Privacy Policy

reGive (hereinafter referred to as the “Operator”) operates websites and mobile apps under the name “reGive”, hereinafter referred to collectively as “reGive Services”. As the controller within the meaning of the General Data Protection Regulation (GDPR), the operator decides on the purpose and means of data processing and is ultimately responsible for ensuring that data processing is carried out in accordance with the statutory provisions.

1. Preamble

The operator takes data protection very seriously and wishes to disclose fairly and transparently how data protection is handled. When reGive is used, the operator is entrusted with a range of personal data. Personal data is any type of information that can be directly or indirectly linked to a natural person. This includes the name, address, e-mail address and telephone number. In addition, the IP address or information about usage behavior can be regarded as personal data. In the following, the operator explains to the users of reGive (hereinafter referred to as “users”) what data is collected, how and for what purpose, and to whom this data may be passed on. Finally, the operator informs users about their rights and the internal data storage provisions.

This Privacy Policy is a supplement to the General Terms and Conditions and applies to the use of the reGive services and the use of the services offered there or otherwise. The data protection provisions in force at the time of the specific visit by a user shall apply. of the actual use of services is available online in the reGive services.

2. Collection and processing of data

The operator collects data in connection with the registration and also with the subsequent use of the reGive services. In order to give users a good overview of how their data is processed, the operator shows below the three ways in which personal data is collected.

1. Data that the operator receives from the user

When the user creates an account or performs activities as a registered user, they provide the operator with information about themselves. Personal data in this category is actively communicated by the user, e.g. by completing the registration, by contacting support or by feedback that the user gives us through functions set up specifically for this purpose.

To make registration easier for the user and reduce the risk of fraudsters and spammers, the user has three options for registration:

a. Registration with Facebook Connect:

The operator accesses certain data stored in the user’s Facebook profile, which the user releases during registration. This authorization can be revoked by the user at any time on Facebook. Of course, the operator does not have access to the user’s Facebook login data. The operator is not liable and is not responsible for incorrect or unauthorized data transmissions by Facebook. In order to maintain a certain anonymity towards other users, only the user’s profile photo, first name and last name abbreviated to the first letter (Max M.) are displayed to other users instead of the full name (Max Mustermann).

b. Registration with Google Sign in:

The operator accesses certain data stored in the user’s Google profile, which the user releases during registration. This authorization can be revoked by the user at any time at Google. Of course, the operator does not have access to the user’s Google login data. The operator is not liable and is not responsible for incorrect or unauthorized data transmissions by Google. In order to maintain a certain anonymity towards other users, only the user’s profile photo, first name and last name abbreviated to the first letter (Max M.) are displayed to other users instead of the full name (Max Mustermann).

c. Registration with e-mail and SMS confirmation:

In doing so, the operator accesses the user’s data that they provided during registration. The profile data provided by the user, i.e. name, e-mail address and telephone number, must be truthful and complete and kept up to date. In order to maintain a certain anonymity towards other users, only the user’s profile photo, first name and last name abbreviated to the first letter (Max M.) are displayed to other users instead of the full name (Max Mustermann).

2. Data collected when using the reGive services

When using the reGive services and carrying out activities, the user transmits data that is stored by the operator in order to identify the user and ensure the smooth provision of the reGive services. At the same time, the operator stores information when the user contacts the operator, for example, when the user sends an e-mail to the operator’s user support in order to support the user and answer questions. The Operator may use anonymized and aggregated data regarding such requests to improve the Services.

When using the reGive services, the operator collects information about user activity, such as which services and pages are visited within reGive and how they are used. A range of data is also recorded that the operator receives as a result of the use of the reGive services. These include:

a. Technical information about the device and the user’s Internet connection

Through server logs and other tools, the operator collects information about the user’s device and internet connection, including operating system, browser version, IP addresses, cookies and other unique identifiers. In order to analyze how the operator’s services are used, the technical information is usually processed as aggregated data. The aggregated data can also be linked to the user account, for example to adapt the reGive services to the device used by the user.

b. Information about the use of the reGive services

The operator registers the user’s activities, such as logging in and out of the user account, or the purchase of products and services within the reGive services. The operator also stores information about the user’s reGive visits. The operator uses this information, among other things, to prevent abuse and fraud, to improve the reGive services and to provide the user with personalized services, recommendations or information.

c. Information about the location

When using reGive, the operator determines the user’s location based on the IP address or the geo-location determined. This information is used, for example, to display content and to show the user ads that are relevant to their location, to improve the reGive services, and to determine and display the location of the posted purchase ads. To make it more difficult to draw conclusions about the user’s location, the seller’s location is displayed offset when offers are posted.

d. Cookies and anonymized identifiers

When the user uses the reGive services, the operator uses a wide variety of technologies to identify the user as such. The reGive website uses “cookies” to enable all functionalities of the reGive website and to facilitate the use of the site. Cookies enable the user, for example, not to have to log in to the reGive website every time they use the reGive services. The operator reserves the right to store anonymized identifiers on the user’s mobile device, especially since cookies cannot be used on these devices. For more information on cookies and anonymous identifiers – see point 7.

