Data Privacy
This privacy policy (hereinafter referred to as "privacy policy") describes the principles according to which Slimpeak AG (hereinafter referred to as "Slimpeak", "we" or "us" or "the controller") processes personal data collected and generated via our website https://www.tapkeen.com and our mobile application Tapkeen (hereinafter referred to as "website(s)") or in any other way through the use of our services. In particular, it informs you about what personal data (hereinafter referred to as "personal data" or "data") we collect, for what purposes it is processed, to whom it may be disclosed, how long we store it, and what rights and options you have in connection with the use and deletion of your personal data. "Personal data" is any information about an identified or identifiable natural person, e.g., name, address, email address, online identifier, or telephone number. Whether and to what extent this constitutes personal data within the meaning of the Data Protection Act depends on each individual case. "Processing" means any handling of personal data, such as collection, storage, retention, disclosure, or deletion.
This privacy policy applies insofar as the processing activities are not subject to other privacy policies or are provided for by applicable law. Please read this privacy policy carefully and note that it may change from time to time. We therefore recommend that you review this privacy policy regularly to ensure that you are always familiar with the latest version. By using our services, you consent to the collection and processing of your personal data in accordance with this privacy policy.
If you provide us with personal data relating to other individuals, please only do so if you are authorized to do so in accordance with applicable data protection laws and only if the other individual has consented to you providing us with their personal data for the purposes of data collection and processing in accordance with our privacy policy.
The terms used are not gender-specific.
The person responsible for processing personal data in accordance with this privacy policy is:
Slimpeak Ltd
Seestrasse 41
8800 Thalwil, Switzerland
Email: info@tapkeen.com
Imprint: https://slimpeak.com/impressum.html
Slimpeak determines the purposes and means of processing your personal data and is therefore responsible for the processing and use of your personal data in accordance with this privacy policy. If you have any questions or concerns regarding this privacy policy or the processing of your personal data, please contact us by email at info@tapkeen.com.
All personal data collected via the website or by other means will be processed in accordance with the provisions of the Swiss Data Protection Act and the European General Data Protection Regulation (GDPR). The General Data Protection Regulation has established itself worldwide as the standard for strong data protection. However, whether and to what extent the GDPR applies depends on each individual case.
We collect and process personal data carefully and for the purposes described in this privacy policy. In accordance with applicable law, we may also use your personal data in ways other than those described in this privacy policy. In this case, we will provide specific privacy statements or notices at the time of collection and, where necessary, obtain your consent.
3.1. Accessing our websites
Slimpeak collects and stores personal data that your browser automatically transmits to us in "server log files" when you visit our websites. This may include the following personal data:
- Browser type and browser version;
- Operating systems used;
- Referrer URL (the previously visited website);
- Hostname of the accessing computer;
- Date and time of the server request;
- Internet Protocol Address (IP address);
- Amount of data transferred;
- Other similar personal data and information used for security purposes in the event of attacks on our IT systems.
This personal data is not combined with personal data from other sources. It is stored by us for a short period of time and deleted within six months.
For information on our data processing in connection with the use of cookies, please refer to section 3.8.
We will process this personal data for the secure operation and administration of our websites or for the legitimate purposes arising from the circumstances. This may include the following purposes:
- to establish a connection with our server;
- to ensure stability and uninterrupted system security;
- to protect and secure our systems, and
- for statistical purposes in the event of attacks on the network infrastructure on which the websites are made available.
Data processing is carried out on the basis of our legitimate interests (Art. 6 (1) (f) GDPR) for the aforementioned purposes of the proper and secure functioning and administration of our websites, as well as your consent to use our websites (Art. 6 (1) (a) GDPR).
3.2. Inquiries, customer service, and communication management
We collect personal data that you provide to us via the websites or otherwise by sending a message to our contact address, e.g. by email, letter, telephone, or other means of communication. This may include the following personal data:
- Last name, first name, address, email address, phone number, other information about you;
- Your message, communication, or inquiry.
The provision of this personal data is always voluntary, based on your consent or within the framework of a possible future contractual relationship with us. Please note that without the provision of the necessary personal data, we will not be able to advise you or provide you with the desired and required quality of service.
We will use the personal data you provide to process and respond to your request or for legitimate purposes arising from the circumstances. This may include the following purposes:
- To best answer your questions or requests regarding our services, to ask you questions, and to provide you with additional information related to our services that is tailored to your request or interests;
- To communicate with you (e.g., about our services) and provide you with the best possible information and customer service you need from us before, during, or after the termination of a contract;
- To comply with legal or other regulatory requirements and internal regulations;
- To establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings;
- For other lawful purposes, if this processing arises from the circumstances or was specified at the time of collection;
Data processing takes place in advance of a possible conclusion of a contract with you and/or for the establishment and execution of a contract with you (Art. 6 (1) (b) GDPR) and our legitimate interests (Art. 6 (1) (f) GDPR) in offering you an optimal and user-friendly service.
