Privacy policy – Comandam

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) in the context of the provision of our website at www.Comandam.com and mobile applications (hereinafter collectively referred to as “online offer”).
We attach great importance to the security of your data and compliance with applicable data protection regulations. The collection, processing and use of personal data is subject to the provisions of Romania`s Data Protection Act Law No. 190 of 18 July 2018 (DPA) and the General Data Protection Regulation (GDPR).

Responsible party
IBRAM PEBB SRL
Str. Pompierilor nr 27,Calarasi,Romania

Web: www.comandam.ro
E-mail: info@comandam.ro

Accuracy
It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

What are the purposes for processing?
• Provision of the online offer, its contents and functions.
• Provision of contractual services, service and customer care.
• Answering contact enquiries and communication with users.
• Marketing, advertising and market research.
• Security measures.

What are the relevant legal bases for processing your data?
The following informs you about the legal basis of us processing your data and unless the legal basis is not specifically mentioned, the following applies:

• Consent – This is where we have asked you to provide explicit permission to process your data for a particular purpose.
• Contract – This is where we process your information to fulfil a contractual arrangement, we have made with you.
• Answering your business enquiries – This is where we process your information to reply to your messages, e-mails, posts, calls, etc.
• Legitimate Interests – This is where we rely on our interests as a reason for processing, generally this is to provide you with the best products and service in the most secure and appropriate way. Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.
• Legal Obligation – This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime.

Data Protection Principles
All personal data must be:

• processed lawfully, fairly and in a transparent manner in relation to the data subject;
• collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes subject to appropriate safeguards, and provided that there is no risk of breaching the privacy of the data subject.
• adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
• accurate and where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay;
• kept in a form which permits identification of data subjects for no longer than necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the Regulation in order to safeguard the rights and freedoms of the data subject;
• processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures;

What are your rights?
You have the following rights with respect to us processing your personal data:

• Right of access
You have the right to obtain information about whether and which of your personal data is processed by us. In this case, we will also inform you about:
• the purpose of processing;
• the categories of data;
• the recipients of your personal data;
• the planned storage period or the criteria for the planned storage period;

• Right to rectification
You have a right to rectification and/or completion if your personal data processed by us is inaccurate or incomplete.

• Right to restriction of processing
You have a right to restriction of processing, provided that:
• we verify the accuracy of your personal data processed by us;
• the processing of your personal data is unlawful;
• you need your personal data processed by us for legal prosecution after the purpose has ceased to exist;
• you have objected to the processing of your personal data and we are reviewing this objection.

• Right to erasure
You have a right to erasure if:
• we no longer need your personal data for its original purpose;
• you withdraw your consent and there is no further legal basis for processing your personal data;
• you object to the processing of your personal data and – unless it is direct marketing – there are no overriding reasons for further processing;
• the processing of your personal data is unlawful;
• the erasure of your personal data is required by law; and
• your personal data was collected as a minor for information society services.

• Right to information
If you have exercised your right to rectification, erasure or restriction of processing, we will inform all recipients of your personal data, of this rectification, erasure of data or restriction of processing.

• Right to data portability
You have a right to receive your personal data processed by us on the basis of consent or for the performance of a contract in a structured, common and machine-readable format and to transfer it to another controller. If technically feasible, you have the right to have us transfer this data directly to another controller.

• Right to object
You have the right to object to the processing of your personal data in case of special reasons. In this case, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing. In case of processing of your personal data for direct marketing purposes, you have the right to object at any time.

• Right of withdrawal
You have the right to revoke any consent given to us at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

• Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data by us violates the law.

Types of data processed
• Inventory data (e.g., personal master data, names or addresses).
• Verification Data (e.g., proof of identity, proof of address).
• Contact data (e.g., e-mail, telephone numbers).
• Content data (e.g., text input, property data, photographs, videos).
• Usage data (e.g., web sites visited, interest in content, access times).
• Payment Data (e.g., when you pay for services)
• Meta/communication data (e.g., device information, IP addresses).

