Status: February 2021
The protection of personal data and the responsible handling of information that you entrust to us is an important and special concern of ours. Let’s Connect UG (haftungsbeschränkt), hereinafter Let’s Connectprocesses personal data on https://www.campnconnect.com , hereinafter the Website, only in accordance with the statutory regulations. These are in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
- the processing of personal data when using our Website (see section 2).
- the use of our CAMP’N’CONNECT app (see section 6)
Controller in terms of data protection law:
Let’s Connect UG (haftungsbeschränkt)
Tel. +49 (0) 152 35623634
- Use of our Website
- Data Processing to enable Website Use
When you visit our Website, we collect personal data to enable you to use it (usage data). This includes your IP address and data about the beginning, end and subject of your use of the Website. In addition, this includes technical data transmitted by your browser, such as browser type / browser version, the previously visited Website (referrer URL), monitor resolution, operating system, device information (e.g. device type), etc., if applicable. We process this usage data for the purpose of providing this Website and designing it to meet your needs in our legitimate interest (Art. 6 (1) lit. f GDPR). If you would like detailed information on the balance of interests, please contact us using the contact options listed under section 1.
When you visit our Website, information may be stored on your terminal device in the form of cookies. Cookies are small text files that are sent from a web server to your browser and stored on your end device. When you later access our Website, the cookies are transmitted back to our web server. This enables us, for example, to recognize you when you visit the Website again. Cookies can be divided into first-party cookies (used by us) and third-party cookies (used by third parties). We further categorize cookies as follows:
Technically necessary cookies
|These cookies are mandatory to ensure the technical functionality of the Website. Without these cookies, we cannot properly offer use of the Website.|
|These cookies are used to design the most pleasant browsing experience possible on our Website, with the highest level of individual usage conformity (e.g. enabling cross-session login, high browsing speed through search suggestions or saving individual page settings such as the language or text size, etc.).|
|These cookies are used for the continuous optimization of our website and lead to a continuously improved browsing experience (e.g. by evaluating the use of website functions offered, reporting display errors, etc.).|
Social network and advertising cookies
|One part of these cookies allows you to connect to your social networks and share content. The other part helps to better customize advertising for you by collecting information to match your interests.|
Cookies of categories 2 to 4 can be used in the context of web analysis. They can be combined with other information about your activities on our Website and are processed in pseudonymized usage profiles. This helps us to analyze information about web traffic and to improve our Website in order to adapt it to the needs of users. We only use this information for statistical analysis. In addition to cookie-based web analytics, there is non-cookie-based web analytics using other means, such as your individual device settings, to recognize you when you revisit our Website.
The legal basis for the use of category 1 cookies is our legitimate interest in providing our Website according to Art. 6 (1) lit. f of the GDPR.
In the context of the cookies used, there are also data transfers to non-EEA countries, in particular the USA (see also section 9 on data transfers to countries outside the EEA).
|4||_gat||Traffic analysis and statistics||1 minute|
|4||gid||Traffic analysis and statistics||1 day|
|4||_ga||Traffic analysis and statistics||2 years|
|1||CookieConsent||Privacy settings management||1 year|
- Google Analytics
For more information about Google Analytics privacy, see: https://www.google.de/intl/de/policies/.
- Social Networks
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA
Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA
- App Stores
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA
Apple Inc., One Apple Park Way, Cupertino, California, USA, 95014
- CAMP’N’CONNECT app Use for Apple iOS and Android
When downloading and using the CAMP‘N‘CONNECT app, personal data is processed as described in this section. Below you will find the information about the legal basis, purposes, legitimate interests, if any, and necessity of processing your personal data.
6.1. Downloading the App
Google Play Store (Android): Google LLC., 1600 Amphitheater Parkway, Mountainview, California 94043, USA
App Store (iOS): Apple Inc., One Apple Park Way, Cupertino, California, USA, 95014
6.2. Legal Basis, Purpose and Necessity of the Processing of your Personal Data
6.3. Usage of the App
When you use the CAMP'N'CONNECT app, we process your personal data, including but not limited to
- Information you provide when creating or updating your user profile in the app. In doing so, it is mandatory to provide your age, your gender and/or your co-travelers (e.g. couple or family) and your travel possibility. You do not have to make the age and gender information public. The other information in the user profile of the app is voluntary. You can also use an imaginary word as your username.
- Device information that we collect during your use of the CAMP'N'CONNECT app, such as device type, operating system, IP address, language settings, device identifier, cookie data, mobile application identifier, location data.
- Data you transmit when using the CAMP'N'CONNECT app, such as instant messaging texts.