3.3. Tapkeen as a cloud service
We collect personal data that you provide to us via the websites or otherwise by sending a message to our contact address, e.g. by email, letter, telephone, or other means of communication. This may include the following personal data: https://www.hetzner.com/; Privacy Policy: https://www.hetzner.com/legal/privacy-policy/. When using Tapkeen, personal data is transmitted to Hetzner and stored there (see section 5).
We collect personal data when you use Tapkeen's features, e.g. by posting, uploading photos, videos, texts, links, or other file formats, sharing with other users, commenting, donating Keencoins, or exchanging them for money (see sections 3.5. and 3.6.), sending in-app messages to other users, following someone, managing your finances, or otherwise using our services. This may include the following personal data:
- Last name, first name, address, email address, photos, videos, text, links, hashtags, usage data (websites visited, interest in content, access times); metadata (e.g., device information, IP addresses); Your financial data (e.g., Keencoins purchased, Keencoins received, Keencoins invested, or Keencoins to be paid out), your financial history, other information about you;
- Your post, like, message, notification, or inquiry.
The disclosure of this personal data is always voluntary, based on your consent or within the framework of a possible future contractual relationship with us, e.g. if you wish to purchase or exchange Keencoins (see sections 3.5. and 3.6.).
We process personal data in order to fulfill the feature you have selected or for legitimate purposes arising from the circumstances. This may include the following purposes:
- To share content with the community;
- To increase your visibility;
- To build a community and exchange ideas with like-minded people;
- So that you can communicate with other users (e.g., via posted content);
- For storing documents, photos, videos, and other file formats;
- To purchase or donate Keencoins;
- For statistical and analytical purposes to develop new and/or improve existing products and services;
- To comply with legal or other regulatory requirements and internal regulations;
- To establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings;
- For other lawful purposes, if this processing arises from the circumstances or was specified at the time of collection.
Data processing is carried out on the basis of your consent (Art. 6 (1) (a) GDPR), for the performance of a contract (Art. 6 (1) (b) GDPR) and based on our legitimate interests (Art. 6 (1) (f) GDPR) in the efficient, secure, and user-friendly use of Tapkeen.
3.4. Registration, login, and management of user account and profile
If users wish to use Tapkeen's features, they must create a user account. During registration, users are informed of the required mandatory information, which is processed for the purpose of providing the user account on the basis of contractual obligation fulfillment. The personal data processed includes, in particular, the following:
- Login information with username, password, and email address.
- Meta/communication data (e.g., device information, IP addresses, date and time of registration or login)
- Profile data such as inventory data (e.g., names, addresses); messages (messages created and received with other users); financial data; payment data (e.g., bank details, invoices, payment history); contract data (e.g., subject matter of the contract, term, user category); usage data (e.g., websites visited, interest in content, access times); settings data (such as passwords, privacy settings, language, blocked accounts, hashtags followed).
The provision of this personal data is always voluntary, based on your consent to create a user account with us or to enter into a contract for the use of the user account and the features you have selected. Please note that without the provision of this information, the requested service for which the information is required cannot be provided or cannot be provided in the desired quality.
When you use our registration and login functions and your user account, we store your IP address and the time of the respective user action. This storage is based on our legitimate interests and those of our users in protecting against misuse and other unauthorized use (Art. 6 (1) (f) GDPR).
Users can be informed by email about processes that are relevant to their user account, such as technical changes. Users can change the privacy settings of their profile at any time and decide with whom they want to share their profile and/or activities (such as posts) (e.g., sharing with the public or only with contacts).
We will use the personal data collected from you to provide the services you have requested in the best possible way, which may include the following purposes:
- To log in and out of your user account;
- To manage your profile data and account settings;
- To secure your login;
- To use Tapkeen features;
- For other lawful purposes, provided that this processing arises from the circumstances or was specified at the time of collection.
These purposes form the legal basis for our legitimate interests (Art. 6 (1) (f) GDPR) in order to offer you an optimal service or in the run-up to a possible conclusion of a contract with you and/or for the establishment and execution of a contract with you (Art. 6 (1) (b) GDPR).
