Data Privacy Policy

The use of our websites is generally possible without providing personal data. However, if you wish to use special services provided by our company through our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing (e.g., the execution of a contractual agreement), we ask for your consent.

With this notice, we inform you about whether and which data we collect from you, how we use, disclose, transmit, and store (“process”) it. Furthermore, we inform you about how you can object to the use of your data. We always treat your personal data confidentially and in accordance with the legal data protection regulations as well as this privacy policy.

1. Who is responsible for data collection and processing?

The responsible entity is:

ioki GmbH (“ioki”)

An der Welle 3

60322 Frankfurt am Main, Germany

Email: privacy@ioki.com

The appointed Data Protection Officer is

Dr. Marein Müller

Email: privacy@ioki.com

2. Collection and Processing of Your Data

We collect and process your data exclusively for specific purposes. These may arise from technical necessities, contractual requirements, or explicit user requests.

For technical reasons, certain data must be collected and stored when visiting route.ioki.com, such as the date and duration of the visit, the websites visited, your IP address, the identification data of the used browser and operating system type, and the website from which you visit us.

2.1. Contact

If you contact us through the provided contact options, we process and use your data to process your contact request and its fulfillment in accordance with Art. 6 para. 1 lit. a DSGVO (“Consent”). If storing your request is no longer necessary, we will delete it. The statutory retention periods for archiving apply.

2.1.1 Appointment Request via Microsoft Outlook

For the appointment request, which you can access via the link, your personal data will be transmitted to Microsoft, and additional personal data will be collected by Microsoft, and cookies will be set. More about Microsoft’s data processing in this case can be found at the following Link.

2.2 Contact Form

If you sign up for one of the offers mentioned above, the following mandatory data will be collected:

•	First name
•	Last name
•	Email address

Additionally, you have the option to provide voluntary data. Voluntary data are those not marked with *.

Your email address can be used by us for advertising purposes if you selected this option. You can object to advertising use at any time.

If you voluntarily provide your first and last name, this data can be used for personalized addressing.

To ensure the consensual sending of information, we use the so-called Double-Opt-In procedure. In this process, the potential recipient is added to a distribution list. Afterward, the user receives a confirmation email to confirm their registration legally. Only if the confirmation occurs will the address be added to the distribution list.

2.3 Host

Our website is hosted by an external service provider (hereinafter referred to as “Host”). The personal data collected on this website is stored on the Host’s servers. This may include, in particular, IP addresses, contact inquiries, meta- and communication data, contract data, contact details, names, website accesses, and other data generated via a website.

The use of the Host is for the purpose of fulfilling our contract with potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of providing our online services securely, quickly, and efficiently through a professional provider (Art. 6 para. 1 lit. f DSGVO). Our Host will process your data only as far as necessary to fulfill its service obligations and follow our instructions regarding this data. Host:

Netlify Netlify, Inc. 512 2nd Street, Fl 2 San Francisco, CA 94107

For more information on data processing by the Host, please visit the Host’s privacy policy: https://www.netlify.com/privacy/

3. Legal Basis for Data Processing

We process your personal data based on one of the following legal bases:

If we obtain consent for the processing of personal data, this serves as the legal basis according to Article 6, paragraph 1, lit. a DSGVO.

3.2. Contract

When processing personal data necessary to fulfill a contract with you, the contract serves as the legal basis according to Article 6, paragraph 1, lit. b DSGVO. This also applies to processing activities required to perform pre-contractual measures, such as in the case of inquiries about our products or services.

If our company is subject to a legal obligation requiring the processing of personal data, such as fulfilling tax obligations, the processing is based on Art. 6 para. 1 lit. c DSGVO.

3.4. Legitimate Interest

To continuously improve our services, we store and analyze usage data on a pseudonymized basis. The legal basis for this is Art. 6 para. 1 lit. f DSGVO.

We are also interested in maintaining customer relationships and sending you information and offers that we believe match your interests. Therefore, we process your data based on Article 6 para. 1 lit. f DSGVO (also with the help of service providers) to send you information and offers. We use your contact details (first name, last name, email) for email marketing and market research unless you object to such use. The email address we obtained from a business relationship with you may also be used for marketing purposes.

You can object to the use of your data for advertising purposes at any time. You can send your objection via email to hello@ioki.com. (Advertising objection)

4. Encryption

To protect your data, the transmission of your data through the website is encrypted with SSL. You can recognize an encrypted connection by the browser address bar changing from “http://” to “https://” and the padlock symbol in your browser bar.

When SSL encryption is activated, the data transmitted to us cannot be read by third parties.

5. Will Data Be Shared?

For contract processing, it is generally necessary to involve subordinate processors, such as data center operators or other parties involved in contract fulfillment.

External service providers who process data on our behalf are carefully selected and contractually bound. The service providers act according to our instructions, ensured through strict contractual agreements, technical and organizational measures, and additional controls.

Your data will only be transferred if you have explicitly consented or as required by law.

Data transmission to third countries outside the EU/EEA or to an international organization does not take place unless adequate guarantees are provided. This includes EU Standard Contractual Clauses and an adequacy decision from the EU Commission.

