Privacy policy

General Information

The protection of your personal data is very important to us. In the following, we would therefore like to inform you in detail about which data we collect from you when you visit our website and use our offers there, and how these are processed or used by us in the following and what rights you are entitled to in this respect.

Your personal data, such as your name, address, e-mail address or telephone number will only be processed by us on the basis of the statutory data protection law, i.e. the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG-neu) and the German Telemedia Act (TMG).

 

II. Responsible body in Terms of § 13 Para. 1 TMG / § 3 Para. 7 BDSG

Responsible party in terms of the data protection law:

CLT Creative Learning Technologies GmbH
Campus A 1-1
66123 Saarbrücken, Germany
Phone: +49 681 302 712 88
E-Mail: info@foldio.tech

III. Definitions

Our data protection declaration uses the terms of the EU General Data Protection Regulation (GDPR), which we would like to explain briefly for your convenience. You will find these and other definitions in Art. 4 GDPR.

​a) Personal Data

  1. ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

​b) Data Subject

‘Data subject’ means any identified or identifiable natural person whose personal data are processed by the controller.

​c) Processing

  1. ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

​d) Restriction of Processing

  1. ‘Restriction of Processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

​e) Pseudonymisation

  1. ‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

​f) Controller

  1. ‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

​g) Processor

  1. ‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

​h) Recipient

‘Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. 2However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

​i) Third Party

  1. ‘Third Party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

​j) Consent

  1. ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

You will receive information at any time about the personal data we have stored about you as well as the origin, recipient and purpose of data collection and data processing. You also have the right to demand the correction, blocking or deletion of your data. Excluded from this are data that are stored due to legal regulations or are required for the proper handling of business. In order that a data block can be implemented at any time, data is kept in a block file for control purposes. If data is not covered by a legal archiving obligation, we will delete your data at your request. If the archiving obligation applies, we will block your data. For all questions and concerns regarding the correction, blocking or deletion of personal data, please contact our data protection officer at the contact details in this data protection declaration or at the address given in the imprint.

IV. Special components of our website

Cookies

We use cookies on our website. They support the presentation of our website and help you to navigate around our website. Cookies collect data about your IP address, your browser, your operating system and your internet connection. We do not link this information with personal data and do not pass it on to third parties. Under no circumstances are cookies used by us to bring malicious or spy programs onto your computer. You can also use our website without the use of cookies, which means that some displays and functions of our offer may only work to a limited extent. If you would like to deactivate cookies, you can do so via special settings in your browser. Please use its help function to make the appropriate changes.

Third Party Content and Services

Our website may also include content, services and benefits from other providers that complement our offer. Examples of such offers are maps from Google Maps, YouTube videos or graphic representations of third parties. Calling up these services from third parties regularly requires the transmission of your IP address. This enables these providers to perceive your user IP address and also to store it. We make every effort to include only those third party providers who use IP addresses solely for the delivery of content. However, we have no influence on which third party provider may store the IP address. This storage can be used for statistical purposes, for example. In this context, please also note the special data protection declarations of individual third parties and service providers whose services we use on our website. You will also find them in this privacy policy.

Newsletter

You can register on our website to receive our newsletter. We need your e-mail address for this. In addition, we must check, in compliance with the relevant legal regulations, whether you are actually the owner of the e-mail address provided and wish to receive the newsletter. We therefore collect information that makes such a check possible. The data collected in this context is used to send and receive the newsletter. They have a different purpose and are not passed on to third parties. Since the sending and receiving of the newsletter depends on your consent, you can revoke this consent to the collection and storage of your data at any time without giving reasons. To do so, please use the "unsubscribe link" provided in the newsletter. Your data will then be deleted by us within six months after you have unsubscribed.

Personal Data

We collect personal data in the context of data avoidance and data economy only to the extent and for as long as it is necessary for the use of our website, or as required by law. We take the protection of your personal data seriously and adhere strictly to the relevant legal regulations and this privacy policy when collecting and processing personal data. If the purpose of the data collection ceases to apply or the end of the legal storage period is reached, the collected data will be blocked or deleted. Our website can be used regularly without the disclosure of personal data. If we collect personal data - such as your name, your address or your e-mail address - this data collection is voluntary. These data will not be made available to third parties without your explicit consent. Please note that data on the Internet is generally not always transmitted securely. Particularly in e-mail traffic, the protection of data exchange cannot be guaranteed.