When customers cancel their customer accounts, the personal data relating to the customer account will be deleted, unless its retention is required for legal reasons (see section 8). It is the responsibility of users to back up their personal data upon termination of their customer account and to cash out any Keencoins credit in fiat currency (see our Terms of Service at: https://tapkeen.com/terms-and-conditions).
3.5. Payment Services - Buying Keencoins
Tapkeen offers users the opportunity to purchase Keencoins for content, donate them for selected content, and exchange them back into real currency (see section 3.6.). To this end, we offer you an efficient and secure payment option and use banks, credit institutions, and other service providers (collectively referred to as “payment service providers”). The following personal data is collected and processed for payment processing:
- Inventory data (e.g., names, addresses); payment data (e.g., bank details, invoices, payment history); contract data (e.g., subject matter of the contract, term, customer category); Usage data (e.g., websites visited, interest in content, access times); Meta/communication data (e.g., device information, IP addresses); Passwords, TANs, and checksums, as well as contract, sum, and recipient-related information;
- The desired number of Keencoins.
Please note that without the provision of this personal data, the requested transaction service for which the personal data is required cannot be provided.
As a payment service provider, we use the services of Stripe from Stripe Inc., 510 Townsend Street, San Francisco, CA 94103, USA, for the Android app; website: https://stripe.com; Data privacy: https://stripe.com/privacy and for the Apple app, in-app purchases from Apple Inc. 1 Apple Park Way. Cupertino, CA 95014, USA; website: https://www.apple.com/, Data privacy: https://www.apple.com/legal/privacy/en-ww/, to which the EU standard contractual clauses apply. The servers are also located in the USA. This means that personal data may be transferred to, stored, or processed in the United States (see section 6).
The personal data entered for payment processing is only processed and stored by the payment service providers. This means that we do not receive any account or credit card information, but only information confirming or denying the payment. Under certain circumstances, the payment service providers may transfer personal data to credit agencies. The purpose of this transfer is to verify identity and creditworthiness. For more information, please refer to the terms and conditions and privacy policy of the payment service providers.
Payment transactions are subject to the terms and conditions and privacy policies of the respective payment service providers, which can be accessed on their respective websites or transaction applications. We refer you to these for further information and to assert your rights of withdrawal, information, and other rights as a data subject.
Data processing is carried out on the basis of contract fulfillment (Art. 6 (1) (b) GDPR) and our legitimate interests in efficient, secure, and high-quality payment processing (Art. 6 (1) (f) GDPR).
3.6. Payment services - Payout of Keencoins in real currency - KYC verification
Tapkeen offers users the option of cashing out Keencoins they have earned in real currency. To do so, users must complete KYC (Know Your Customer) verification, otherwise cashouts in real currency will not be possible. The following personal data must be collected and processed for this purpose:
- Inventory data (e.g., last name, first name, address, city); identification data (photo of the front and back of your ID card/passport/driver's license), real-time photo, payment data (e.g., IBAN, bank details, payment amount); Usage data (e.g., websites visited, interest in content, access times); meta/communication data (e.g., device information, IP addresses);
- The Keencoins to be paid out by the user, minus the commission due to Slimpeak;
Please note that without the provision of this personal data, the requested transaction service for which the personal data is required cannot be provided.
Personal data is collected for the following purposes:
- For identification purposes;
- To comply with legal or other regulatory requirements and internal regulations (including anti-money laundering regulations);
- To establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings;
- For other lawful purposes, if this processing arises from the circumstances or was specified at the time of collection;
The terms and conditions and privacy policies of the respective payment service providers (e.g., your bank) apply to the transfer of funds to the payment service provider you have specified. These can be found on the respective websites or transaction applications. We refer you to these for further information and to assert your rights of withdrawal, information, and other rights as a data subject.
Data processing is carried out on the basis of contract fulfillment (Art. 6 (1) (b) GDPR) and our legitimate interests in efficient, secure, and high-quality payment processing (Art. 6 (1) (f) GDPR).
3.7. Electronic notifications
We use your email address, first name, and last name to address you personally when we send you information about our services that is relevant to your user account or may be of interest to you (e.g., for an inquiry as an influencer for Tapkeen). You can unsubscribe from such emails at any time by clicking on the marked link "Unsubscribe from this list" at the end of each email or by contacting us directly by email at info@tapkeen.com.
We may store the email addresses provided for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of a possible defense against claims. In the event of obligations to permanently observe objections, we reserve the right to store the email address in a "block list" for this purpose alone.
These notifications are sent on the basis of your consent, where required by law (Art. 6(1)(a) GDPR), our contract with you (Art. 6(1)(b) GDPR), or our legitimate interests in the efficient, secure, and high-quality use of our services by our users.
