Last amended: 14th October 2021
1. Contact details of the controller
Should you have any questions or suggestions regarding data privacy, please do not hesitate to contact us. You are welcome to direct your data privacy related questions to our data privacy team by sending an email to firstname.lastname@example.org. Our full contact details as data controller are:
ConsciousGrowth GmbH / Remagine
Schönhauser Allee 169a
Data Privacy Officer of ConsciousGrowth GmbH/ Remagine
Mr. Bertrand Delain
2. Data Processing on our website and when interacting with us
In the context of visiting our website personal data is only collected if this is necessary for technical reasons to use our website or if you use certain functions or services offered on our website, e.g. the contact form.
The following log-data is automatically recorded every time the website is accessed:
- date and time of access (“time stamp”)
- name of the file requested
- website from which the file was requested
- access status (e.g. file transferred, file not found)
- browser type / version
- used operating system
It is necessary to process this data to make it possible to visit our website and to guarantee the long-term functionality, availability and security of our systems. The legal basis for this data processing is Art. 6 (1) (f) GDPR.
Our website uses Google Fonts to display external fonts. This is a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA hereinafter ”Google”).
To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.
We process information you provide in interaction with our Customer Support Team to respond to your support request. In the context of your support request, we also collect your name and other related data. We will process this data and, if necessary, data regarding your other services or other company data stored by us to answer your request via live chat, e-mail or by other means of communication. The legal basis is Art. 6 (1) (b) GDPR. More information on live chat can be found in Section 4.4.
2.3 Remagine Newsletter
You have the opportunity to subscribe to our Remagine Newsletter, which informs you regularly about our release notes, new features and updates regarding our service. When registering for the Remagine Newsletter, we ask you to provide your email address so that we can send you the newsletter. We will also ask you during the sign-up process, if you would like to subscribe to the Remagine newsletter. We will then use the email address from your account.
For newsletter subscriptions we use the so-called double opt-in procedure, which means that we will only send you the Remagine Newsletters by email if you click on a link in our notification email to confirm that you are the owner of the email address provided. If you confirm your email address, we will store your email address, the time of registration and the IP address you used when registering until you unsubscribe from the Remagine newsletter. The sole purpose of storing this data is to be able to send you the newsletter and prove that you registered.
We use MailChimp, a service provided by The Rocket Science Group LLC (675 Ponce de Leon Ave. NE, Suite 5000, Atlanta, GA 30308, USA, “MailChimp”), for the provision, administration and distribution of our newsletter. Mailchimp is based in the USA and has incorporated European Commission approved “Standard Contractual Clauses” into their Data Processing Agreement with us and thereby providing an appropriate level of data protection according to article 46 (2) (c) GDPR.
You can unsubscribe from the Remagine Newsletter at any time. An unsubscribe link can be found in every newsletter. It is of course also sufficient if you notify us using the contact details provided above or in the newsletter (e.g. by email or letter). The legal basis of the above processing is your consent pursuant to Art. 6 (1) (a) GDPR.
2.4 Customer and partner management
For the administration of our business contacts we process information about your company (in particular address, legal representatives and their contact data) as well as information about the respective contact persons (in particular name, position, professional contact information) and any communication with you. We use this data in order to be able to contact the contact persons within your company and to process your requests appropriately and to maintain or establish our business relationship. The legal basis is Art. 6 (1) (b) GDPR.
3. Cookies, marketing and analytics tools
When you visit and use our website and the Remagine-Platform, we may store a variety of cookies. Cookies are small text files stored in your web browser’s memory which contain information that can be used to recognize you when you visit web servers later on. However, this does not mean that we are immediately aware of your identity. Cookies cannot execute any programs or transfer viruses to your computer.
The primary purpose of our own cookies is rather to make using our service as time-saving and user-friendly as possible.
- for load balancing;
- to store language settings;
- to store form data; and
- to note that information placed on our website has been displayed to you, so that it will not be displayed again the next time you visit the website.
For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These cookies are deleted 30 minutes after you stop interacting with our website. In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site or platform again to take advantage of our services, it will automatically recognise that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
We do this to be able to make your use of our website more convenient and personalised. The processing of the respective cookies is based on our aforementioned legitimate interests, meaning the legal basis is Art. 6 (1) (f) GDPR.
You can prevent the storage of cookies by adjusting your browser settings to disable the acceptance of cookies via this website. If you do not accept cookies, however, this may in some cases lead to considerable functional restrictions on our website.
