation of the contract and/or there is no legitimate interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f of the GDPR, this data is stored until the data subject exercises his or her right to object in accordance with Art. 21 para. 1 of the GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing is for the purpose of asserting, exercising or defending legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f of the GDPR, this data will be stored until the data subject exercises his or her right to object in accordance with Art. 21 para. 2 of the GDPR.

Unless stated otherwise in the other information in this statement about specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or processed.

15) Note on data transfer to the USA

We expressly point out that, among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.