Language
Status: January 2025
Protecting your personal data and privacy is extremely important to us. That is why we want to offer you complete transparency regarding the processing of your personal data (GDPR) as well as regarding the storage of information on your device and access to information (TDDDG). Because only if the processing of personal data and information is comprehensible to you as the data subject, are they sufficiently informed about the scope, purposes and benefits of the processing. This privacy policy applies to all processing of personal data carried out by us and to the storage of information on your devices or to access such information. In other words, both as part of providing our services in our services and within external online presences, such as our social media fan pages.
Responsible within the meaning of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other data protection requirements is
Mone Wealth GmbH
Dorotheenstraße 76
22301 Hamburg
email: hello@moneten.app
Hereinafter”person responsible“or”we“called.
Personal data is individual information about the personal or factual circumstances of a specific or identifiable natural person.
Individual details about personal or factual circumstances include:
We process personal data within the limits permitted by law. This means that data processing operations are based on a legal basis. These are standardized in Article 6 (1) GDPR. Most data processing is based on a legitimate interest on our part (Art. 6 para. 1 lit. f DSGVO), on processing processes necessary to execute the contract (Art. 6 para. 1 lit. b GDPR) or on the basis of consent given by you (Art. 6 para. 1 lit. a GDPR). In the latter case, you will be notified separately (e.g. via a consent banner) of the consent process.
We only process personal data for clear purposes (Article 5 (1) (b) GDPR). As soon as the purpose of processing ceases to apply, your personal data will be deleted or protected by technical and organizational measures (e.g. pseudonymization).
The same applies to the expiry of a prescribed storage period, subject to cases in which further storage is necessary to conclude or fulfill a contract. In addition, there may be a legal obligation to store it for a longer period of time or transfer it to third parties (in particular to law enforcement agencies). In other cases, the storage period and type of data collected as well as the type of data processing depend on which functions you use in each individual case. We are also happy to provide you with information about this on a case-by-case basis, in accordance with Art. 15 GDPR.
Data categories include in particular the following data:
In accordance with legal requirements and taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing as well as the different probabilities of occurrence and the extent of the threat to your rights and freedoms, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring that your data is stored and processed confidentially, with integrity and available at all times. The security measures we implement also include controls over access to, input, transfer, ensuring availability and separation from data from other natural persons. We have also set up procedures that ensure the exercise of data subject rights (see section 5), the deletion of data and responses in the event of a threat to your data. In addition, we take the protection of personal data into account when developing our software and through processes that comply with the principle of data protection through technology design and through privacy-friendly default settings.
As part of our processing measures for your personal data, this data may be transmitted or disclosed to other bodies, companies, legally independent organizational units or persons. These third parties may include payment institutions as part of payment transactions, service providers commissioned with IT tasks, or providers of services and content that we have integrated into our services. Should we transfer or disclose your personal data to third parties, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
If this privacy policy states that we transfer your personal data to a third country, i.e. a country outside the EU or outside the EEA, the following applies.
Should we process your data in a third country or should the processing take place in a third country as part of the use of third-party services, this will only be done in accordance with legal requirements.
Furthermore, a transfer to third countries usually only takes place with your express consent. Regardless of whether this exists or not, we guarantee that we have a contractual or legal authorization to transfer and process your data in the relevant third country. In addition, we only have your data processed by service providers in third countries which, in our opinion, have a recognized level of data protection. This means that there is, for example, a corresponding adequacy decision between the EU and the country in which we transfer your personal data. An “adequacy decision” is a decision adopted by the European Commission in accordance with Article 45 GDPR, which determines that a third country (i.e. a country that is not bound by the GDPR) or an international organization provides an adequate level of protection for personal data. Alternatively, for example if there is no agreement, a third-country transfer only takes place if, for example, there are contractual obligations between us and the service provider in the third country through so-called standard contractual clauses of the EU Commission and further technical security measures have been taken which guarantee an adequately equal level of protection to that in the EU or if the service provider in the third country can demonstrate data protection certifications and your data is only processed in accordance with internal data protection regulations (Art. 44 to 49 GDPR. Information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
As part of the so-called “Data Privacy Framework” (”DPF“), the EU Commission has recognized the level of data protection as secure for certain companies from the USA as part of the adequacy decision of 10.07.2023. A list of certified companies and further information about the DPF can be found on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/ Remove (in English). As part of this privacy policy, we will inform you which services we use are certified under the Data Privacy Framework.
The use of our services, with all their functions, involves the processing of personal data. We will explain to you exactly how this happens here.