Categories of data subjects
Visitors and users of the online offer (Hereafter, we also refer to the data subjects collectively as “users”).
How we use information
The main reason we use your information is to provide and improve our services. We also use your information:

• to protect you and to provide you with advertisements that may be of interest to you.
· to provide our services to you;
· to provide you with customer support and respond to your inquiries;
· to complete your transactions;
· to communicate with you about our services;
· to improve our services and develop new services;
· to conduct research and analysis of user behavior to improve our services and content (e.g., we may decide to change the look and feel or even substantially modify a particular feature based on user behavior);
· to develop new features and services;
· to prevent, detect and respond to fraud or other illegal or unauthorized activities;
· to address ongoing or perceived misconduct;
· to perform data analysis to better understand these activities and develop countermeasures;
· to retain data related to fraudulent activity to prevent recurrence;
· to ensure compliance with laws;
· to comply with legal requirements;
· to assist law enforcement; and
· to enforce or exercise our rights.

Security measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account in the development and selection of hardware, software, and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.

For security reasons and to protect the transmission of confidential content that you send to us as the provider, this online offer uses TLS encryption (Transport Layer Security), or better known as SSL (Secure Sockets Layer), which is now obsolete. You can recognise the secure, encrypted connection to this online offer by the identifier https:// of the entry in the URL line (address line) of the browser used and/or the green lock symbol. HTTPS stands for Hypertext Transfer Protocol Secure.

We would like to point out that data transmission on the Internet (e.g., when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Cooperation with processors, joint controllers and third parties
If, in the course of our processing, we disclose data to other persons and companies (order processors, jointly responsible persons or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if a transfer of the data to third parties, such as to payment service providers, is necessary for the performance of the contract), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we disclose or transfer data to other companies in our group of companies or otherwise grant them access, this is done in particular for administrative purposes as a legitimate interest and, in addition, on a basis that complies with the legal requirements.

Transfers to third countries
Our main operations are based in Romania and your personal information is generally processed, stored and used in global data centres of Amazon (AWS). We take steps to ensure there is an appropriate level of security, so your personal information is protected in the same way as if it was being used within the EU and the EEA. Where we need to transfer your data outside the EU and the EEA, we will use one of the following safeguards:

• The use of approved standard contractual clauses in contracts for the transfer of personal data to third countries.
• Transfers to a non-EEA country with privacy laws that give the same protection as the EEA.

Deletion of data
The data processed by us will be deleted or restricted in its processing in accordance with the legal requirements. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e., the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

Data processing in relation to our services
Commercial and business services
We process data of our contractual and business partners, e.g., customers and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer enquiries.

We process this data to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. We only disclose the data of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisers, payment service providers or tax authorities).

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

Offering sour platform services
We process the data of our customers and Customers in order to enable them to select, purchase or commission the selected services. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.

In this context, we disclose or transfer data to consultants, such as legal advisors or auditors, as well as other fee offices and payment service providers.

Furthermore, based on our business interests, we store information on suppliers, restaurants and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.

Automated decision making and profiling
As part of fulfilling our contract with you and for the purpose of improving our platform, we use automated decision making and profiling. For example, we use your postcode and/or location data to select available restaurants in your particular area. In addition, we use automated decision making to comply with our legal obligations to prevent money laundering, terrorist financing and other crimes.

If such automated decision making and/or profiling results in a negative decision about you and you do not consent to it, you may contact us. We will then arrange for a reassessment of the situation. Apart from that, we would also appreciate it if you would approach us with suggestions on how to improve these processes.

Data transfer to payment service providers
In order to fulfil the contract, we pass on your data to the company commissioned with the payment, insofar as this is necessary for the payment of our services. Depending on which payment method you select, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service provider. In some cases, the selected payment service providers also collect this data themselves. In this case, the privacy policy of the respective payment service provider applies. The legal basis for the data processing is contract.

The data processed by the payment services include the payment data mentioned above. The information is necessary to carry out the transactions. However, the customer data entered is only processed by the payment service providers and stored by them. Furthermore, we cannot exclude that data of the payment service provider is transmitted to credit agencies. In this regard, we refer to the terms and conditions and privacy policies of the respective payment service providers.

If there is an obligation to transmit your payment data to us (e.g., account number in the case of direct debit authorization) after the conclusion of a fee-based contract, this data is required for payment processing.

Payment transactions via the common means of payment are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Data transfer to restaurants and and related service providers
We share your personal information (name, address and phone number, order) with the restaurant you select so that the restaurant can deliver your order. Since you are a direct customer of the restaurant, the restaurant has its own responsibilities and obligations with respect to the processing of your personal data. If you have any questions about the Restaurant’s handling of your personal data, you should contact the Restaurant directly.