3.8. Cookies, plug-ins, and other Google services
a. Cookies - Types
When you access or use the websites, we may place so-called cookies—small text files—or similar tools on your device. We use these cookies to recognize you as a user of the websites, to customize content, to improve the performance of the websites, and to enhance your user experience.
A cookie is primarily used to store information about a user during or after their visit to an online offering. The stored information may include, for example, the language settings on a website, the login status, or the point at which a video was viewed. We also include other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as "user IDs") under the term cookies.
Depending on their function and intended use, the cookies we use can be divided into the following categories:
- Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g., to store logins or other user entries, or for security reasons).
- Functional cookies: These cookies serve a variety of purposes related to the presentation, functionality, and performance of a website, and in particular to improve the visitor's experience and enjoyment of the website. They enable information already entered on a website (e.g., user name, location, or language selection) to be stored and offer visitors improved, more personalized features. Functional cookies are used, for example, to remember things like your login details. These cookies cannot track your movements on other websites.
- Performance cookies: These cookies are used to collect information about how a website is used—for example, how visitors arrived at our website, which pages a visitor opens most frequently, how they navigated during their visit to our website, and whether they received error messages from a page. We may also use these cookies to provide us with certain statistical and analytical information, such as how many visitors came to our website. These cookies are used to monitor the level of activity on the website and improve its performance.
- Marketing and personalization cookies: Cookies are also generally used for reach measurement and when a user's interests or behavior (e.g., viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also referred to as "tracking", i.e., tracking the potential interests of users. If we use cookies or "tracking" technologies, we will inform you separately in our privacy policy or when obtaining your consent.
- Advertising cookies enable us or a third-party provider to display advertisements on our website or on third-party websites featuring products that the user may like, so that the advertising the user sees may be more relevant to the user's preferences or interests (sometimes referred to as "targeting cookies"). They may also be used to evaluate the effectiveness of advertising and promotions.
- Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.
- Persistent cookies: Persistent cookies remain stored even after the browser is closed. This allows, for example, the login status to be saved or preferred content to be displayed directly when the user visits a website again. Similarly, the interests of users, which are used for reach measurement or marketing purposes, can be stored in such a cookie.
These cookies may be placed by us or by a third party on our behalf.
We use cookies based on our legitimate interests to analyze and regularly improve our website, as well as to regularly improve our offering and make it more interesting for you using the statistics obtained. In certain cases, the basis is based on your consent, which is the case, for example, when tracking your surfing behavior on our websites and/or analyzing it. Further information on the cookies we use can be found in our cookie settings in the "Cookie Consent Management Tool", where you can also give or revoke your consent for certain cookies by activating or deactivating them.
b. Google Analytics
These websites use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as Google. Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, is responsible for the European region.
Google Analytics uses cookies. These are text files that are stored on your computer or device and enable analysis of your use of the website. The information generated by the cookie about your use of the websites (such as your IP address, technical information about your browser, the devices you use (e.g., language settings, screen resolution), your user behavior (e.g., clicks, length of stay, bounce rates)) is usually transferred to a Google server in the USA and stored there. We would like to point out that on these websites, Google Analytics has been extended by the code “anonymizeIp” to ensure anonymous collection of IP addresses (so-called IP masking). Through IP anonymization, your IP address is truncated by Google within the member states of the European Economic Area (EEA) and Switzerland. Only in exceptional cases is the full IP address transferred to a Google server in the USA and truncated there.
On our behalf, Google will use this information to evaluate your use of the websites, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
For more information on Terms of Service and data protection, please visit https://www.google.com/analytics/terms/us.html and https://www.google.com/intl/us/policies/.
You can refuse the use of Google Analytics by clicking on "Refuse" on our cookie banner or by adjusting the relevant settings in your browser. Please note, however, that in this case you may not be able to use all the features of the websites. In addition, you can object to the collection and use of data (cookies and IP address) by Google by downloading the browser plugin available at this link (https://tools.google.com/dlpage/gaoptout?hl=en) and installing it.
We use Google Analytics on the basis of our legitimate interests in analyzing and regularly improving our websites, as well as using the statistics obtained to regularly improve our offering and make it more interesting for you. Furthermore, Google Analytics is used on the basis of your consent to the tracking of your surfing behavior on our websites and its analytical evaluation.
c. Google Business Profiles and Google Maps
We use Google Business Profiles for our company so that we are listed on Google Search and Google Maps. These business profiles provide interested parties with information about our opening hours, locations, news, and product portfolio. They also give you the opportunity to write and view reviews about our company and our services.