3.2 Use of Cookiebot
3.3 Web analytics by Matomo
On our website we use the open source software tool Matomo that we host on-premise to analyze the surfing behaviour of our users. This is an open source web analysis tool. Matomo does not transfer any data to servers outside of our control. Matomo does not record any session data without your consent.
We regard this analysis as an integral part of our service. Its aim is to consistently improve the website and align it more closely with user needs.
The analysis software runs exclusively on the servers of our website. Storage of the user’s personal data only takes place there. The data is not passed on to third parties.
You can decide here whether or not to allow a web analysis cookie to be stored in your browser to enable us to gather and analyse statistical data.
If you decide against this, click on the link below to store the Matomo deactivation cookie in your browser.
You can decide here whether or not to allow a web analysis cookie to be stored in your browser to enable the website operator to gather and analyse statistical data. If you decide against this, remove the tick from the box below to store the Matomo deactivation cookie in your browser. Currently your visit to this website is being recorded by Matomo web analysis. If you do not wish your visit to be recorded in future, click here.
The legal basis for processing personal data of users is Art. 6 (1) (a) GDPR.The processing of personal data of users enables us to analyse the surfing behaviour of our users. By evaluating the collected data, we are able to generate information about the use of the individual components of our website. This helps us to continually improve our website and its user-friendliness. By anonymising the IP address, the interests of the users regarding protection of personal data are sufficiently taken into account.
The data is deleted as soon as it is no longer needed for our record-keeping purposes. The generated statistics and underlying data are not deleted.
More information about the privacy settings of the Matomo software can be found here.
3.4 Links to other websites and online content
Our website may contain links to websites and online content of other providers not affiliated with us. If you activate these links, we naturally no longer have any influence on which data is collected by the respective providers and which data they record. For more detailed information on data collection and use, please refer to the privacy policies of the respective providers. Since the collection and processing of data by third parties is beyond our control, we cannot assume any responsibility for this.
3.5 Our social media profiles
We are represented in various social networks.
Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, D2 Dublin, Ireland), data protection notices
On our website we link to our company profiles on the respective social networks. Please note, that when you activate a link to a social network, data is transferred to servers of the respective provider. If you are logged in to the respective social network at that moment with your username and password, the information that you are visiting our website will be transferred to the social network and the respective provider may assign this information to your user account.
Basically, we have no way of influencing the data processing regarding the social networks. But we do receive statistics about usage and visits of our company profiles on the social networks (e.g., information about the number of views, interactions such as likes, comments and retweets, and aggregated demographic and other information or statistics). For this purpose, we submit certain parameters regarding our company and the services and content we offer on our company profile to the social network. This information is used by the providers to create more detailed statistics. In addition, the providers may use data they collect when you visit the social network for their own purposes beyond our control. For more detailed information, please refer to the providers’ privacy notice linked above.
If you also intend to assert rights against the social network provider, the easiest way to do so is to directly contact the respective provider. The provider knows the details on the technical operation of the platform and the associated data processing as well as the concrete purposes of data processing and can put appropriate measures into practice to comply with your inquiry. The contact details can be found in the privacy notice linked above. We gladly support you in asserting your rights to the extent of our competence.
The legal basis for linking and operating our company social media profiles is Art. 6 (1) (f) GDPR based on our legitimate interest in our corporate communications in the respective social networks.
4. Data processing for our Customers (registered users)
Registered users are our Customers, which have been successfully onboarded to the Remagine-Platform and the Remagine Digital Bank Account. Between starting and completing the onboarding process our future Customers are considered potential Customers.
Remagine only services business customers in the meaning of § 14 German Civil Code (BGB). To service our Customers, we process data which is required for the provision of our services itself as well as data which is required by legal and regulatory obligations such as Banking, Tax and Anti-Money Laundering provisions. While most of the data is related to account management (bank account and transaction data from the use of the VISA Business Debit Card) also personal data like names and E-mail addresses of legal representatives, employees and beneficial owners will be processed. To offer our Customers the Remagine Bank Account we use the service of Solarisbank AG (Cuvrystraße 53, 10997 Berlin, Germany, “Solarisbank”) a German bank supervised by the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin).
While we at Remagine manage your bank accounts and provide you with analytics, dashboard and other services, Solarisbank is a bank actually providing your bank account and all payment related services. Remagine and Solarisbank are Joint Controllers according to Art. 26 GDPR. Remagine is responsible for all interaction with the Customers and also for all requests regarding the processing or personal data also when acting as Joint Controller together with Solarisbank.