Sharing with others (other than restaurants)
We will not sell your personal data to third parties, and we will only share this data with third parties if it is necessary for the performance of our contract with you, for analysis and marketing purposes, or to comply with legal obligations.
Your personal data will only be passed on to third parties,

• if you have given your express consent to this;
• if the disclosure is necessary for the fulfilment of contractual obligations;
• if we are legally obligated to disclose the data;
• if the disclosure of the data is in the public interest;
• if the disclosure of the data is necessary for the protection of our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data override these interests.

Once we engage third-party companies to process your personal data on our behalf, we will enter into a data processing agreement to ensure the same level of protection and confidentiality of your personal data.

Data processing for the purpose of fraud prevention and optimization of our payment processes
Where applicable, we provide our service providers with further data, which they use together with the data necessary for the processing of the payment as our processors for the purpose of fraud prevention and optimization of our payment processes (e.g., invoicing, processing of contested payments, accounting support). This serves to protect our legitimate interests in our protection against fraud or in efficient payment management, which outweigh our interests in the context of a balancing of interests.

Legal defense and enforcement of our rights
The legal basis for the processing of your personal data in the context of legal defense and enforcement of our rights is our legitimate interest. The purpose of processing your personal data in the context of legal defense and enforcement of our rights is the defense against unjustified claims and the legal enforcement and assertion of claims and rights.

Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. The processing of your personal data in the context of legal defense and enforcement is mandatory for legal defense and enforcement of our rights. Consequently, there is no possibility for you to object.

Use of customer data for direct marketing purposes
If you have provided us with your e-mail address when using our Services, we reserve the right to regularly send you e-mail offers for similar services. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails.

You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.

If we process your Personal Data for the purpose of sending you SMS marketing communications, you may manage your receipt of marketing and non-transactional communications from us by clicking on the “unsubscribe” link located on the bottom of our marketing emails, by replying or texting ‘STOP’ if you receive our SMS communications. In this respect, the data processing is carried out solely on the basis of our consent in personalized direct advertising per SMS.

Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your service announcements or security information.

If you opt-in to SMS marketing, you will be notified by entering your phone number on the checkout page and initializing a purchase, signing up via a subscription form or entering a keyword. If you opt-in to SMS marketing notifications, you agree to the following:

• You understand and agree that consent is not a condition of purchase.
• You understand and agree that your phone number, name and purchase information will be shared with our SMS marketing platform including messages sent by autodialer.
• You understand and agree that the information collected may be used to send you notifications and targeted marketing messages.
• When sending SMS messages, your phone number will be shared with our SMS delivery partner to ensure delivery of the message.
• You understand and agree that if you wish to opt-out of receiving further SMS marketing messages and notifications, you must reply with STOP to any message sent by us.
• You understand and agree that other methods of opting out, such as using alternative words, will not be a reasonable means of opting out.
• You understand and agree that message and data rates may apply when receiving text messages.

When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation and the legal basis for the subsequent documentation of the data subject access request is both our legitimate interest and our legal obligation.

The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.

Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.

You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.

Social Media
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.

If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required.

As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.

Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. We cannot, for example, switch this off.

Please be aware: It cannot be ruled out that the provider of the social media platform uses your profile and behavioral data, for example to evaluate your habits, personal relationships, preferences, etc. We have no influence on this. In this respect, we have no influence on the processing of your data by the provider of the social media platform.

Data processing in relation to our website and app
Log files
In principle, it is possible to use the Comandam website without providing personal data. When a page of our website is accessed and each time a file is retrieved, access data about this process is stored in a log file. The corresponding log file contains: Your IP address, the page from which the file was requested, the name of the file, the date and time of the request, the amount of data transferred, the access status (file transferred, file not found, etc.), a description of the type of operating system and web browser used. The stored data does not allow any conclusions to be drawn about your identity and is evaluated exclusively for statistical purposes.

The collection and processing of this data is carried out in order to enable the use of the website at all, on the basis of our legitimate interest, whereby our legitimate interest is the provision of our website. Incidentally, we store this aforementioned data, including the IP addresses, only in anonymized form and use it only in this anonymized form to analyze the use of the offer and the further development and optimization of our website in your interest. Our legitimate interest is the ongoing improvement of our online offer in order to provide you with the greatest possible user comfort.