Google Maps is a map service provided by Google. It allows us to display interactive maps directly on the website and enables you to conveniently use the map function.
By using Google Maps, information about the use of our website, including your IP address, may be transmitted to a Google server in the USA and stored there. Google may transfer the information obtained by Google Maps to third parties if this is required by law or if third parties process this data on behalf of Google.
Google will not associate your IP address with any other data held by Google. Nevertheless, it would be technically possible for Google to identify at least individual users based on the data received. It is possible that data and personality profiles of users of the Google website could be processed for other purposes over which we have no control.
Further information on the purpose and scope of data collection and its processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, can be found at: https://www.google.com/policies/privacy.
The legal basis for processing is your consent (Art. 6 (1) (a) GDPR) based on the information you voluntarily provide for the creation of a route map and our legitimate interests (Art. 6 (1) (f) GDPR) in displaying our location and making it easy to find the location specified on our website.
d. Plug-ins
Plug-ins are small additional programs that extend the functions of web applications and desktop programs. When a plug-in is installed, the respective software usually gains a new function that it did not have before. In this case, plug-ins from the Firebase service are used. Some of these services process users' personal data; others do not. Further information on the Firebase services used, what data they collect, their purposes, and their duration can be found in the list below.
e. List of cookies and plug-ins
Below you will find a list of the cookies and plug-ins we use in our Tapkeen app, including information about their use and expiration.
| Provider | Name | Category / Description | Purpose and Procedure |
|---|---|---|---|
| Firebase Inc. (belongs to Google LLC Group) | Firebase_analytics | Performance Cookie | We use this cookie to measure company performance. It is used to distinguish users and track how they navigate the website in order to improve the user-friendliness and performance of the website. The cookie expires after 12 hours/13 months. |
| Firebase Inc. (belongs to Google LLC Group) | firebase_core | This plug-in does not collect any specific data itself, but initializes Firebase services. | |
| Firebase Inc. (belongs to Google LLC Group) | firebase_auth | This plugin collects personal data such as your email address and password for authentication. When using Google or Apple login, other personal data (e.g., IP address, name, email, phone number, profile picture) may also be collected. | Firebase auth uses the data to enable end-user authentication and facilitate end-user account management. User agent strings and IP addresses are also used to provide additional security and prevent abuse during sign-in and authentication. It stores logged IP addresses for several weeks. It retains other authentication information until the Firebase customer initiates the deletion of the associated user. The data is then removed from live and backup systems within 180 days. |
| Firebase Inc. (belongs to Google LLC Group) | firebase_crashlytics | This plug-in collects technical data such as device ID, app instance ID, platform version (iOS or Android), and crash information (stack traces, logs). | The purpose is to assist in diagnosing problems in the app. It facilitates efficient troubleshooting by grouping crashes and highlighting the circumstances that led to the app's quality issues. |
f. Management of Cookies
If you do not wish to accept these cookies, you can also change your browser settings so that certain cookies are deleted or not stored on your computer or device without your consent. Each browser is different in the way it manages cookie settings. This is usually described in the “Help” menu of each browser. You can find this information for the most common browsers at the following links:
- Internet Explorer: https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies
- Mozilla Firefox: https://support.mozilla.com/en-US/kb/Cookies
- Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DAndroid&hl=en
- Safari: https://support.apple.com/en-us/105082
Please note, however, that by deactivating the cookie function in your browser settings, you may no longer be able to use all the functions of the websites.
3.9. Social Media Buttons
a. Instagram
Our website uses the Instagram social network button, which is provided by Meta Platforms, Inc., 1601 Willow Road Menlo Park, CA 94025, USA.
When you click on the Instagram button, a direct connection is established between your browser and the Instagram or Meta server. Meta receives various data, including information that you have visited our site with your IP address, date and access time, browser type, and device information. If you click on the Instagram button while you are logged into your Instagram account, you can link the content of our pages to your Instagram profile. This allows Meta to associate your visit to our pages with your user account. If you interact with the plug-ins (e.g., use the Like functions), this information is also transmitted directly to a Meta server and stored there. The information is also published on your Instagram profile and displayed to your network friends.
The purpose and scope of data collection and the further processing and use of personal data by Meta, in particular for possible market research and advertising purposes based on your user behavior and the resulting possible user profiles, as well as your rights in this regard and settings options for protecting your privacy, are set out in Meta's privacy policy at: https://about.instagram.com/en-us/blog/announcements/instagram-community-data-policy. Please read the privacy policies of your social networks carefully to obtain detailed information about the collection and transfer of personal data, your rights, and how you can achieve satisfactory privacy settings.