- E-mail address and password for your login (a user name is only required for initial registration); in the context of using our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as those of users in protection against abuse and other unauthorized use.
To fully use our app, access permissions to certain features/services on your device are required for the following purposes:
- Location: to find other members near you.
- Phone: To send push notifications and notify you of new content. We use OneSignal's service for push notifications.
- Photos: To upload photos you've already taken in the app.
- Storage: to save and write data, such as video content.
- Device ID and call information: To send you push notifications.
You'll be asked for your consent the first time you launch the app or when a service in the app requires you to access certain features on your device. You can change permissions and allow or disallow granting at any time in your device settings.
For more information about the specific data that may be accessed when authorizing access to certain features and how to revoke or confirm your consent, see the links below:
For Android 5.1 and lower: https://support.google.com/googleplay/answer/6014972?p=app_permissions&rd=1&hl=en
For Android 6.0 and higher: https://support.google.com/googleplay/answer/6270602?hl=en
6.5. OneSignal (for Push Functions)
We use the service of OneSignal, 2850 S Delaware St #201, San Mateo, CA 94403, United States (hereinafter "OneSignal") to send you push messages if you have consented to receive them by granting the appropriate authorization. OneSignal receives information about the installed App and its usage, the temporary unique device identifier (e.g., IDFA and Android ID), the current location associated with the temporary unique device identifier; your email address (if provided), your IP address, type of your device, type and version of your operating system, your mobile carrier, your language settings, time zone, and network settings (e.g., WiFi) when you access the App. You can find the privacy information at: https://onesignal.com/privacy_policy. https://onesignal.com/privacy_policy.
We include this company for the push functions because it facilitates our service and makes the push messages commercially reasonable. The legal basis for the data processing is your consent pursuant to Art. 6 (1) lit. a
6.7 Google AdMob
6.7 Google Analytics Firebase
We use the developer platform "Google Firebase" and the associated functions and services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Firebase is a platform for the development of apps for mobile devices and websites. Google Firebase offers a variety of features, which you can find at the following website: https://firebase.google.com/products/. https://firebase.google.com/products/.
Analysis of user interactions is performed using analytics service of Firebase Analytics. This service helps us record your interactions. Events such as opening an app for the first time, uninstalling an app, updates, crashes, or how often you use the app are recorded. Certain user interests are also recorded and analyzed.
The information processed by Google Firebase about your use of this app is usually transferred to a Google server in the USA and stored there. However, Google will reduce your IP address in the Member States of the European Union or in other signatory states to the Agreement on the European Economic Area beforehand and thus anonymize it. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and anonymized there. The data may also be used for other Google services such as Google Analytics and Google Marketing Services. In this case, only pseudonymous information, such as the Android Advertising ID or the Advertising Identifier for iOS, is processed to identify the users' mobile devices. For more information about Google's use of data for marketing purposes, please visit the following website: https://www.google.com/policies/technologies/ads. https://www.google.com/policies/technologies/ads.
The legal basis for this use is Art. 6 para. 1 lit. a DSGVO. If you wish to object to interest-based advertising via Google marketing services, you can use the settings options provided by Google: http://www.google.com/ads/preferences. http://www.google.com/ads/preferences.
Further information about data protection at Google at: https://policies.google.com/?hl=de.
6.8. Integration of External Map Material
We include map material in our app via Google Maps and Apple Maps APIs. In order for the map to be displayed, your IP address and your location are transmitted to Google Maps. The integration is based on Art. 6 (1) para. 1 lit. f DSGVO and, if applicable, your consent according to Art. 6 (1) para. 1 lit. a DSGVO. It is done to make our app more user-friendly and interesting. This constitutes a legitimate interest within the meaning of the aforementioned provision.
Further information on data protection in connection with Google Maps and Apple Maps API can be found here:
Google Maps: https://privacy.google.com/intl/de/index.html
Apple Maps: https://www.apple.com/de/privacy/
6.9 Sentry (Crash Reporting)
We use the services of Sentry, 45 Fremont Street 8th Floor San Francisco, CA 94105, to detect, analyze, and troubleshoot errors in the app. We receive crash reports for this purpose. This involves collecting information about the device used and how our app was used (e.g., the timestamp, when the app was launched, and when the crash occurred), which allows us to diagnose and resolve issues. The processing of this data is necessary for us to further improve the stability and security of the app and is based on our legitimate interest (Art. 6 para. 1 p. 1 lit. f DSGVO).