Server Logfiles

The server log files are anonymous data that are collected when you access our website. This information does not allow any conclusions about you personally, but for technical reasons it is indispensable for the delivery and presentation of our content. Furthermore, they serve our statistics and the continuous optimization of our contents. Typical log files are the date and time of access, the amount of data, the browser used for access and its version, the operating system used, the domain name of the provider you have commissioned, the page from which you came to our offer (referrer URL) and your IP address. Log files also enable us to carry out a detailed check if we suspect that our website is being used illegally.

Contradiction of Advertising E-Mails

In the context of the legal imprint obligation we have to publish our contact data. This data is partly used by third parties to send unsolicited advertising and information. We hereby object to any sending of advertising material of any kind not expressly authorized by us. Furthermore, we expressly reserve the right to take legal action against the unwanted and unsolicited sending of advertising material. This applies in particular to so-called spam e-mails, spam letters and spam faxes. We would like to point out that the unauthorized transmission of advertising material can affect competition law, civil law and criminal law. Spam e-mails and spam faxes in particular can lead to high claims for damages if they disrupt business operations by overcrowding mailboxes or fax machines.

Encrypted Payment Transactions

We secure your data in payment transactions. Therefore, for security reasons and to protect your confidential and personal contents, our site uses SSL encryption during transmission in payment transactions. You can find out for yourself whether SSL encryption is activated or not. You can recognize the use of the encryption by the address line of the browser. Only if the regular display changes from "http://" to "https://" is the data transmission encrypted. The browser line "https://" indicates the use of SSL encryption, payment transactions are now encrypted. With the activation of the SSL encryption it becomes impossible for third parties to read your confidential data. Therefore, please transfer your data only if SSL encryption is activated.

​Facebook Remarketing

On our website we use the remarketing function "Custom Audiences" of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; "Facebook"). The purpose of the application is to target website visitors with interest-based advertising on the social network Facebook. For this purpose, the Facebook remarketing tag was implemented on the website. This tag is used to establish a direct connection to the Facebook servers when visiting the website. This tells the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the social network Facebook, you will then see personalized, interest-based Facebook ads. Your data may be transferred to the USA. Facebook has certified itself according to the US-EU Privacy Shield Agreement and is thus committed to complying with European data protection guidelines. The data processing, in particular the setting of cookies, is carried out with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until revocation. You can find more information on the collection and use of data by Facebook, on your rights in this regard and on ways to protect your privacy in Facebook's data protection information at https://www.facebook.com/about/privacy/.

​Facebook Connect

We offer you the possibility to sign up for our service with Facebook-Connect. An additional registration is therefore not possible. For registration you will be redirected to the Facebook page where you can log in with your usage data. This will link your Facebook profile and our service.  

From this data, we only use your name, your e-mail address, your date of birth (enumeration of the necessary information). This information is absolutely necessary for the conclusion of the contract in order to be able to identify you. Further information about Facebook Connect and the privacy settings can be found in the data protection notes and the terms of use of Facebook Inc.

​Facebook Plugin

On our website you will find plugins of the social network Facebook. Its provider is Facebook Inc. and is located in the USA, California 94025, 1 Hacker Way, Menlo Park. The Facebook logo or the "Like-Button" on our site identifies the Facebook plugins for you. Please also see the overview of Facebook plugins at http://developers.facebook.com/ docs/plugins/. When you visit our website, we establish a direct connection with the Facebook server via the plugin. You are then connected to it via your browser. For Facebook, this means that your IP address is linked to the information that you have visited our website. With a click on the Facebook "Like-Button" you link contents of our website with your profile on Facebook. For Facebook, the visit to our site can be assigned to your user account. In doing so, we have no knowledge of the type of content that is transmitted to Facebook and how Facebook uses it. For more information on data collection and data use, please refer to the Facebook privacy policy, which can be found at You can prevent your visit to our site from being assigned to your Facebook profile by simply logging out of your Facebook account beforehand.

​Google Analytics Remarketing

We use the remarketing function of Google Inc. on our website. With this function we present together with Google our visitors adapted and interest-related advertisements. Thereby cookies are set on your computer. These are text files that recognize users when they call up pages and thus make interest-based advertising possible throughout the entire Google network. In this context, Google denies the collection of personal data and, according to its own statements, does not establish any connections to other Google services. You can disable Google's remarketing function by making appropriate settings at http://. Furthermore, the use of cookies can be deactivated via http://www. networkadvertising.org/managing/opt_out.asp or by changing the settings in your browser. If necessary, use the help function of the browser.

