Privacy Policy

 PURPOSE OF OUR POLICY

We, TrackMyDrum.com, c/o THINKT digital GmbH, Alt-Moabit 92, 10559 Berlin (“Trackmydrum.com”),provide the services offered on the websiteTrackMyDrum.com(“Website”) and in the TrackMyDrum™App (jointly with the Website “Services”).We are the data controller of the Services and responsible for processing your data in terms of the GDPR (see our contact details below clause 13).By publishing this Privacy Policy we aim to make it easy for our users and the public to understand what data we collect and store, why we do so, how we receive and/or obtain that information, and the rights an individual has with respect to their data in our possession.

THE INFORMATION WE COLLECT

In order to run our business and to provide the Services it is necessary for us to collect data. This information allows us to identify who an individual is for the purposes of the Services, share data when asked of us, contact the individual in the ordinary course of business and transact with the individual. Without limitation, the type of information we may collect is:

  • Company Information. We may collect company details such as name, location other information that allows us to identify who the company is;
  • Contact Information. We may collect information such as an individual’s email address, telephone number, third-party usernames, residential, business and postal address and other information that allows us to contact the individual;
  • Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, and other information for statistical purposes;
  • Error reports. We may collect technical trace information of any failure
  • Information individuals send us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities, including activities with our partners.

We may also collect information regarding individuals’ computer, network and browser. This may include their IP address, connection data and date and period of the Services’ usage. You hereby grant your express consent that we may collect the data according to this clause 2, subject to the other regulations of this Privacy Policy.

HOW INFORMATION IS COLLECTED

Most information will be collected in association with an individual’s use of theServices. However, we may also receive data from other sources such as advertising, individual’s own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners. In particular, information couldbe collected as follows:

  • Registrations. When an individual registers to the Services, or anaccount, whereby they enter data details or grant access to information;
  • Accounts/Memberships. When an individual submits their details to open an account and/or become a member with us;
  • Partners. When an individual grants us access to their accounts with our business partners;
  • Supply/Contact. When an individual supplies us with contentor contacts us in any way.

We may also collect anonymous data such as traffic, IP addresses and transaction statistics, which may be used and shared on an aggregated and anonymous basis. You hereby grant your express consent that we may collect the data according to this clause 3.

HOW DATA IS STORED

The data that we collect from you may be transferred to, and stored in our Amazon cloud.We will retain data for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.By submitting your personal data, you agree to this transfer, storing or processing according to this clause 4, provided always that we shall safeguard compliance with the respective applicable data protection laws.

WHEN DATA IS USED

Data and information is used to enable us to operate our business and the Services. This may include:

  • The provision of the Services between an company and us;
  • Verifying an individual’s/company’s identity;
  • Communicating with an individual/ company;
  • Logging for security purposes;
  • Investigating any complaints about or made by an individual/ company, or if we have reason to suspect that an individual is in breach of any of our terms and conditions or that an individual is or has been otherwise engaged in any unlawful activity; and/or
  • As required or permitted by any law.

You hereby grant your express consent that we may use the data according to this clause 5.

WHEN DATA IS DISCLOSED

It may be necessary for us to disclose an individual’s data to third parties in course of the Services. We will not disclose or sell an individual’s data to unrelated third parties under any circumstances, except for sponsors and where we employ other companies to perform tasks on our behalf and we need to share the information with them to provide the Services. All partners are well selected and have the duty according to Art. 28 of the GDPR to comply with data protection laws. There are some circumstances in which we must disclose an individual’s information:

Where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;

As required by any law including court orders; and/or

In order to sell our business (as we may transfer data to a new owner).

LEGAL BASIS FOR DATA PROCESSING

Legal basis for processing your data according to clauses 2 – 7 are Art. 6 No. 1 (a) and (b) of the GDPR. If no contract has been concluded yet between you and us, Art. 6 No. 1 (f) of the GDPR is the legal basis, especially for transmitting the IP address. Legal basis for cookies according to clause 9 below is Art. 6 No. 1 (a) of the GDPR.

COOKIE POLICY

Our Website may use cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website. By continuing to browse the site, you are agreeing to our use of cookies. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device if you agree. Cookies contain information that is transferred to your device’s hard drive. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website

OPT OUT TO COLLECTION OF DATA; LIMITATION OF DATA PROCESSING

An individual may opt out to not have us collect their data and communicate with them. This may prevent us from offering them some or all of our Services and may terminate their access to some or all of the Services they access with or through us. The same applies if you want us to limit certain aspects of processing your data. If an individual believes that it has received information from us that it did not opt in to receive, it should contact us via e-mail to: info@thinkt.digital. The same applies for requests regarding the limitation of collecting or processing the data.

THE SAFETY & SECURITY OF DATA

We will take all reasonable precautions to protect an individual’s data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks. We have implemented the following technical and logic security measures:

  • Personal computers of all employees are required to have full disk encryption, firewall enabled and to have all available security patches applied.
  • Network and infrastructure security and data processing of end-user is handled on infrastructure provided by AWS, which is annually audited against ISO/IEC 27001:2013 and ISAE 3402 II.

We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s data to in accordance with this policy or any applicable laws). The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies. The following sub-processors shall be considered approved by the User:

  • AWS. Primary data center: Frankfurt.

If an individual suspect any misuse or loss of, or unauthorised access to, their data, they should let us know immediately. We are not liable for any loss, damage or claim arising out of another person’s use of the data where we were authorised to provide that person with the data.

DATA RETENTION PERIOD

We only save your data as long as necessary to provide our Services or for the time we have a legitimate interest in retaining the data. Deletion of your data is executed after expiring of the periods as required by law or contract. Data which is not subject to such mandatory retention periods will be deleted after omission of said purposes.

HOW TO ACCESS AND/OR UPDATE DATA; TRANSFER OF DATA

If an individual cannot update his or her own information on its own, we will correct any errors in the data we hold about an individual within 7 days of receiving notice from them about those errors. It is an individual’s responsibility to provide us with accurate and truthful data. We cannot be liable for any information that is provided to us that is incorrect. We safeguard on your request the transmission of your personal data in a suitable manner.

DELETION OF ACCOUNTS AND DATA

At any time, you can request your account to be deleted, by contacting us via e-mail to info@thinkt.digital or sending us a letter to Trackmydrum, c/o THINKT digital GmbH, Alt-Moabit 92, 10559 Berlin. If you request that your account shall be deleted, your data will be deleted, unless other retention times with respect to deletion are provided for by the applicable laws, or retention is required in order to conclude contractual performance, complete relevant services, or for other compliance, accounting and settlement purposes. Your activity and communications on our Services will continue to be stored, provided that we would then anonymise your name upon request.

RIGHT TO WITHDRAW

If our use of your personal data and information is based on consent which you have granted, you may withdraw such consent at any time for the future by sending us an e-mail to info@thinkt.digital or a letter to Trackmydrum c/o THINKT digital GmbH, Alt-Moabit 92, 10559 Berlin.

COMPLAINTS TO DATA PROTECTION AUTHORITIES

If you have complaints regarding processing your personal data you have the right to lodge a respective complaint to the competent supervisory authority. You may contact the data protection authority which is responsible for your place of residence or your federal state. You may also direct your complaint to the data protection authority in charge for our Services.