General app accesses
As with every server request, information such as IP address, user agent etc. is transmitted and stored anonymously in the server log for 30 days. The provision of personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide the data could result in you not being able to use our app or not being able to use it to its full extent. The legal basis for this data processing is consent.

Network access
The legal basis for this data processing is contract. Your data will be treated confidentially by us and deleted if you revoke the rights to use it or it is no longer required to provide the services and there is no legal obligation to retain it. The provision of personal data is necessary if you wish to make full use of our app. However, failure to provide this data could result in you not being able to use our app or not being able to use it to its full extent.

Contacting Us
If you contact us and send us general enquiries the contact details you provide, will be stored and used by us to fulfil the purpose associated with the transmission, e.g., to process your enquiry or in the event of follow-up questions.

The basis for this storage and use of your personal data is your consent which you give us by sending the contact form. Insofar as you provide us with your personal data for the purpose of responding to your questions, the entry of personal data is required as without this information, we cannot process your request.

You have the right to revoke your consent to the data processing described above at any time with effect for the future. In this case, we will no longer process your data. Your personal data will be deleted even without your revocation in any case if we have processed your request or if the storage is inadmissible for other legal reasons.

Cookies
During the use of our website, so-called “cookies”, small text files, are stored on your computer. Such cookies register information about your computer’s navigation on our website (pages selected, day, time and duration of use, etc.). A cookie is downloaded via a browser the first time you visit a website. The next time you visit this website with the same device, the browser checks whether a corresponding cookie is present (i.e., contains the website name). It sends the data stored in the cookie back to the website. Some cookies are important for the website’s functionality and are automatically activated by us when a user visits. Our website also uses cookies to make it easier to use and to provide you with content tailored to your information needs.

You cannot be personally identified from any of the information we collect. The use of the cookies we use is necessary in order to be able to provide the online offer of Comandam at all and, moreover, to be able to optimize it on an ongoing basis. The data processing in this context is therefore based on our legitimate interest. Our legitimate interest is to provide visitors to our website with a functioning online service and to make visiting and using the website as pleasant and efficient as possible.

For further information on cookies in general, please visit www.allaboutcookies.org and for further details on the cookies we use, please refer to our Cookie Policy.

Creating an account
Personal data will continue to be collected and processed if you provide it to us for the performance of a contract or when opening an account. Which data is collected can be seen from the respective input forms. Deletion of your account is possible at any time and can be done by sending a message to us. We store and use the data provided by you for the purpose of processing the contract. After complete processing of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiry of these periods, unless you have expressly consented to a further use of your data or a legally permitted further use of data has been reserved on our part.

Convenience Log in and Sign Up
Third-party Connect features such as Facebook, Google or Apple are offered as an option to register with Comandam. When registering via connect functions of third-party providers, the user agrees to the respective terms and conditions of these third-party providers and also consent to certain data from the respective profiles of the user being transferred to Comandam.

Profile
As a registered user, you have the opportunity to create a user profile with just a few clicks and details. If you make use of the option, the relevant profile data you provide will be transferred to your profile. Of course, you can change the information at any time via the settings in your profile. You have choices about the information on your profile. You don’t have to provide additional information on your profile; however, profile information helps you to get more from our Services. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the processing of your personal data is the establishment and implementation of the user contract for the use of the service. We store the data until you delete your user account. Insofar as legal retention periods are to be observed, storage also takes place beyond the time of deletion of a user account.

Newsletter and Notification dispatch
If you have registered for the newsletter or send notifications, we will process your personal data for the purpose of sending the newsletter or notification. The processing is carried out voluntarily on the basis of your consent. You can revoke this consent at any time by clicking on the unsubscribe link at the end of the newsletter and notification. Of course, you can also contact us by any other means and revoke your consent. Processing will continue until you withdraw your consent. The lawfulness of the processing carried out until the withdrawal of consent is not affected by this. After revocation of consent, the personal data will be kept for another 6 months for the purpose of legal defense. The legal basis for this is our legitimate interest.

Installation of our app
Our app can be downloaded from the app stores “Google Playstore” and “Apple App Store”. Downloading our app may require prior registration with the respective app store and installation of the app store software.