​Google Tag Manager

We use the Google Tag Manager of Google LLC on our website. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller. Google Ireland Limited is therefore the company affiliated with Google which is responsible for processing your data and for ensuring compliance with the applicable data protection laws. This application is used to manage JavaScript tags and HTML tags, which are used to implement in particular tracking and analysis tools. The data processing serves the purpose of designing and optimizing our website to meet your needs. The Google Tag Manager itself neither stores cookies nor processes personal data. It does, however, enable the triggering of further tags that can collect and process personal data. For more information on terms of use and data protection, please visit https://www.google.com/intl/de/tagmanager/use-policy.html.

​Google Ads Conversion-Tracking

We use the online advertising program "Google Ads" on our website and, in this context, conversion tracking (visitor action evaluation). Google Conversion Tracking is an analysis service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller. Google Ireland Limited is therefore the company affiliated with Google which is responsible for processing your data and for ensuring compliance with the applicable data protection laws. When you click on an ad placed by Google, a conversion tracking cookie is placed on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages on our site and the cookie has not expired, Google and we may recognize that you clicked on the ad and were directed to that page. Each Google Ads customer receives a different cookie. As a result, there is no way that cookies can be tracked across the sites of ads customers. The information collected through the conversion cookie is used to compile conversion statistics. This tells us the total number of users who have clicked on one of our ads and been redirected to a page with a conversion tracking tag. However, we do not receive information that personally identifies users. Your information may be transferred to the USA. Google has certified itself under the U.S.-EU Privacy Shield Agreement and is committed to complying with European privacy laws. The data processing, in particular the setting of cookies, is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until revocation. You can find more information and the Google data protection declaration at: https://www.google.de/policies/privacy/

Google Maps Plugin

We use a plugin of the internet service Google Maps on our website. The operator of Google Maps is Google Inc, located in the USA, CA 94043, 1600 Amphitheatre Parkway, Mountain View. When you use Google Maps on our website, information about the use of this website and your IP address is transmitted to a Google server in the USA and also stored on this server. We have no knowledge of the exact content of the transmitted data, nor of its use by Google. The company denies in this context the connection of the data with information from other Google services and the collection of personal data. However, Google may transfer the information to third parties. If you deactivate Javascript in your browser, you prevent Google Maps from running. However, you will then not be able to use a map display on our website. By using our website, you consent to the collection and processing of information by Google Inc.

Taboola

Our website uses technologies from Taboola Inc. (1115 Broadway, 7th Floor, New York, NY 10010, USA). Taboola uses cookies that determine which content you use and which of our pages you visit. The cookie enables us to create pseudonymous user profiles through the collection of device-related data as well as log data and to recommend content that matches your personal interests. This enables us to design our offer individually for you. These user profiles do not allow any conclusions to be drawn about your person. Further information about Taboola and the option to deactivate the Taboola cookie can be found at https://www.taboola.com/privacy-policy (opt-out information can be found under "Site Visitor Choices").

Instagram Plugin

We also include features of the Instagram online service on our website. The provider of these functions is Instagram Inc, located in the USA, CA 94025, 1601 Willow Road, Menlo Park. The Instagram button allows you to link to your Instagram account when you visit our site, provided you are logged in to Instagram. This allows Instagram to obtain information about your visit to our site and assign this visit to your Instagram profile. We have no knowledge of the content of the information submitted or how Instagram uses it.

​V. Rights of the Data Subject

a) Right of Access by the Data Subject, Art. 15 GDPR

Every person affected by the processing of personal data has the right, granted by the General Data Protection Regulation, to obtain at any time and free of charge from the data controller information about the personal data stored about him/her and a copy of this information. Furthermore, the data subject has the right to obtain information on the following:

  • the processing purposes
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular to recipients in third countries or to international organizations
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of a right of rectification or erasure of personal data concerning him or her or of a right of opposition to or limitation of the processing by the controller
  • the existence of a right of appeal to a supervisory authority
  • if the personal data are not collected from the data subject: All available information about the origin of the data
  • the existence of automated decision making including profiling in accordance with Article 22, paragraphs 1 and 4 GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing on the data subject

Furthermore, the data subject has the right of information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards in connection with the transfer.

If a data subject wishes to exercise this right of access, he or she may contact us at any time using the contact details of the controller mentioned in III.

​b) Right to Rectification, Art. 16 GDPR

Every person concerned by the processing of personal data has the right, granted by the General Data Protection Regulation, to request that incorrect personal data concerning him/her be corrected immediately. The data subject shall also have the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.

If a data subject wishes to exercise this right of rectification, he or she may contact us at any time at the contact details of the data controller mentioned in III.

