Data Protection

1. Controlling agency

Controlling agency:

WetterOnline Meteorologische Dienstleistungen GmbH
Karl-Legien-Straße 194a
D-53117 Bonn
Germany

E-mail: info@weatherandradar.com
Phone: +49 228 55937-998
Fax: +49 228 55937-80

2. Purpose

The WetterOnline Meteorological Services GmbH takes the protection of your personal data very seriously. We would therefore like to inform you whether and which of your data we collect, process and use. Our commitment to this is based on the Telecommunications-Telemedia-Data Protection Law (TTDSG) and the European General Data Protection Regulation (GDPR). The privacy policy for the use of our apps (WetterOnline App, RegenRadar App) is listed below.

3. Personal data

Personal data are any data that contain information about personal or factual circumstances of a specific or identifiable customer. This includes, for example, your name, home address, gender, date of birth, age, telephone number, email address, or IP address. This list is not exhaustive and is only intended to illustrate what can be considered personal data.

4. Which of your data do we collect, process or use?

4.1 Collection and use of location data

In our apps, you have the ability to retrieve weather information for your specific location. To do this, location services must be enabled on your mobile operating system. Once they are enabled and you launch one of the aforementioned apps for the first time, the app will ask you to allow access to your location information. When you confirm, the app is permanently granted access to your location information. You can revoke the app's access to your location at any time in the settings of your mobile device. If you allow the app access to your location data, your mobile device will transmit your location within the cell you are in to us. If your mobile device has a GPS receiver, that location data will also be transmitted to us. The location data is rounded to 0.01°, so we do not gain knowledge of your exact location.

5. Which of your data is collected, processed or used by third parties

5.1 Usage-based online advertising

In the following, we wish to inform you about the data collected, processed and used by our advertising partners:

5.1.1 Data collection in our apps

In our free apps, advertising is displayed. Within the scope of these ads, personal data are collected or used. During the advertising delivery, we and our advertising partners use IP address, anonymous device identifiers (Advertising-ID), and device information (operating system or version, device ID, and language) as well as the data mentioned under 4.1 in order to be able to place relevant advertisements for you.

5.1.2 Who our advertising partners are and how you can object to data collection for usage-based online advertising by our advertising partners

The following advertising partners are responsible for data collection for the delivery of usage-based online advertising:

Hide list of advertising partners

The processing of personal data (IP address, cookies, device identifiers) is based on your consent (in accordance with Article 6(1)(a) GDPR) or, where applicable, on the legal basis of a legitimate interest (Article 6(1)(f) GDPR).

WetterOnline participates in the IAB Europe Transparency & Consent Framework and complies with its specifications and guidelines. WetterOnline uses the platform to manage consents with the identification number 6.

You can adjust or revoke personalized advertising and the associated data collection and processing through the privacy settings.

5.2 Collection, processing, and use of data at INFOnline Measurement

Our application uses the multi-stage measurement method 'INFOnline Measurement' of INFOnline GmbH (https://www.INFOnline.de) to determine statistical values (page Iimpression, visit, technical client) on the use of our digital offerings. The goal of usage measurement is to determine the intensity of use, the number of uses and users of our application, and their surfing behavior statistically – based on a consistent standard procedure - and thus obtain comparable values in the market. As a member of the "Informationsgemeinschaft zur Feststellung der Verbreitung von Werbeträgern e.V." (IVW – https://www.ivw.eu), the usage statistics are regularly provided by IVW with the performance values 'Page Impression' and 'Visits' in the IVW-Ausweisung (https://ausweisung.ivw-online.de/).

5.2.1 Basis for data processing

Measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the framework of usage measurement with consent under Art. 6 para. 1 lit. a) GDPR.

The purpose of the processing of personal data is the creation of digital performance values (page impression, visit, and technical client) for the creation of statistics.

The statistics are used to track and document the use of our offer.