3. Information from other sources

The Operator may from time to time receive information from, for example, its partners, ad networks and other third parties to help it understand the User’s activities and preferences, or to help improve the reGive Services. For example, if the user creates their user account via Facebook, the operator can add basic information to the information received from Facebook. Furthermore, an advertiser can inform the operator about what happens when an advertisement is clicked on the operator’s website. This enables the operator to measure the impact of the advertisement and to provide the user with appropriate advertising or content. Analyses of this kind are usually aggregated and anonymized.

3. Purpose of data processing

The operator uses the user’s data for the following purposes:

The operator processes the data, 1) to provide the reGive services; 2) to improve and further develop the reGive services; 3) for personalized advertising, offers and recommendations to users; 4) for recognizing market trends; 5) to prevent, contain and investigate misuse of the reGive services.

The purposes of data processing are set out in detail below.

1. Provision of the reGive Services

In order to use the reGive services, it is necessary for the operator to determine the current user location. This enables the display of offers in the user’s vicinity and is also used when placing purchase offers. To make it more difficult to draw conclusions about the location, the seller’s location is displayed offset for posted offers.

In addition, the operator uses other personal data to personalize the user account and provide a good user experience. This includes in particular the user experience in connection with registration, login, the purchase and sale of products and services and the overall surfing experience.

2. Improvement and further development of the reGive services

The operator uses information to improve its services, for example by making the registration process, the log-in or the process of paying for premium services as user-friendly as possible. For example, it can record the steps (screen views, clicks) that the user has gone through when searching for a product in order to analyze whether and to what extent individual elements are confusing for the user. Usually, analyses of this kind are aggregated and anonymized, although the operator may also use individually assignable data to provide technical support or to better understand how individual users use the reGive services.

Furthermore, the operator uses certain tracking tools to improve the reGive services and to detect and analyze errors. For this purpose, the operator records the user’s usage behavior on the reGive services both independently and through third-party providers (e.g. Google Analytics).

The Operator shall send the User notifications about upcoming changes or improvements to the reGive Services using the User’s email address, if applicable, or via push notifications when using mobile devices. In addition, the user receives the reGive newsletter at regular intervals. To unsubscribe from the newsletter, simply deactivate the newsletter subscription in the user profile or click directly on the corresponding unsubscribe link in the newsletter. Push notifications can be deactivated directly in the system settings of the mobile device.

3. Personalized content, offers and recommendations

The operator uses the available information to personalize the reGive services and to offer relevant content for users. In some cases, the operator delivers content based on explicit user requests, such as when the user creates search agents. The operator reserves the right to offer content and recommendations based on user activity – for example, products can be recommended based on their popularity with other users.

The operator also places advertisements on its platform itself or works with external partners to place and optimize its own and third-party advertisements.

For the purpose of displaying personal data on the service, data such as birthday (if provided by the user), gender (if provided by the user), approximate geographical location, language, Internet service provider, categories of interests may also be passed on to advertising network operators such as Google, Facebook and similar providers.

If the user’s consent is required for this data transfer, it will be obtained separately. In this case, this consent can be revoked at any time in the user settings.

4. Recognizing market trends

The operator analyzes data to better understand trends and to adapt, improve and further develop the reGive services accordingly. The trend analysis can either be carried out directly by the operator or by third parties who process data on behalf of the operator. Cooperation with third parties for the processing of data takes place on the basis of commissioned data processing agreements with strict consideration of confidentiality and integrity.

5. Prevention, containment and investigation of misuse of the reGive Services

We use information to prevent various forms of misuse of the reGive services, such as fraudulent activities, denial of service attacks, spamming, unauthorized access or other activities that violate our terms and conditions or are prohibited by law.

4. Legal basis for data processing

If the operator processes personal data of users, this is done for the fulfillment of the contract by the operator or is necessary to protect the overriding legitimate interests of the operator.

Any further data processing will only take place with the express consent of the user or on the basis of legal regulations.

5. Use of the data by third parties

For all services that use social networking functions such as the Facebook Like button or the Google +1 button, it should be noted that Facebook and other social network providers can collect data about the user, even if the user is not registered on a page or has not consented to the exchange of data. By using popular functions such as the Facebook “Like-Button” or the Google “+1 Button”, the providers of these functions can draw conclusions about page visits and Internet usage behavior of the respective user. More detailed information on this can be found in the respective usage and data protection guidelines of the respective providers. (e.g. http://www.google.de/intl/de/policies/privacy/, http://www.facebook.com/policy.php).

The user can prevent such data collection by logging out of the respective social networks before using the operator’s services.

6. Disclosure of the data

The operator will not share, sell, transfer or otherwise disclose personal data in any other way than described in this privacy policy, unless the operator is required to do so by law or the user has given express consent.