​c) Right to Erasure (‘Right to be Forgotten’) Art. 17 GDPR

Any person concerned by the processing of personal data has the right granted by the General Data Protection Regulation to obtain from the controller the immediate erasure of personal data relating to him/her, where one of the following reasons applies and provided that the processing is not necessary:

  • the personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
  • the data subject withdraws the consent on which the processing was based pursuant to Art. 6, paragraph 1, letter a, GDPR or Art. 9, paragraph 2, letter a, GDPR, and there is no other legal basis for the processing.
  • The data subject lodges an objection to the processing pursuant to Art. 21 para. 1 FADP, and there are no legitimate reasons for the processing, or the data subject lodges an objection to the processing pursuant to Art. 21 para. 2 GDPR
  • The personal data have been processed unlawfully.
  • The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data has been collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR

If one of the above reasons applies and a data subject wishes to have personal data stored by us deleted, he/she can contact us at any time by using the contact details of the data controller as specified in III. We will comply with your justified request for deletion immediately.

If the personal data have been made public by us and our company, as the data controller, is obliged to delete the personal data pursuant to Art. 17 para. 1 GDPR, our company shall take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform other data controllers who process the published personal data that the data subject has requested that these other data controllers delete all links to these personal data or copies or replications of these personal data, unless the processing is carried out in accordance with the law.

​d) Right to Restriction of Processing, Art. 18 GDPR

Any person affected by the processing of personal data has the right, granted by the General Data Protection Regulation, to request the controller to limit the processing if one of the following conditions is met:

  • the accuracy of the personal data is contested by the data subject, for a period of time which enables the controller to verify the accuracy of the personal data
  • the processing is unlawful, the data subject refuses to have the personal data deleted and instead requests the restriction of the use of the personal data
  • the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims
  • the data subject has lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the above-mentioned conditions is met and a data subject wishes to request the restriction of personal data held by us, he or she may contact us at any time at the contact details of the data controller mentioned in III.

​e) Right to Data Portability, Art. 20 GDPR

Any person concerned by the processing of personal data has the right, granted by the General Data Protection Regulation, to obtain the personal data concerning him/her which he/she has supplied to a controller, in a structured, standard and machine-readable format, and the right to have such data communicated to another controller, without interference by the controller to whom the personal data has been supplied, provided that

the processing is based on a consent pursuant to Article 6 paragraph 1 letter a GDPR or Article 9 paragraph 2 letter a GDPR or on a contract pursuant to Article 6 paragraph 1 letter b GDPR and the processing is carried out using automated procedures.

Furthermore, in exercising their right to data transfer, the data subject has the right, in accordance with Art. 20, paragraph 1 of the GDPR, to obtain that personal data be transferred directly from one person in charge to another person in so far as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

In order to assert the right to data transfer, the person concerned can contact the person concerned at any time at the addresses listed in III. above contact details of the data controller.

​f) Right to Object, Art. 21 GDPR

Every person concerned by the processing of personal data has the right, granted by the General Data Protection Regulation, to object at any time, for reasons arising from his particular situation, to the processing of personal data concerning him that is carried out on the basis of Article 6, paragraph 1, letters e or f of the GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we as the responsible party will no longer process the personal data unless we can prove compelling reasons for processing worthy of protection that outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.

If we process personal data for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of personal data for the purpose of such marketing. This also applies to profiling, insofar as it is connected with such direct marketing. If the data subject objects to us processing for the purposes of direct marketing, we will no longer process the personal data for those purposes.

In addition, the data subject has the right to object, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that is carried out by us as data controller for scientific or historical research purposes or for statistical purposes in accordance with Article 89, paragraph 1 of the GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

In order to exercise the right of objection, the data subject may contact us at any time using the contact details of the controller mentioned in III.

​g) Right to Revoke a Data Protection Consent

Every person affected by the processing of personal data has the right granted by the General Data Protection Regulation to revoke his or her consent to the processing of personal data at any time.

If the data subject wishes to exercise his or her right to revoke consent, he or she may contact us at any time using the contact details of the data controller mentioned in III.

​h) Right of Appeal; Art. 77 GDPR

Every person affected by the processing of personal data has the right to complain to a supervisory authority, as granted by the General Data Protection Regulation. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters for this purpose.

VI. Changes to this Privacy Policy

We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on the website. Please visit the website regularly and inform yourself about the applicable data protection regulations.

Contact Persons:

Amir Baradaran, Michael Kellermann

CLT Creative Learning Technologies GmbH
Starter Center of Saarland University
Campus A 1-1
66123 Saarbrücken, Germany
Phone: +49 681 302 712 88
E-Mail: info@foldio.tech