5.2.2 Types of data

The data collected with INFOnline Measurement does not enable a user to be identified as a person due to the types of data and the amount of data. Measurement libraries are used that automatically integrate and execute the necessary measurement sensors for anonymous (IOMb) and/or pseudonymous data processing (IOMp) to determine the key figures when the app (client) is called up.

In anonymous census procedures (IOMb), personal information processing is completely avoided, including the IP address. This is completely removed from communication and processing. A communication interface, the so-called 'Service platform', prevents the exchange of the user's IP address with INFOnline systems as part of INFOnline Measurement. The IP address as personal data is discarded on the service platform during the census procedure before the measurement call is directed to INFOnline. There is also no geolocation using an IP address. The data record generated during the census procedure is a pure PI data collection.

In the pseudonymous measurement method (IOMp), the following data that have a personal reference according to EU-GDPR are collected with the measurement library:

IP address: On the internet, every device needs a unique address, the so-called IP address, to transmit data. The storage of the IP address, at least for a short time, is technically necessary due to the way the internet works. The IP addresses are shortened by 1 byte before any processing and are only processed anonymously. Untruncated IP addresses are not stored or processed.

A randomly generated client identifier: Range measurement uses unique identifiers of the end device or a signature created from various automatically transmitted information from your device to recognize computer systems. A measurement of the data and subsequent assignment to the respective identifier may also be possible under certain circumstances if you call up other applications that also use the pseudonymous measurement procedure of INFOnline GmbH. The following unique identifiers can be transmitted to INFOnline GmbH as a hash:

Advertising-Identifier

Installation-ID

Android-ID

Vendor ID

Personal data in the sense of the EU-GDPR are only used for measurement insofar as the use of a library/ SDK is carried out for a user who has been assigned an individual IP address and a randomly generated client identifier for calling up app content. The pseudonymous measurement (IOMp) is only carried out in the presence of positive consent from the user from the Consent Management Platform (CMP).

5.2.3 Utilization of data

The INFOnline GmbH measurement procedure used in this app determines usage data. This is done to collect the performance values page impression, visit, and client.

Geolocation: The allocation of app usage to the location of the call takes place exclusively based on the anonymized IP address and only up to the geographical level of the federal states/regions. Under no circumstances can a conclusion be drawn about the specific place of residence of a user from the geographical information obtained in this way.

Merging of usage data across offers: The usage data of a technical client (e.g. a browser on a device) is merged across applications and stored in a database.

5.2.4 Duration of data storage

The full IP address is not stored by INFOnline GmbH.

The IP address is only used to receive the data packets and is then shortened by 1 byte. In the census procedure, the shortened IP address is discarded; in the pseudonymous procedure, it is stored for a maximum of 60 days. In the pseudonymous procedure, the usage data is stored in connection with the unique identifier for a maximum of 6 months.

5.2.5 Data transfer

The IP address as well as the shortened IP address are not passed on.

5.2.6 Additional information

Further information on data protection in the measurement procedure can be found on the website of INFOnline GmbH (https://www.infonline.de), which operates the measurement procedure.

5.3 Collection, processing and use of data with Google Analytics

To analyze user behavior, this app uses Google Analytics, the analysing services of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google”).

The information about the use (type and version of your device, the operating system, the site visited, date and time of your visit, the screen resolution as well as the IP address used) is transmitted to a Google server in the US and stored there. We wish to point out that we anonymise the IP address prior to transmission. It is only in exceptional cases that a full IP address is transmitted to a Google server and abridged there. On our behalf, Google uses the information transmitted to assess your use of our app, to compile reports about the activities and to render further services in connection with the use. Google may also transmit information to third parties, if required by law or if third parties process the information on behalf of Google. By no means will Google link your IP address with other Google data.

Moreover, we use the advertising functions of Google Analytics. By means of these functions, it is possible to anonymously collect and process your socio-demographic data using the device-specific advertising ID.