However, the above does not preclude the operator from using service providers who process the data for the operator on the basis of a corresponding contract data processing agreement. Service providers to whom personal data is transferred for processing may only process the data for the purposes specified in this Privacy Policy and which have been expressly agreed with the respective service provider.

Disclosure of personal data is only possible for the following reasons:

1. Transfer of personal data within the eleminds – Generation neXt e.K. Group

Personal data may be transferred within the eleminds – Generation neXt e.K. Group or to companies that belong in whole or in part, directly or indirectly, to eleminds – Generation neXt e.K., provided that this corresponds to the purpose of the data processing explained in this data protection policy and the interests of the user in the confidentiality of the data do not prevail. These companies may use user data in accordance with the applicable data protection regulations in order to personalize the user experience and/or improve their own products and services.

2. Transfer of personal data to third parties

The operator may disclose personal data to the police or other authorities if there is a suspicion of unlawful behavior in connection with the use of the reGive services and if a corresponding court order or a corresponding administrative order exists. Disclosure of personal data to other third parties is possible if they can prove an overriding legal interest in establishing the identity of a user and a specific unlawful situation and can also credibly demonstrate that knowledge of this information is an essential prerequisite for legal prosecution.

3. Contract data processor

The operator also uses service providers (contract data processors within the meaning of the GDPR) for its activities, in particular for the display of advertising, the analysis of user behavior and the integration of third-party services. Data processing contracts are concluded with such service providers in accordance with Art. 28 GDPR.

4. The transfer of personal data to a non-EU or non-EEA country

The operator will only transfer personal data of the user to recipients in a country outside the EU or the EEA if there is a decision of the EU Commission on adequate data protection for this country, or if the EU standard contractual clauses (available at http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm; resp. https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en) or these are Privacy Shield (https://www.privacyshield.gov/welcome) certified.

5. Payment via PayPal

If the user uses the payment function via PayPal, the following applies to the forwarding of data to PayPal:

The operator requires the billing address in order to create a valid invoice. The billing address that a seller provides when connecting to PayPal is not shared with PayPal. The operator stores the billing address for the duration of the contractual relationship with the operator in order to simplify the payment process. The billing address is automatically deleted 5 years after your last use of reGive. Invoices are stored for up to 10 years for legal reasons.

The shipping address entered by a buyer during the checkout process will be shared with PayPal with the express consent of the buyer, as it is necessary for full protection by PayPal Buyer Protection. For more information on how PayPal manages user data, please refer to the PayPal Privacy Policy. The operator stores the shipping address for the duration of the contractual relationship with the operator in order to simplify the payment process for you. The buyer’s shipping address is automatically deleted 5 years after the last use of reGive.

7. Cookies

The reGive website uses “cookies” to enable all functionalities of the reGive website and to facilitate the use of the site. “Cookies” are small text files that enable the operator to store specific information on the user’s PC while they are visiting the operator’s website. The operator uses the following cookies:Session cookies (also called session-based cookies) expire at the end of your browser session and allow us to track your actions during that one browser session.Persistent cookies remain stored on your device between browser sessions and allow us to track your preferences or actions across multiple websites.First-party cookies are stored by the website you are visiting.Third-party cookies are stored by a website other than the website you are visiting. The operator has no influence on these.

The user can deactivate the storage of cookies, restrict them to certain websites or set their browser so that they are notified about cookies. You can also delete cookies from your PC’s hard disk at any time. In these cases, a limited display of the page and limited user guidance must be expected.

8. Rights of the user

Unless otherwise indicated, the following user rights may be exercised by sending a written request to datadisclosure(at)reGive.community.

1. Right of information

The user has the right to receive information about whether and which personal data the operator processes about the user and to receive copies of this data.

To exercise this right, the user can send an e-mail to datadisclosure(at)reGive.community. The user is then informed that the request for information is being processed. Processing may take a few days. The user will then be informed by e-mail as soon as the request for information has been successfully processed. The requested information will be sent by e-mail.

2. Right of rectification and restriction

The user has the right to request the correction, amendment, restriction or deletion of personal data that is processed incorrectly or not in accordance with the law.

3. Right of withdrawal

Under certain circumstances, the user is entitled to object to the processing of personal data and to revoke any consent previously given.

4. Data portability

The user has the right to request data portability of the registration data.

To exercise this right, the user can send an e-mail to datadisclosure(at)reGive.community.

5. Right of appeal

The user is entitled to lodge a complaint with the competent data protection authority(https://www.bfdi.bund.de).

Our data protection officer can be contacted at dataprotectionofficer(at)reGive.community.

9. Duration of storage

The operator does not store personal data for longer than is necessary to fulfill the above-mentioned purposes. The personal data of users are regularly deleted or anonymized if they are no longer relevant for the purposes mentioned. The operator stores personal data for as long as the user’s account has not been deleted or the user has not issued a declaration of revocation in accordance with point 8. or as long as the data is required to provide the reGive services or there is no legal restriction of any kind.

Privacy Policy, Version: 2024-03-27