Accessing our services for purely informational purposes requires the processing of the following personal data and information: browser type and browser version, operating system used, address of previously visited websites, IP address of the device with which you access our services and the time you accessed our services. All this information is automatically transmitted by your browser unless you have configured it to suppress transmission of the information.
This personal data is processed for the purpose of functioning and optimising our services, as well as to ensure the security of our information technology systems. These purposes are also legitimate interests under Article 6 (1) (f) GDPR, meaning that processing is carried out on a legal basis.
In addition to using our services for purely informational purposes, you have the option of registering for our services and using our entire range of services. Our services enable you and your users to select various services and access the content they contain.
This use of our services may require the processing of personal data and information in the manner set out in this Section 3.
Some processing steps can also be carried out by third parties. Data processing by third-party providers is carried out in accordance with the relevant data protection declarations. Data processing with third parties may involve order processing within the meaning of Article 28 GDPR. This is subject to strict legal requirements, which we comply with as part of our contractual agreements with our contract processors.
Use during or after registration and login and the associated data processing processes may differ from purely informational use. This data associated with your profile is collected for the purpose of verifying your status and the associated fulfilment of our contractual obligations to you. These are legitimate purposes in accordance with Article 6 (1) (b) GDPR. Should your consent be required for the processing process, we will obtain this from the appropriate point (e.g. via the opt-in option as part of a consent banner when using our service for the first time). We will be happy to answer any further questions you may have as part of your right to information in accordance with Article 15 (1) GDPR.
In order to use our services, you must first log in. We then create a user profile to which the specific information can be assigned. There are various ways to register. You can log in with your email address, use the single sign-on process, or use a guest account first. We use Google Firebase Authentication to complete the registration process. The recipient of the data is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. This data processing is necessary for contract initiation and contract execution in accordance with the registration process you have chosen. The legal basis for data processing is therefore Article 6 (1) (b) GDPR.
Login with email address and guest account
When you log in with your email address or use our services via a guest account, an individual ID is first generated for your device and stored together with your IP address and, in the case of an email login, with your email address and password.
Login with single sign-on
If you use the single sign-on process (SSO), you can easily log in to us using your Google, Facebook or Apple account. The process first generates an individual ID for your device and stores it together with your IP address. The next step is to transfer your login name and password to the third party provider you have chosen. As a result, the third-party provider learns that you are using our services and can associate this information with your local user profile. After verification, we receive a token together with your login name, which confirms that you have an account with the respective third-party provider with the specified login details. In addition, third-party providers usually transmit further basic information about your local user profile via Google Firebase Authentication. This data is stored by Google Firebase due to the system. We have no influence on whether and which information is transmitted to us. For more information, contact the respective third party providers:
Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland:
https://policies.google.com/privacy?hl=de.
Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland:
https://www.apple.com/de/privacy/.
Meta Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland:
https://www.facebook.com/privacy/policy/.
We process your personal data that you provide to us when you contact us for the purpose of answering your request, email or request to call you back. Processed data categories include master data, contact data, content data, usage data, connection data and, if applicable, contract data. In individual cases, we forward this data to companies affiliated with us, or third parties that we commission to process orders. The legal basis for processing depends on the purpose of the contact. By submitting your request via the contact form or by contacting us by e-mail, you declare that you would like answers or information on specific topics. You also leave your data for this purpose. We will answer your request as requested and process your data for this purpose. The right to process your data is therefore based on Art. 6 para. 1 lit. b DSGVO, as we process it to answer your request and thus to fulfill the contract relating to this.
In our services, we give you the opportunity to get in touch with other users via integrated chat and message functions, exchange ideas and, if necessary, initiate and conclude contracts. Processed data categories include master data, contact data and, if applicable, content data, contract data and payment data. We transfer this data to the person you have contacted insofar as you authorize the transfer of data yourself or as you integrate this data into your messages yourself. We also receive information about when and who was contacted via our chat and message functions. Furthermore, the personal data you provide is transmitted to us by your browser and stored in our information technology systems. Your IP address and time of registration are also stored.
The processing processes associated with the use of our chat and message systems serve the purpose of being able to assign usage processes and enable you to access the entire range of our services. The use of the chat and message functions is an essential part of our services, which is why the processing of your data serves the purpose of executing the contract and is therefore necessary in accordance with Article 6 (1) (b) GDPR.
The storage of the IP address and time of use of our chat and message functions is necessary to ensure the security of our information technology systems. This is also our legitimate interest, which is why processing is also lawful under Article 6 (1) (f) GDPR.
The personal data you have entered will be stored until your profile is deleted by us, and furthermore only as long as processing is necessary to fulfill any contract.
A transfer of data to other third parties is not intended.