The legal basis for data processing arises from our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our website more attractive and to make information about us and our services available to a wider audience, as well as based on your consent (Art. 6 (1) (a) GDPR) to connect to our Instagram page and to learn more about us and our services. With regard to the transfer of personal data abroad, we refer to section 6.
b. LinkedIn
The button for the social network LinkedIn Corporation, 1000 West Maude Avenue Sunnyvale, California 94085, USA, is installed on our main website. You can recognize the button ("LinkedIn Recommended" button) by the LinkedIn logo. When you click on the LinkedIn button, a direct connection is established between your browser and the LinkedIn server. LinkedIn receives various data, including information that you have visited our site with your IP address, date and access time, browser type, and device information. If you click on the LinkedIn button while logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This allows LinkedIn to associate your visit to our pages with your user account. If you interact with the plug-ins (e.g., use the Like functions), this information is also transmitted directly to a LinkedIn server and stored there. The information is also published on your LinkedIn profile and displayed to your network friends.
The purpose and scope of data collection and the further processing and use of personal data by LinkedIn, in particular for possible market research and advertising purposes based on your user behavior and the resulting possible user profiles, as well as your rights in this regard and setting options for protecting your privacy, are set out in LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy
The legal basis for data processing arises from our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our website more attractive and to make information about us and our services available to a wider audience, as well as based on your consent (Art. 6 (1) (a) GDPR) to connect to our LinkedIn page and to learn more about us and our services. With regard to the transfer of personal data abroad, we refer to section 6.
c. Facebook
Our website uses the Facebook social network button, which is provided by Meta Platforms, Inc., 1601 Willow Road Menlo Park, CA 94025, USA. You can recognize the Facebook button by the Facebook logo.
When you visit a page on our website that contains such a button and click on the Facebook button, your browser establishes a direct connection to Facebook's servers. The content of the plug-in is transmitted directly from Facebook to your browser and integrated into the page.
This integration provides Facebook with the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged into Facebook, Facebook can immediately associate your visit to our website with your Facebook profile. If you interact with the plug-ins, e.g. by clicking the "Like" button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.
For information on the purpose and scope of data collection and the further processing and use of data by Meta, as well as your rights in this regard and settings options for protecting your privacy, please refer to Facebook's privacy policy: https://en-us.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.
The legal basis for data processing arises from our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our website more attractive and to make information about us and our services available to a wider audience, as well as based on your consent (Art. 6 (1) (a) GDPR) to connect to our Facebook page and to learn more about us and our services. With regard to the transfer of personal data abroad, we refer to section 6.
d. YouTube
Our website uses the YouTube social network button. YouTube is a video portal that has been a subsidiary of Google LLC since 2006. The platform is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you click on the YouTube button, a direct connection is established between your browser and the YouTube servers. When you visit a page on our website that has an embedded YouTube video, the YouTube player embedded there also connects to YouTube to ensure the technical transmission of the video or audio file. Through the connection to YouTube's servers, YouTube receives various data, including information that you have visited our site with your IP address, date and access time, browser type, and device information. If you are logged into your YouTube account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand. When a YouTube video is started, YouTube uses cookies that collect information about user behavior. YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in your browser.
The purpose and scope of data collection and the further processing and use of personal data by YouTube, in particular for possible market research and advertising purposes based on your user behavior and resulting possible user profiles, as well as your rights in this regard and setting options for protecting your privacy, are explained in YouTube's privacy policy at: https://www.google.com/policies/privacy
The legal basis for data processing arises from our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our website more attractive and to make information about us and our services available to a wider audience, as well as based on your consent (Art. 6 para. 1 lit. a GDPR) to connect to our YouTube page and to learn more about us and our services. With regard to the transfer of personal data abroad, we refer to section 6.
Depending on the applicable law, data processing is only permitted if the applicable law specifically allows it. This does not apply under Swiss data protection law, but it does apply under the GDPR, for example. If the legal basis for individual data processing operations is not specifically stated (see section 3), the processing of your personal data may be based on one of the following legal bases:
- Your consent, only if it can be revoked at any time (e.g., newsletter) (Art. 6(1)(a) GDPR);
- For the performance of a contract with you or for the purpose of entering into a contract with you (e.g. if you wish to purchase or exchange Keencoins) (Art. 6 para. 1 lit. b GDPR);
- To comply with a legal obligation (e.g., for tax reasons, for the purposes of judicial investigations, or to combat money laundering) (Art. 6(1)(c) GDPR); or
- For the purposes of our legitimate interests, e.g., to maintain and improve our internal business management, organization, operation, protection of systems and premises, prevention of fraud and other crimes, to ensure an effective, efficient, secure, and harmonized service, for advertising and marketing purposes, for statistical purposes, to comply with legal or other regulatory requirements and internal regulations, and to establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings (Art. 6(1)(f) GDPR).