By using our app, you agree to the processing of your data collected by Google and the processing of the data for the purposes described above. To prohibit collection and use of data by Google Analytics in this app, please object to it by disabling the option “Send anonymous usage data“ at the bottom of the data protection statement.

5.4 Collection, processing and use of data with Firebase Analytics

To analyze user behavior and to integrate Firebase Cloud-Messaging-Services, our app uses the services of Firebase Analytics.

The Firebase-SDK (Software Development Kit) collects information about the app version, the type of device, the version of the operating system, the point of time of the installation of the app as well as the user‘s age, gender and groups of interest. Furthermore, by means of further activities, Firebase SDK collects information during use of the app. The event-driven data collection of Firebase-SDKs is triggered by activities such as installation and start of the app, updates, re-installation, update of the operating system, deletion of app data, app crashes, and in-app purchases as well as the receipt, the swipe and the opening of push-messages and the opening and updating of the app by means of a dynamic link. For each of these events the number of visits, the number of users triggering the event and, if available, the value of the events is collected. To identify the devices, Firebase-SDK uses the device-specific advertising ID.

By using our app, you agree to the processing of your data collected by Firebase and the collection of data for the purposes as described above. To prohibit the collection and use of data by Firebase Analytics in this app, please object to it by disabling the option “Send anonymous usage data “at the bottom of this data protection statement.

5.5 Collection, processing and use of data with Facebook-SDKs

In this app, we integrate so-called Facebook-SDKs. This software allows a follow-up of the type of ad campaign in Facebook that prompted users to download our app. To this end, we transmit to Facebook the device-specific advertising ID, the app version and the information that the app was started or canceled.

You can object to the transfer of the above data to Facebook in this app by deactivating the option “Send anonymous usage data “at the bottom of this data privacy statement.

5.6 Collection, processing and use of data using Facebook Custom Audience

On our pages, we have integrated remarketing tags from the social network Facebook, located at 1601 South California Avenue, Palo Alto, CA 94304, USA. These serve statistical purposes and purposes of market research. With the help of the data obtained, we can design our Facebook activities more effectively and, for example, display posts or advertisements only for visitors to our website. If you visit our pages, a direct connection between your browser and the Facebook server is established via the remarketing tags. Facebook then receives the information that you have visited our site with your IP address. Facebook can then associate the visit to our pages with your user account. The information obtained in this way can be used to display Facebook ads. We would like to point out that as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Facebook. You can find more information about this in Facebook's privacy policy at https://www.facebook.com/about/privacy/. If you do not want data collection via Custom Audience, you can disable Custom Audiences here.

5.7 Collection, processing, and use of data when using Batch

Our application uses the service of Batch for sending push messages. The provider is IMEDIAPP SA (batch.com), 43 rue Beaubourg, 75003 Paris, France.

The processing of personal data is based on your consent (Art.6 para.1 lit. a DSGVO) to send push messages or on our legitimate interests (Art.6 para.1 lit. f DSGVO) in optimizing our push messages. Batch receives the following from us for sending push messages

a pseudonymized user ID,

your IP address,

a push token,

the status about the decision whether you want to receive notifications,

browser and operating system information,

geo-based information, and

information about the version of Batch used, messages sent, and usage behavior.

Batch accesses the browser's LocalStorage. At the same time, we use tools from Batch to record the use of the various functions of the app to provide you with a targeted offer via push notifications.

We have concluded a Data Processing Agreement (DPA) with Batch, in which we oblige Batch to protect our customers' data and not to pass it on to third parties, and to comply with the requirements of the GDPR.

If you want to delete the data collected about your activity, click here.

You can find more information on data processing by Batch at https://batch.com/privacy-policy.