6.10. Prevention of Prohibited Content (Sightengine and Report Button)
We use the services of Sightenginge, 16 bis rue d’Odessa, 75014 Paris, France, to check the appropriateness of photos that users of our app upload as profile pictures or into their gallery. In this way, we aim to prevent prohibited content from being uploaded. “Prohibited content” included, in particular, photos that glorify violence or alcohol and drug, or photos that are pornographic. The security of the uploaded photos is also checked. The security scan of photos that are to be uploaded and that may show natural persons serves the security of our app and the protection of other users of the app. It is based on our legitimate interest (Art. 6 (1) lit. f GDPR).
6.11 Websites Dritter
It is possible for users to embed website links in the app. When you call up the website links, you leave our app and your device's browser establishes a direct connection with the servers of the respective website. The respective privacy policies of this website then apply.
- Contact Form and Newsletter
We process your personal data when you use our contact form. If you contact us via the contact form provided, your data will be stored in order to answer your inquiry. The legal basis is either the fulfillment of a contractual obligation or our legitimate interest in providing a contact form (Art. 6 (1) lit. b GDPR or Art. 6 (1) lit. f GDPR). You are neither obliged to contact us via the contact form nor to provide personal data. If you do not provide your personal data, we may not be able to process your request. Otherwise, there will be no consequences for you. If you would like detailed information on the balance of interests, please contact us via one of the contact options listed under section 1.
If you register for our newsletter, we process your e-mail address and send you a confirmation e-mail with a confirmation link that you must click on to subscribe to our newsletter. You can cancel the newsletter at any time and object to it at any time. You will find a possibility to declare your objection in every newsletter that we send you. The data protection justification for sending the newsletter is based on your consent (Art. 6 para. 1 p. 1 lit. a GDPR). For sending the newsletter, we use Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, as a processor in accordance with Art. 28 GDPR. The newsletter solution from Sendinblue GmbH is hosted in data centers in Germany. However, Sendinblue GmbH has affiliated companies in unsafe third countries (in particular the USA and India), to which data may be transferred (see section 9 on data transfers outside the EEA).
- Website Protection
To prevent unauthorized access to your data by third parties, we are guided by the latest technical and organizational possibilities. We therefore also use SSL encryption for all our areas to ensure the best possible data security. However, we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. We can therefore unfortunately not guarantee complete protection of data against access by third parties.
- Transfer to Third Parties and to States Outside the European Economic Area
Your personal data will only be transferred to third parties if this is permitted by law or if you have given your prior consent. We will only pass on your data to state authorities within the scope of legal obligations or on the basis of an official order or court decision.
With the exception of the processing described in sections 3, 4, 6.5 – 6.9 and 7 (newsletter) we do not pass on your data to recipients based outside the European Union or the European Economic Area. The processing operations described in sections 3, 4, 6.5 – 6.9 and 7 (newsletter) result in data being transferred to the servers of the providers commissioned by us. Some of these servers are located in the USA. If the servers are located in Europe, it cannot be completely ruled out that data may nevertheless be transferred to the USA because the providers are US providers or have affiliated companies in the USA or other unsafe third countries. The data transfer takes place on the basis of so-called standard contractual clauses of the EU Commission.
We would like to point out that the USA is not a safe third country in the sense of EU data protection law. In certain cases, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
- Automatic Deletion, Deletion Period
We delete your personal data as soon as they are no longer required for the aforementioned purposes of processing, in the event of an objection where there are no compelling reasons worthy of protection or in the event of revocation where there is no other legal basis for processing. In certain cases, e.g. if there is a legal obligation to retain data, your personal data will initially be blocked and deleted upon expiry of the retention period.
- Your Rights
As a data subject, you have the right to obtain confirmationas to whether personal data relating to you is being processed by us and, if so, the right to obtain information about such personal data (Art. 15 GDPR), the right to have your inaccurate data corrected (Art. 16 GDPR), the right to have your data by deleting (Art. 17 GDPR) and the right to have your data restricted (blocked) (Art. 18. GDPR).
In addition, in the event of processing on the basis of Art. 6 (1) lit. e or lit. f of the GDPR, you may object to the processing (Art. 21 GDPR), whereby you must provide a specific reason, except in the case of direct marketing.
If you have provided this data, you can request the transfer of the data (Art. 20 GDPR). Whether and to what extent these rights exist in individual cases and under what conditions they apply is specified by law in the designated standards. If the processing is based on consent within the meaning of Art. 6 (1) lit. a GDPR, you may revoke this consent at any time for the future (Art. 7 (3) GDPR). You also have the right to contact the competent data protection supervisory authority (Art. 77 GDPR).
- No Automated Individual Decision
We do not use your personal data for automated individual decisions within the meaning of Art. 22 (1) GDPR.