If the processing is based on your consent or our legitimate interests, you can withdraw your consent at any time or object to this processing by contacting us directly by email at info@tapkeen.com. Please note that withdrawing your consent does not affect the lawfulness of the processing prior to your withdrawal.
We take appropriate measures to ensure that only our authorized personnel who have the necessary knowledge have access to your personal data in order to fulfill the purposes for which your personal data was collected.
We may disclose your personal data to the following possible categories of recipients in accordance with the purposes and legal bases of processing described above:
- Service providers who process personal data on our behalf and on our instructions (so-called contract processors, such as providers of IT services in the areas of communication, hosting, and support, accountants, and marketing agencies).
- Banks and other financial institutions.
- Other Tapkeen users when you share content.
- Customers, partners, suppliers, insurance companies.
- Other business partners and auxiliary persons (e.g., lawyers and auditors consulted).
- Our social media channels (e.g., Instagram, LinkedIn), advertising and analytics service providers.
- Administrative authorities, courts, and other authorities.
For the Tapkeen platform, we use the services of the web hosting provider Hetzner Online GmbH, Industriestrasse 25, 91710 Gunzenhausen, Germany, to which personal data relating to the use of Tapkeen is transferred and stored.
On Tapkeen, we offer the option of purchasing Keencoins or exchanging them for cash via various payment providers. To this end, we work with the following payment providers (see sections 3.5. and 3.6.):
- Bei der Android-App: Stripe Technology Europe, The One Building, 1, Lower Grand Canal Street, Dublin 2, Irland, https://stripe.com/privacy.
- For the iPhone app via Apple in-app purchases: Apple Inc. 1 Apple Park Way. Cupertino, CA 95014, USA, https://www.apple.com ; https://www.apple.com/legal/privacy/en-ww/
By selecting the respective payment option, you consent to us transferring personal data to the payment service provider. The purpose of transferring personal data is for payment administration. Please refer to the privacy policy of the respective payment provider for information on how personal data is handled.
We carefully select our partners and contractors and only do so if we can be reasonably assured that they have appropriate technical and organizational measures in place in accordance with legal requirements. We also contractually ensure that our contractors only process your personal data in the same way that we are permitted to do so. Furthermore, our processors may only process personal data on our documented instructions. They are all subject to confidentiality requirements and may only use your personal data to the extent necessary to fulfill the purpose for which your personal data was collected or as required by law.
If this transfer is for administrative purposes, the transfer of data is based on our legitimate business and economic interests (Art. 6 (1) (f) GDPR) or, if it is necessary to fulfill our contractual obligations (Art. 6 (1) (b) GDPR) or if the consent (Art. 6 (1) (a) GDPR) of the data subject or a legal obligation (Art. 6 (1) (c) GDPR) exists.
The personal data we collect is generally processed and stored by us in Switzerland and Germany, by our cloud provider (see section 3.3). If required by contract or law, or if you wish, we may also transfer, store, and process your personal data at locations outside Switzerland and Germany, e.g., in countries where our business partners (such as in Ireland), auxiliary persons, authorities, and other bodies are located. Data transfers within countries of the European Economic Area (EEA) are considered secure as they have an adequate level of data protection. If personal data is transferred to countries that do not guarantee an adequate level of data protection (such as the USA and many other countries outside the EEA), we ensure adequate data protection by putting in place appropriate safeguards, such as contractual guarantees (e.g. based on EU standard clauses), or the transfer of personal data is based on your express consent, in connection with the conclusion or performance of a contract with you, or in connection with the establishment, exercise, or enforcement of legal claims. You can request further information about our appropriate security measures by contacting us by email at info@tapkeen.com.
For the sake of completeness, we would like to point out that, from Switzerland's perspective, the US does not have an adequate level of data protection. In the US, for example, surveillance measures implemented by US authorities generally allow for the storage of all personal data relating to individuals whose data has been transferred from Switzerland to the US. We would also like to point out that in the USA, there are insufficient legal remedies available to affected persons from Switzerland that would allow them to access data concerning them and have it corrected or deleted, and that there is no effective legal protection against general access rights of US authorities. We expressly draw your attention to this legal and factual situation in order to enable you to make an informed decision regarding consent to the use of your personal data in the given case. This applies in particular to data processing operations referred to in this privacy policy where the recipient of the personal data is based in the USA and the data processing is governed by the recipient's privacy policy.
We store your personal data for as long as necessary to fulfill the purposes for which your personal data was collected. For this reason, we will delete or anonymize personal data as soon as it is no longer necessary to achieve the purposes, subject to (i) applicable legal or regulatory requirements to store personal data for a longer period (e.g., for tax or accounting reasons), or (ii) if we have an overriding interest (e.g., an interest for evidentiary reasons to establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings, including legal provisions that we may enforce to preserve relevant information within the applicable contractual or statutory warranty and limitation periods, or if we have an interest in non-personal analysis). In this case, the processing of personal data will be limited to these purposes with restricted access rights to persons who need to process the personal data for these purposes.
On this basis, we generally process personal data in accordance with the following rules and obligations:
- The data automatically transmitted by you through the use of our website for the purpose of displaying, operating, and ensuring the functionality of the website will be deleted within three to six months.
- The personal data you provide to us in connection with an inquiry or electronic notifications (e.g., via email address) will generally be deleted by us within three to six months, unless it concerns contract-related business documents and communications that must be retained for evidentiary reasons in accordance with the point below “For contract-related data” below and the introductory principles for evidentiary reasons (see first section of section 7).
- The personal data you provide to us in connection with a user account will generally be stored by us until you delete the personal data (including your user account) yourself or request us to delete it, subject to statutory retention and evidence obligations.
- The personal data you provide to us in connection with the proof of identification for the payout of Keencoins will be deleted by us within six to nine months after identification has been completed.
- For contract-related personal data (including business documents and communications), we store personal data for as long as the contractual relationship exists plus ten years after the end of the contractual relationship, unless (i) a shorter or longer statutory retention period applies in individual cases, (ii) retention is necessary for evidentiary or other compelling reasons under applicable law, or (iii) the data must be deleted earlier (e.g., because the data is no longer needed or we are required to delete the data).
As part of our privacy policy, we can provide users with further information on the deletion and storage of data that applies specifically to the respective processing process.
We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of threats to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.
These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, transfer, availability, and separation. Furthermore, we have established procedures that guarantee the exercise of data subjects' rights, the deletion of data, and responses to data breaches. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software, and procedures in accordance with the principle of data protection, through technology design and data protection-friendly default settings.
We use SSL encryption to protect the data you transmit via our online services. You can recognize encrypted connections by the prefix https:// in your browser's address bar.
Unfortunately, the transmission of personal data via the Internet or email is not completely secure. Although we take appropriate security measures to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website or via email; any transmission is at your own risk. For this reason, we advise you that email messages containing sensitive personal data should not be sent unencrypted, as you otherwise run the risk of a lack of security and confidentiality on the Internet. In addition, you are free to send us your personal data by other means at any time.
We have integrated various links to third-party websites (e.g., Facebook, YouTube, Instagram, LinkedIn) on our website. Please note that when you click on a link to a third-party website, you will be redirected to a website that we do not control and our privacy policy no longer applies. Your browsing and interaction on another website is subject to the Terms of Service and privacy policies and notices of those third-party websites. Furthermore, we cannot guarantee the accuracy and timeliness of these links.
We recommend that you carefully read the Terms of Service and privacy policies and notices of other websites before submitting personal data via this website. We are not responsible or liable for the information content on such third-party websites.
You have the following rights: You can request information from us about whether and which personal data about you is being processed. In addition, you have the right to request the correction, destruction/deletion, or restriction of personal data about yourself, as well as to object to the processing of your personal data. If the processing is based on your consent or our legitimate interests, you may revoke your consent at any time or object to this processing. Furthermore, in certain cases, you have the right to receive personal data generated during the use of online services in a structured, common, and machine-readable format that allows for further use and transmission (right to data portability).
Requests in this regard should be sent to us at the following email address: info@tapkeen.com. We reserve the right to restrict your rights within the scope of applicable law and, for example, not to disclose comprehensive personal data or to delete personal data.
If we reject your request or you are not satisfied with our handling of it, you are also entitled to lodge a complaint with the competent supervisory authority and seek legal remedy. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC) in Bern (https://www.edoeb.admin.ch). For users residing in EU countries, you can find a list of supervisory authorities at https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
We ask that you regularly review the content of our privacy policy. We will amend the privacy policy as soon as changes to our data processing practices make this necessary. We will inform you as soon as the changes require action on your part (e.g., consent) or other individual notification.
Where we provide addresses and contact information for companies and organizations in this privacy policy, please note that addresses may change over time and we ask that you verify the information before contacting them.
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking here: Data Privacy