6. How Long Will Your Data Be Stored?

We store your data only as long as necessary to fulfill the purpose for which it was collected (e.g., within a contractual relationship) or as required by law. For instance, in the context of a contractual relationship, we store your data at least until the full completion of the contract. Afterward, the data is retained for the duration of the statutory retention periods. Please refer to our note under No. 2.2.1 regarding the storage of applicant data.

Your personal data remains with us until the purpose for data processing no longer applies. By asserting a legitimate request for deletion, your data will be deleted unless we have other legally permissible reasons, such as tax or commercial law retention periods, for storing your personal data. In the case of legal retention periods, deletion will occur after they expire.

7. Use of Cookies and Analytics Tool

Our website uses “cookies.” Cookies are small text files that are stored locally on your computer when you visit a website. These do not cause harm to your device. Cookies are stored either for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit, while permanent cookies remain on your device until you delete them or they are automatically deleted by your web browser.

7.1. Technically Necessary Cookies

These cookies are essential for the operation of the website and enable basic functions such as page navigation, access to protected areas, and ensuring the security of the website. Without these cookies, the website cannot function properly. Technically necessary cookies are used based on our legitimate interest according to Art. 6 para. 1 lit. f DSGVO, §25 TDDDG.

7.2.Preference Cookies

These cookies are used to store your preferences and settings on our website. This allows us to offer you a personalized experience and adjust the display of the website to your preferences. The use of preference cookies is based on your consent according to Art. 6 para. 1 lit. a DSGVO.

7.3. Statistic Cookies

These cookies collect information about the use of our website, such as which pages are most frequently visited or whether error messages are displayed. These cookies help us improve the performance and functionality of our website. The use of statistic cookies is based on our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.

7.4. Marketing-Cookies

These cookies are used to tailor advertisements to your interests and show you relevant ads on other websites. They are also used to measure the effectiveness of advertising campaigns. The use of marketing cookies is based on your consent according to Art. 6 para. 1 lit. a DSGVO.

7.5. Third-Party Cookies

We work with third-party providers who may also store cookies on your device when you visit our website. These third parties set their own cookies and are responsible for their privacy policies and use of cookies. Please visit the third-party websites for further information.

If the use of cookies is based on your consent, this can be withdrawn at any time.

By continuing to use this website, you agree to the use of cookies. However, you can change your cookie settings at any time by enabling or disabling the corresponding options in your web browser. Please note that blocking cookies may affect the functionality and user experience of this website.

7.6. Cookies Not Required for Using the Site

For the use of non-necessary cookies, we require your explicit consent via opt-in in the cookie banner in accordance with §25 TDDDG.

For technically necessary cookies, no consent is required according to §25 TDDDG and they are automatically set when visiting the website.

7.6.1 Use of Cookies: Statistics

Statistical cookies collect information anonymously. This helps us understand how our visitors use our website.

Matomo

Name: Matomo Provider: Matomo Purpose: Cookie from Matomo for website analytics. Generates statistical data about how the visitor uses the website. Privacy Policy: https://matomo.org/gdpr-analytics/ Cookie Name: pk. Cookie Duration: 13 months

7.6.2 Improving User Experience

To continuously improve your experience, we collect statistics on the use of ioki.com. We use the analytics tool Matomo. The tracking measures used here are based on Art. 6 para. 1 lit. f DSGVO. We aim to ensure a user-oriented design and ongoing optimization of our website. Additionally, we use these measures to statistically capture the usage of our website and evaluate them for optimizing our offering for you.

8. Rights of Users

You have the right to obtain free information about the origin, recipient, and purpose of your stored personal data at any time. You also have the right to correction, deletion, and restriction of your personal data, as long as this is legally permissible and within the scope of an existing contractual relationship.

The right to restrict processing applies in the following cases:

•	If you dispute the accuracy of your stored personal data, we typically need time to verify it. For the duration of the review, you have the right to request restriction of the processing of your personal data (Art. 16 DSGVO).

•	If the processing of your personal data is unlawful, you may request restriction of the data processing instead of deletion (Art. 17 DSGVO).

•	If we no longer need your personal data but you need it to exercise, defend, or assert legal claims, you have the right to request restriction of the processing instead of deletion (Art. 18 DSGVO).

•	If you have lodged an objection, a balancing of interests between yours and our interests must be conducted. As long as it is not clear whose interests prevail, you have the right to request restriction of the processing of your personal data (Art. 21 para. 1 DSGVO).

E-Mail: hello@ioki.com

8.1.Revocation

If you have given a data protection consent, you can withdraw it at any time with future effect. (Art. 7 para. 3 sentence 1 DSGVO)

Revocation does not affect the lawfulness of data processing based on your consent before the revocation. Any further processing of this data due to another legal basis remains unaffected.

The cookie settings can be changed at any time in the footer navigation.

10. Update of the Privacy Notice

We adjust the privacy notice to changed functionalities or legal situations. Therefore, we recommend reviewing the privacy notice regularly. If your consent is required or parts of the privacy notice contain contractual provisions with you, the changes will only take place with your consent.

Date: July 2024