With our services, we give you the opportunity to view and comment on the publications of other users and to publicly contact others. Processed data categories include master data, possibly contact data and, if applicable, content data. We publish this data in our publicly accessible areas. Furthermore, the personal data you provide is transmitted to us by your browser and stored in our information technology systems. Your IP address and time of registration are also stored.
The processing operations associated with the community function serve the purpose of being able to communicate with others about our services and their possible uses and enable you to access the entire range of our services. The use of the community function is an essential part of our services, which is why the processing of your data serves the purpose of executing the contract and is therefore necessary in accordance with Art. 6 para. 1 lit. b GDPR.
The storage of the IP address and time of use of our community function is necessary to ensure the security of our information technology systems. This is also our legitimate interest, which is why processing is also lawful under Article 6 (1) (f) GDPR.
The personal data you have entered will be stored until your profile is deleted by us, and also only as long as processing is necessary to fulfill any contract and as far as it is technically possible.
A transfer of data to other third parties is not intended.
We offer various payment methods to process payment claims. For this purpose, we integrate the payment service providers described below. We do this for the purpose of providing our services properly and in line with requirements. Processed data in this context includes usage data, connection data, master data, payment data, contact data or even contract data, such as account numbers or credit card numbers, passwords, TANs and checksums as well as contract, sum and recipient-related information. The information is required to carry out the transactions. The data entered will only be processed by payment service providers and stored by them. We do not receive any account or credit card information, but only information about the confirmation or negative information of the payment. Payment service providers may transfer your data to credit agencies. The purpose of this transfer is to verify identity and credit. In this regard, we refer to the terms and conditions and the data protection information of the payment service providers. The legal basis for using payment service providers results from Art. 6 para. 1 lit. b GDPR. We can only provide the services promised to you with our services and thus the fulfilment of our contractual obligations if we use third parties, such as payment service providers, to process payment transactions. We have concluded an order processing contract with each of the payment service providers so that the security of the processing of your data is guaranteed at all times.
Revenue Cat
We use the payment service provider Revenue Cat, Inc., based in 633 Tarava St. Suite 101, San Francisco, CA 94116 USA (hereinafter “Revenue Cat”). If you make app or in-app purchases or payment transactions in our services, payment is processed by the technical service provider Revenue Cat, to whom we pass on the information you provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. Should your data be transferred to a third country (e.g. the USA), this is only done in individual cases, on the basis of an order processing agreement concluded with Revenue Cat and in accordance with standard contract clauses agreed with Revenue Cat and other security measures approved by the GDPR, which ensure the security of the processing of your personal data with a level of protection that is identical to that in the EU, in particular on the basis of the EU-US Data Privacy Framework (DPF). Your data will only be shared for the purpose of processing payments with Revenue Cat and only to the extent necessary for this purpose. For more information about Revenue Cat's privacy policy and AVV, please visit the following Internet address: https://www.revenuecat.com/privacy/ as well as under https://www.revenuecat.com/dpa/.
In order to be able to provide you with our services, we use the services of a web hosting provider, Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen. Our services are retrieved from the servers of this web hosting provider. For these purposes, we use the infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services from the web hosting provider.
The processed data includes all such data that you enter as part of your use and communication in connection with your visit to our services or that is collected by you (e.g. your IP address). Our legal basis for using a web hosting provider to provide our services results from Art. 6 para. 1 lit. f DSGVO (legitimate interest).
The web host services we use may also include sending, receiving and storing emails. For these purposes, the addresses of the recipients of your emails and the senders as well as further information regarding email delivery (e.g. the providers involved) and the content of the respective emails are processed. The above data is processed, among other things, for the purpose of detecting SPAM. E-mails are generally not sent in encrypted form on the Internet. As a rule, emails are encrypted during transport, but (unless end-to-end encryption is carried out) not on the servers from which they are sent and received. We can therefore assume no responsibility for the transmission path of emails between the sender and receipt on our server. Our legal basis for using a web hosting provider to receive and send emails results from Art. 6 para. 1 lit. f DSGVO (legitimate interest).
We ourselves (or our web hosting provider) collect data every time we access the server (server log files). The server log files may include the address and name of the retrieved services and files, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, your operating system, referrer URL (the previously visited page) and usually IP addresses as well as the requesting provider.
The server log files can be used, on the one hand, for security purposes, e.g. to avoid server overloading (especially in the case of abusive attacks, so-called DDoS attacks) and, on the other hand, to ensure server load and stability. Our legal basis for using a web hosting provider to collect access data and log files results from Art. 6 para. 1 lit. f DSGVO (legitimate interest).