5.8 Collection, processing, and use of data when using Crazy Egg

We use the web analysis service "Crazy Egg" provided by Crazy Egg Inc., 16220 East Ridgeview Lane, La Mirada, CA 90638, USA in our apps. This allows us to collect and process the activities and actions of visitors to our website in pseudonymous user profiles in order to improve and optimize the design of our apps based on the analysis of visitor behavior. Cookies are also stored on your computer for this purpose. The information generated by these cookies about the use of our apps is transmitted to a server of Crazy Egg Inc. in the USA and stored there in pseudonymous user profiles. The following information is processed by Crazy Egg:

anonymised IP address

displayed pages and movements on this page

number and position of clicks on links

browser type and version

screen size of the device in use

We have entered into an agreement for processing on the basis of Art. 28 GDPR in connection with the EU standard contractual clauses with Crazy Egg, in which Crazy Egg commits to protect the data of our users and process it in accordance with applicable data protection regulations. Crazy Egg uses the data collected exclusively on our behalf and for the purpose specified here. There is no further use of the data by Crazy Egg or disclosure to third parties. The data collected by Crazy Egg is not stored together with other personal data of our app users.

The processing of personal data is done on the basis of your consent through our cookie banner (Art. 6 (1) lit. a GDPR).

You can revoke your consent for the processing of your data at any time through our cookie banner. Alternatively, you can object to the processing of your data by Crazy Egg directly at http://www.crazyegg.com/opt-out or prevent the storage of cookies through an appropriate setting in your browser.

5.9 Collection, processing, and usage of data when using Contentful

Parts of the contents of our apps are provided through the Contentful Content Delivery Network (CDN) of Contentful GmbH (Ritterstr. 12-14, 10969 Berlin). Accessing these contents establishes a connection to servers of Contentful GmbH. The use of the Contentful CDN is based on our legitimate interests under Art. 6 para. 1 lit. f GDPR. Your IP address and information about the used browser will only be processed by the Contentful CDN for the aforementioned purposes and to maintain functionality and security. The storage duration of the processed data and further information can be found in the privacy policy of Contentful GmbH at https://www.contentful.com/legal/privacy-at-contentful/privacy-notice/.

5.10 Collection, processing, and use of data during on demand media and live stream playback

The app provides streaming content via the partners Akamai Technologies GmbH (Parkring 20 - 22, D-85748 Garching, Germany) and THEO Technologies NV (1B Kolonel Begaultlaan, 3rd floor Leuven 3012, Belgium). When a page is called up on which playback devices for streams are offered, information about your browser and your IP address, with which you visit our page, is transmitted to the servers of the above-mentioned providers.

The use of the Akamai CDN and THEO Technologies NV streaming service is based on our legitimate interests according to Art. 6 (1) (f) GDPR. For more information, you can refer to the privacy policies of Akamai Technologies GmbH at https://www.akamai.com/de/de/privacy-policies/ and THEO Technologies NV at https://www.theoplayer.com/terms.

6. Rights of the data subject

The data subject shall have the following rights:

Right of access (Art. 15 GDPR)

Right to rectification (Art. 16 GDPR)

Right to object (Art. 21 GDPR)

Right to erasure (Art. 17 GDPR)

Right to restriction of processing (Art. 18f. GDPR)

Right to data portability (Art. 20 GDPR)

For requests of this kind, please contact datenschutz@wetteronline.de. Please note that for such requests, we must ensure that it is actually the affected person.

Every data subject shall have the right to lodge a complaint with a supervisory authority. You can either consult the appropriate data protection authority for your location, or the data protection authority responsible for us (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach 20 04 44, 40102 Duesseldorf, Germany).

7. Regular updating of this data protection notice

The legal framework concerning us as service provider is characteristically subject to changes and amendments. These changes and amendments require the occasional updating of these data privacy notes. We will therefore inform you of possible alterations.

8. Contact us

Should you wish to contact us, you can reach us via:

WetterOnline Meteorologische Dienstleistungen GmbH
Karl-Legien-Straße 194a
D-53117 Bonn
Germany

E-mail: info@weatherandradar.com
Phone: +49 228 55937-998
Fax: +49 228 55937-80