App installation via the Google Playstore
You can use the Google service “Google Play” of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, to install our app.

As far as we are aware, Google collects and processes the following data;
• Licence check,
• network access,
• network connection,
• WLAN connections,

It cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which personal data Google processes with your registration and the provision of downloads in the respective app store and app store software. The responsible party in this respect is solely Google as the operator of the Google Play Store. You can find more detailed information in Google’s privacy policy, which you can access here: https://policies.google.com/privacy.

App installation via the Apple App Store
You can use the Apple service “App Store” a service of Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill Ln, Knocknaheeney, Cork, Ireland, to install our app.

As far as we are aware, Apple collects and processes the following data;

• device identifiers,
• IP addresses,
• location information,

It cannot be excluded that Apple also transmits the information to a server in a third country. This could in particular be Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. We cannot influence which personal data Apple processes with your registration and the provision of downloads in the respective app store and app store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store. You can find more detailed information in Apple’s privacy policy, which you can access here: https://www.apple.com/legal/privacy/.

Push messages
The legal basis for Push messages is our legitimate interest. A push service is used to provide you with useful tips and information directly on your mobile device or similar devices. When we send a push message, we send the message with the corresponding IDs or tokens to the Push Notification Service. This then ensures that the push message is sent to the devices that wish to receive such a notification. Our legitimate interest is to be able to present current information to you directly. The personal data will only be processed as long as this is necessary for the provision of the function. You have the right to object. You can prevent your data from being processed further by deactivating the push service in the respective system settings of the operating system of your device.

Firebase
We use the Firebase service in our app, a service provided by Google LLC (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The Firebase is a web hosting and backend service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed. Firebase is a fast, fully managed, serverless, cloud native NoSQL database that simplifies the storage, synchronization and retrieval of data for mobile, web and IoT applications worldwide.

The Firebase is used by us to store information such as messages between users. We have concluded a contract for commissioned processing with Google for the use of Google Firebase. Google processes the data on our behalf in order to transmit data stored to your terminal device. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

By integrating Firebase, we pursue the purpose of being able to offer you a better service within the scope of our app. The legal basis for the processing of personal data described here is our legitimate interest. Our necessary legitimate interest lies in the great benefit that the functions described above have for our offer. The use of Google Firebase gives us the opportunity to provide you with better use and information through our app.

As part of the processing, Google is entitled to use subcontractors. A list of these subcontractors can be found at https://privacy.google.com/businesses/subprocessors/.

The processed information will be stored for 6 months and automatically deleted after this retention period.

For further information on data handling in connection with Google Analytics, please refer to Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=en
https://firebase.google.com/support/privacy

Information on Google’s privacy settings can be found at https://privacy.google.com/take-control.html?categories_activeEl=sign-in.

Icon links to social networks
We use small icons that refer to our website on third-party platforms (e.g., Facebook, Instagram, Twitter). These are hyperlinks in each case, so no data is transferred from you automatically, but only when you click on the icons and a new tab opens in your browser with the third-party website. When you visit one of our pages equipped with a Facebook, Instagram, Twitter plugin, a connection to the Facebook, Instagram, or Twitter server is established. This tells the Facebook, Instagram or Twitter server which of our pages you have visited. If you are logged into your Facebook, Instagram, Twitter, account, you enable Facebook, Instagram, Twitter to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Facebook, Instagram, Twitter account. Facebook, Instagram, Twitter is used in the interest of an appealing presentation of our online offers.

Miscellaneous and Closing
Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your user account or contact us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.

Children Data
Our website is not intended for children, and we do not knowingly collect data relating to children. If you become aware that your Child has provided us with Personal Data, without parental consent, please contact us, and we take the necessary steps to remove that information from our server.

External Links
Our website contains links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance with data protection regulations by their providers.

Changes and updates to the privacy policy
We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Concerns and Contact
If you have any concerns about a possible compromise of your privacy or misuse of your personal data on our part, or any other questions or comments, you can contact us.

Exercising your rights
If you would like to exercise any of our rights as set out above in the” What are your rights?” section above or have a complaint, please contact us using info@Comandam.com. Any such request will be responded to within one month and we might require proof of identity to verify and process your request. For more information about these rights, please contact us.