To ensure a smooth technical process and optimal user-friendly use of our services, we use the following services:
We use various services to function our services, to measure their usage and for related marketing purposes. These services consist primarily of services provided by Google Firebase technology. In the following, we will show you which services are functionally necessary and which services help us to analyze your usage behavior. The use of the functionally necessary services is covered by the legal basis of Art. 6 para. 1 lit. b DSGVO (for contract performance) or by the legal basis of Art. 6 para. 1 lit. f GDPR (based on our legitimate interest). To use statistics and marketing services, we obtain your active consent (opt-in) in accordance with Article 6 (1) (a) GDPR so that we can use them. If this consent is not given to us, or should it be withdrawn, we will not use these services.
Functionally necessary services
The following services are required for our services to work.
Cloud Storage recipient of the corresponding data is Google Ireland Ltd., Gordon House, Barrow Street Dublin 4 Ireland. Should Google transfer this data to a third country (e.g. the USA), this will only be done in individual cases, on the basis of an order processing agreement concluded with Google and in accordance with standard contract clauses agreed with Google and other security measures approved by the GDPR, which ensure the security of the processing of your personal data with a level of protection that is identical to that in the EU, in particular on the basis of the EU-US Data Privacy Framework (DPF).
Statistics and marketing services
The following services are not necessary for our services to function, but they are used by us to evaluate the usage behavior of our services and to derive appropriate improvement and/or marketing measures.
The recipient of the data here is also Google Ireland Ltd., Gordon House, Barrow Street Dublin 4 Ireland. Should Google transfer this data to a third country (e.g. the USA), this will only be done in individual cases, on the basis of an order processing agreement concluded with Google and in accordance with standard contract clauses agreed with Google and other security measures approved by the GDPR, which ensure the security of the processing of your personal data with a level of protection that is identical to that in the EU, in particular on the basis of the EU-US Data Privacy Framework (DPF).
With your consent (regularly by subscribing), we will send you newsletters, emails and other electronic notifications (hereinafter “newsletter”). Our newsletters usually contain technical, commercial and advertising information about our services.
To subscribe to our newsletter, it is generally sufficient to provide your e-mail address. If necessary, we may ask you to provide additional information, such as name, etc.
Registration for our newsletter is always carried out in a so-called double opt-in procedure. After signing up for our newsletter, you will therefore receive an email asking you to confirm your subscription by clicking on a confirmation link. This confirmation is necessary to prevent someone else from signing up for a newsletter with your email address. We log newsletter registrations for the purpose of being able to prove the registration process in accordance with legal requirements. For this purpose, we save the time of registration and confirmation as well as your IP address. Changes to your data stored with the shipping service provider are also logged.
You can unsubscribe from our newsletter at any time. To do this, simply click on the “Unsubscribe” button, which is included in the footer of every newsletter. Should you unsubscribe from our newsletter, your email address may be stored for up to three years on the basis of our legitimate interests before we delete it so that we can prove your previous consent.
Insofar as we commission a service provider to send emails, this is done on the basis of our legitimate interests in an efficient and secure delivery system.
Our newsletters contain a so-called “web beacon”. A web beacon is a pixel-sized file that is retrieved from our server when the newsletter is opened (or from their server when using a shipping service provider). As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, is first collected.
This information is used to technically improve our newsletter based on technical data or target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our aim nor, if used, that of the shipping service provider to observe individual users. Rather, the evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Subject to the express consent of the users, the evaluation of the newsletter and the performance measurement are based on our legitimate interests for the purpose of using a user-friendly and secure newsletter system, which serves both our business interests and meets the expectations of users.
The legal basis for sending newsletters and thus also for the use of web beacons is your consent, provided that you have given us this by subscribing to the newsletter and therefore results from Art. 6 para. 1 lit. a GDPR. If you have not given us your consent to send newsletters, we will not (anymore) send you newsletters. This also automatically eliminates the use of web beacons.
Brevo
We use Brevo's services to send newsletters. Brevo is a service that, among other things, can be used to organize and analyze the sending of newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. The data you enter to subscribe to the newsletter (e.g. email address) is stored on Brevo's servers. Our newsletters sent with Brevo enable us to analyze the behavior of newsletter recipients. Among other things, it is possible to analyze how many recipients have opened the newsletter message and how often which link in the newsletter was clicked on. All links in the email are so-called tracking links, which can be used to count your clicks. If you do not want an analysis by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also withdraw your consent at any time with effect for the future by sending an e-mail to the address given in our legal notice. The data you have provided to us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and Brevo servers after you unsubscribe from the newsletter. Data that we have stored for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this. For more information, please see Brevo's privacy policy at: https://www.brevo.com/de/datenschutz-uebersicht/ as well as https://www.brevo.com/de/legal/privacypolicy/. The data entered in the newsletter subscription form is processed on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can withdraw your consent to the storage of the data, the e-mail address and their use to send the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
We maintain fan pages on the websites of the Internet's social networks and process personal data in order to communicate with users active there or to offer information about us. We would like to point out that your data may be processed outside the European Union when you visit our fan pages. The operators of the respective social networks are responsible for this. A detailed description of the respective forms of processing and the options for objection (e.g. opt-out) can be found in the data protection declarations of the operators of the respective social networks.
