DATA PROTECTION

YUVEDO Foundation Privacy Policy in accordance with the EU General Data Protection Regulation for “Natural Persons”, as of June 2018

With the following information, we would like to give you an overview of the processing of your personal data by us and your rights under the Data Protection Act.

1. Who is responsible for data processing and whom can I contact?

The responsible organisation and person, and where you contact us regarding our data privacy policy is: YUVEDO Foundation, represented through the head of its board: Dr. Jörg Karenfort, c/o Dentons Europe LLP Markgrafenstraße 33, 10117 Berlin, E-Mail: info (at) yuvedofoundation.de

2. Which sources and data do we use?

>We process personal data that we voluntarily receive from you through our website. These include eg name and email address. You will only be able to transmit this personal data to us on our website if you confirm to us in the appropriate place that you have read and agree to this Privacy Notice and you have given us an active consent on our website,
a) that we may contact you as a test person (beta user) for our app at various stages of development, or / and
b) that we may inform you about future development statuses of our service and app, and / or
c) that we may contact you as a participant for a workshop, or / and
d) that we may contact you to recruit her as an employee.
For all cases, we ask separately on our website for your consent.

3. For what do we process your data (purpose of the processing) and on which legal basis?

We process personal data for the further development of our service / our app in accordance with the provisions of the European General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG new) on the basis of your consent (Article 6 paragraph 1 a DSGVO):

Insofar as you have given us consent to the processing of personal data for the purposes listed under 2., the legality of this processing is based on your consent. A given consent can be revoked at any time. The revocation of consent does not affect the legality of the data processed until the revocation.

4. Who gets my data and what safeguards are being taken for data security?

The data is processed exclusively within YUVEDO and only by a few people who are involved in the further development of YUVEDO. We collect the data using a survey tool from Typeform, which records and saves the data as you type. Once your data has been entered into the typeform systems, they are secured with multiple levels of encryption and access controls. Typeform encrypts your data during transmission (end-to-end, including in the AWS virtual private cloud) using secure TLS encryption protocols (currently supported by TLS 1.0, 1.1, and 1.2). The Advanced Encryption Standard (AES) is used with a 256-bit key to encrypt data in hibernation, including information backups. Access to the data is role-dependent: only authorized employees have access to data. Further details can be found at https://www.typeform.com/help/security-at-typeform/.

5. Are data transmitted to a third country or to an international organization?

The company Typeform uses the supplier Amazon Web Services, which stores the data entered in the survey tool in the USA, with data protection in Europe. The company Typeform has accepted the Data Privacy Shield, for which the European Commission has decided that an adequate level of protection exists. Data transmission is therefore permitted.

6. How long will my data be stored?

In the event that you provide your email so that we can contact you to gain you as a beta user, as a participant in a workshop or as a potential employee, and you do not revoke your consent, we will store and use your personal information Data as long as it is necessary to develop the app, but not longer than 5 years. In the event that you have consented to receive information about the development of YUVEDO, we will store and use your personal information for the distribution of this information, as long as you do not revoke your consent to us.

7. To what extent is there an automated decision-making process?

We do not use fully automated decision-making within the meaning of Art. 22 DSGVO.

8. What privacy rights do I have?

Each data subject has the right to information under Article 15 of the GDPR, the right of correction under Article 16 GDPR, the right to cancellation under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. In addition, there is a right of appeal to the Data Protection Supervisory Authority (Article 77 DSGVO in conjunction with Section 19 BDSG). Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219, 10969 Berlin

You may revoke your consent to the processing of personal data at any time. Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected.