1. Privacy Policy (Status: 10.04.2021)

General information

In the course of your use of one-on-one.tech, we process personal data. By using one-on-one.tech, you agree that we may process your data in the following terms. 

This Privacy Notice explains how the one-on-one.tech app collects, manages, stores and shares personal data. Personal data includes any information whereby a user can be personally identified, Art. 4 No. 1 GDPR. 

2. Person responsible for data processing 

Responsible for data processing in the context of the app one-on-one.tech in accordance with the GDPR is:

Dennis Hartel

Allmandstrasse 10

70563 Stuttgart 

Germany 

Email: contact@one-on-one.tech

3. Data processing 

3.1 Registration

When logging in for the first time (registration) and creating a "profile", data is collected in the form of a registration form. 

The following data are collected and stored as mandatory fields

The following data is optionally collected and stored: 

The following data will be shared with third parties: 

The legal basis for the data processing of the data to be entered in the mandatory field is Art. 6 para. 1 b) GDPR (contractual necessity). The purpose of the data processing is the provision of certain app content and services that are necessary for your use of the app and the maintenance of your account and profile.  

The legal basis for the optional data to be provided is Art. 6 I b) GDPR (contractual necessity), whereby the purpose is to better ensure your usage options such as networking or search functions. 

3.2 Data processing through use of the app 

Personal messages: By using the app, private messages can be exchanged with other users. In doing so, the following data is collected and stored: 

Creating a one-one-one: In the app, users can create their own one-one-one meetings. The following data is collected and stored during this process: 

The legal basis for data processing for regular use of the app is Art. 6 I b) GDPR. The purpose of data processing here is to ensure the functionality of the app services and functions. 

3.3 Server log files 

When calling up our app, we process the following data with each access: 

The purpose of the data processing is to deliver the information logs to the user's computer so that the program is functional. The legal basis for data processing is our overriding interest in the ongoing functionality of our app pursuant to Art. 6 I f) GDPR.  

3.4 Hosting services

3.4.1 Cloudinary

Cloudinary is a hosting service for images. We use Cloudinary to host the profile pictures that are uploaded by users. These are then publicly accessible via the respective URL. When uploading a profile picture in the registration process, the picture is forwarded to Cloudinary and stored.

The following data is collected through use: IP address, device information, referrer URL, browser information, profile picture.

The purpose of the data processing is the display of profile pictures in our app. With regard to the legal basis, we refer to Art. 6 I b) GDPR. 

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, Cloudinary undertakes to comply with the standard contractual clauses established by Commission decision. https://cloudinary-res.cloudinary.com/images/v1608358739/Cloudinary-Customer-Data-Processing-Addendum-DPA-November-2020/Cloudinary-Customer-Data-Processing-Addendum-DPA-November-2020.pdf

Company: Cloudinary Inc, 111 W Evelyn Ave, Suite 206, CA 94086. Note their privacy policy: https://cloudinary.com/privacy

3.4.2 Salesforce/Heroku

Heroku is a hosting platform. We use Heroku as the hosting platform for our app. The app is hosted on European servers. All data transmitted through our app is processed and stored on Heroku's servers. The following personal data is collected through use: 

The purpose of the data processing is a basic provision of our app via the server of Heroku. The legal basis for this processing is Art. 6 I b) GDPR.

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, Salesforce undertakes to comply with the standard contractual clauses established by Commission Decision 

https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/EU-Data-Transfer-Mechanisms-FAQ.pdf

Company: salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany. We refer to the privacy policy: https://www.salesforce.com/de/company/privacy/

3.5 Cookies 

In our app, we use so-called cookies. These are data packets generated by the web browser to store individual user data, such as login data. We only use technically necessary cookies ("sessionid" and "csfrtoken"). 

The purpose of the use of cookies is to enable the app functionality and use, as well as to protect you as a user from malicious attacks. The "sessionid" is a cookie to identify each browser and its associated session with the website. The "csrftoken" (cross-site request forgery token) cookie is used to accept only trusted requests. The legal basis for data processing in terms of necessary cookies is our legitimate interest according to Art. 6 I f) GDPR. 

3.6 Implemented technologies  

This paragraph describes which third-party technologies are used in the one-on-one.tech app and which data may be transferred in the process. With regard to the storage of data by third-party providers, we refer in each case to the privacy policy of the providers linked below 

3.6.1 LottieFiles

LottieFiles is a provider of animations, which are embedded on our site. When a page is called up, the browser establishes a connection to Lottiefiles in order to display animations. The following data is processed by this: IP address, device information, referrer URL, browser information.

The purpose of the data processing is to provide an optimal user experience on our site. The legal basis for this is Art. 6 I f) GDPR.

Company: Design Barn Inc, 7302 Royal Oaks Ct Pleasanton, CA 94566, USA. Please refer to their privacy policy https://lottiefiles.com/page/privacy-policy

3.6.2 Fontawsome 

Fontawsome is a provider of icons (graphical symbols) for display on the internet. When the page is called up, the browser establishes a connection to Fontawsome. The following data is processed in the process: IP address, device information, referrer URL, browser information.

The purpose of this is the use of graphical icons on our part to ensure a better user experience through optimal display. The legal basis for this is our legitimate interest from Art. 6 I f) GDPR. 

Company: Fonticons Inc, 307 S. Main St., Suite 202, Bentonville, AR 72712, USA. Please note their privacy policy: https://fontawesome.com/privacy

3.6.3 Google Fonts 

Google Fonts is a provider of fonts for display on the internet. When you call up a page, the browser establishes a connection to Google Fonts. The font is stored in your browser cache. The following data is processed: IP address, device information, referrer URL, browser information.

The purpose is to provide an optimal user experience on our site. The legal basis for this is Art. 6 I f) GDPR.

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, Google LLC undertakes to comply with the standard contractual clauses established by Commission decision. 

https://policies.google.com/privacy/frameworks?hl=de&fg=1

Company: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland.

See their privacy policy https://policies.google.com/privacy

3.6.4 Google Maps API

Google Maps API is a service for completing address entries. When entering location-relevant fields, the browser sends the input to Google. Google sends back a suggestion for completing the location entry. The following data is processed: IP address, device information, referrer URL, browser information, input in the location-relevant field (e.g.: search function or registration process).

The purpose of the data processing is to standardize the location information of users on our site for a better user experience. With regard to the legal basis, we refer to our legitimate interest, Art. 6 I f) GDPR.

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, Google LLC undertakes to comply with the standard contractual clauses established by Commission decision. 

https://policies.google.com/privacy/frameworks?hl=de&fg=1

Company: Google Irleland Limited, Gordon House, Barrow Street, Dublin 4 Ireland.

Please note their privacy policy https://policies.google.com/privacy

3.6.5 Jitsi Meet

Jitsi Meet is a video conferencing provider. When a page is requested, the browser establishes a connection to Jitsi Meet. Jitsi Meet is integrated into our site via iFrame. Accordingly, a connection to Jitsi Meet takes place within the page. The following data is collected through use: IP address, device information, referrer URL, browser information, username. 

The purpose of the data processing is to enable users to exchange information via video conferencing. With regard to the legal basis, we refer to our legitimate interest, Art. 6 I f) GDPR. 

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, Jitsi Meet undertakes to comply with the standard contractual clauses established by Commission decision. 

https://www.8x8.com/terms-and-conditions/privacy-policy (see "international data transfers")

Company: 8x8 Inc, 675 Creekside Way Campbell, CA 95008 United States. See their privacy policy : https://jitsi.org/meet-jit-si-privacy/  and 

https://www.8x8.com/terms-and-conditions/privacy-policy

3.6.6 LinkedIn

LinkedIn is a social network on a professional basis. When the LinkedIn registration is accessed, we receive personal data, which is shared with us after the user's consent on the part of LinkedIn. The following data is collected through use: IP address, device information, referrer URL, browser information, name, email address and profile picture.

We only store and process the returned data that LinkedIn passes on to us after the user's consent. This includes email address, name, profile photo. LinkedIn may store further data itself. 

The intended use of the data is to enable LinkedIn as a registration method so that users can also use their LinkedIn profile on one-on-one.tech. The legal basis for this processing is our legitimate interest pursuant to Art. 6 I f) GDPR to promote our products and services. 

Please note that data may also be transferred to other countries outside the EU. This includes, among others, the USA. For transfers of EU data to a jurisdiction outside the EU, LinkedIn undertakes to comply with the standard contractual clauses established by Commission decision. https://de.linkedin.com/legal/l/dpa

Company: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. We refer to the privacy policy https://de.linkedin.com/legal/privacy-policy

4. Duration of storage and use of personal data 

As a matter of principle, we only process personal data if this is necessary for the functionality of the one-on-one.tech app. In doing so, we delete or block the data as soon as the purpose of the data processing has been achieved or has ceased to exist or the right of revocation has been exercised in the case of data processing based on your consent. If we are required by law or other regulation to store and retain the data for a longer period of time, we will comply with this. Third-party providers that we use to provide our app may store additional data independently of us for the duration required in each case. Here, we refer to the respective privacy policy of the third-party providers for "implemented technologies" (3.6).  

5. Your data subject rights

You can exercise the following rights as a data subject of data processing at any time: 

6. Changes to the privacy policy

In the course of the development of one-on-one.tech, the privacy policy may change in part. We will inform you about significant changes in a timely manner, so that it is possible for you to view them.