We run a so-called Facebook fan page about our company on Facebook. When you visit the Facebook fan page, Facebook can evaluate your usage behavior and share information with us from this (“insights”). The page insights are used for the purpose of economic optimization and needs-based design of our services. Processed data categories may include master data, possibly contact data, content data, usage data, connection data. The recipient of the data is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, as a joint controller in accordance with Article 26 GDPR. The legal basis for processing the data in accordance with the provisions set out here results from our legitimate interest and thus from Article 6 (1) (f) GDPR.
Facebook is responsible for implementing your rights as a data subject. Facebook will inform you about your rights as a data subject at: https://www.facebook.com/legal/terms/information_about_page_insights_data. You can also assert your rights against us, and we will immediately forward your request to Facebook.
We run a so-called Instagram fan page about our company on Instagram. When you visit the Instagram fan page, Meta can evaluate your usage behavior and share information with us from this (“insights”). The page insights are used for the purpose of economic optimization and needs-based design of our website and services. Processed data categories may include master data, possibly contact data, content data, usage data, connection data. The recipient of the data is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, as a joint controller in accordance with Article 26 GDPR. The legal basis for processing the data in accordance with the provisions set out here results from our legitimate interest and thus from Article 6 (1) (f) GDPR.
Meta is responsible for implementing your rights as a data subject. Meta will inform you about your rights as a data subject at: https://privacycenter.instagram.com/policy. You can also assert your rights against us, and we will immediately forward your request to Meta.
Should we use external service providers to process your data, we will carefully select and commission them. Should the services provided by these service providers involve order processing within the meaning of Article 28 GDPR, the service providers are bound to our instructions and are regularly checked. Our order processing contracts comply with the strict requirements of Article 28 GDPR and the requirements of the German data protection authorities.
If your personal data is processed, you are a data subject within the meaning of the GDPR and, as a user, you have the following rights vis-à-vis the person responsible:
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us.
If there is such processing, you can request the following information from the person responsible:
You have the right to correct and/or complete the data controller if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
You can request that the processing of personal data concerning you be restricted under the following conditions:
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the person responsible before the restriction is lifted.
5.4.1. You can request that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
5.4.2. If the person responsible has made the personal data concerning you public and is obliged to delete it in accordance with Article 17 (1) GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data controllers who process the personal data that you, as a data subject, have deleted all links to this personal data or copies or replications of this has requested personal data.
5.4.3. The right to deletion does not exist insofar as processing is necessary
If you have asserted the right to correct, delete or restrict processing against the person responsible, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right vis-à-vis the person responsible to be informed about these recipients.
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data has been provided, provided that the processing is based on consent in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or on a contract in accordance with Article 6 (1) (b) GDPR and the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected as a result.
The right to data portability does not apply to processing of personal data that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible.
For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data concerning you, which is carried out on the basis of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
The controller will no longer process your personal data unless he can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
Notwithstanding Directive 2002/58/EC, you have the option to exercise your right of objection in connection with the use of information society services by means of automated procedures using technical specifications.
You have the right to withdraw your data protection consent at any time. Withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the withdrawal.
The processing is lawful until you withdraw your consent — the revocation therefore only has effect on the processing after receipt of your withdrawal. You can declare your withdrawal informally by post or email. Your personal data will then no longer be processed, subject to permission by another legal basis. If this is not the case, your data must be deleted immediately after the withdrawal in accordance with Article 17 (2) GDPR. Your right to withdraw your consent subject to the above conditions is guaranteed.
Your cancellation must be addressed to:
Mone Wealth GmbH
Dorotheenstraße 76
22301 Hamburg
email: hello@moneten.app
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
Automated decisions in individual cases, including profiling, are not made.
Should your personal data have been disclosed to other recipients (third parties) for legal reasons, we will inform them of any correction, deletion or restriction of the processing of your personal data (Art. 16, Art. 17 para. 1 and Art. 18 GDPR). The notification requirement does not apply if it involves a disproportionate effort or is impossible. We will also inform you about the recipients upon request.