4.1 Account opening
While signing up to the Remagine-Platform we collect some general data on the Customer’s company. These include beside others the legal form of the business, country of establishment, number of employees and e-mail addresses and phone number of the legal representatives as well as names and other data of beneficial owners. To open the Remagine Account, these data are transferred to Solarisbank.
4.2 Management of the Account
We manage your Remagine-Account at Solarisbank and provide you with your account overview as well as displaying the individual transactions and all other functions in connection to your Remagine Account. While doing so we process your transaction data incl. account number, references, balances and other activities. Whenever this data contains personal data e.g. in references or transaction data, we treat them as such. As our customers are always legal persons most of the data are not considered personal data. In certain cases, due to Remagine being the point of contact for the Customer, we are collecting further data according to regulatory and legal obligations (e.g. GwG – Anti-Money-Laundering Act or AO-Abgabenordnung) and are transferring the data to Solarisbank.
Legal basis for this data processing is Art. 6 (1) (f) or (c) GDPR.
With our multi-banking Service, Customers can connect multiple external bank accounts to the Remagine-Platform.
When processing these bank account data, we do not look into specific transactions of yours. This bank account information is processed with the help finAPI GmbH (Adams-Lehmann-Str. 44, 80797 München, Germany). finAPI is an account information service provider regulated by BaFin. The account information is only collected if you instruct to transmit the bank account information by entering your bank account access information in the corresponding input mask.
Legal basis for this data processing is Art. 6 (1) (a) GDPR.
4.4 Customer Service and Chat
For the administration of our business contacts we process information about your company (in particular address, legal representatives and their contact data) as well as information about the respective contact persons (in particular name, position, professional contact information) and any communication with you. We use this data in order to be able to contact the contact persons with your company and to process your requests appropriately and to maintain or establish our business relationship. The legal basis is Art. 6 (1) (b) GDPR.
We use the Zendesk Chat on our website and the Remagine-Platform which is a live chat software provided by Zendesk Inc. (1019 Market Street San Francisco, CA 9410, USA). The messages and data received and sent when using this live chat will be processed and documented. The Zendesk Chat aims at communicating directly with our website visitors and customers in real-time which is also known as a live chat.
For each individual accessing our website or the Remagine-Platform which is equipped with the Zendesk Chat software, data will be collected for the purpose of running the live chat and analyzing the operation of this system.
Zendesk Chat shows the user whether one of our employees is currently online so that they can provide an immediate answer to your questions. If you use our live chat system, the data you provide will be saved to answer your questions. The collected data includes:
- Chat history
- Entered name
- IP address
- Country of origin
- Pages visited
- Duration of the visit to the pages
- Other personal information, depending on the information provided (for example, email address, phone number)
It is possible to enter contact details such as name, phone number, and e-mail address in order to facilitate the contact. Such data are not passed on to third parties and are only used to process and document the requests.
You can find more information about the GDPR-compliant data processing by here.
Legal basis for this data processing is Art. 6 (1) (f) GDPR.
When the business relationship between Remagine and the Customer is terminated, Remagine is obliged to store your data according to statutory retention periods. When these retention requirements are fulfilled, Remagine will delete your data. Data that does not fall under retention obligations will be deleted immediately. Further rules as outlined in Section 7 apply.
5. Disclosure of data
In principle, we will only pass on the data we collect if:
- You have given your explicit consent pursuant to Art. 6 (1) (a) GDPR;
- disclosure is necessary pursuant to Art. 6 (1) (f) GDPR in order to establish, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being disclosed;
- we are legally obliged to do so under Art. 6 (1) (c) GDPR; or
- this is permitted by law and is required under Art.6 (1) (b) GDPR for the processing of contractual relationships with you or for taking steps at your request prior to entering into a contract.
In addition, data may be disclosed in connection with official requests, court orders and legal proceedings if this is necessary to pursue or enforce rights.
The security of your personal information is important to us. We take a number of organisational, technical and physical measures designed to protect the personal information we collect, both during transmission and once we receive it. Our security is subject to constant improvement and our privacy policies are constantly being revised.
7. Personal data retention
We store personal data only for as long as is necessary to fulfil contractual or statutory duties for which the data were collected. We then erase or anonymise the data immediately, unless we still need it until expiry of the statutory period of limitation for purposes of evidence in civil claims or due to statutory duties of storage. For purposes of evidence, we must still store data for three years from the end of the year in which business relations with you end or an Remagine account is deleted. We are also required to store some of your data for accounting purposes. We have an obligation to do so under statutory duties of documentation which may arise under the German Commercial Code (HGB), the German Tax Code (AO) or the German Anti-Money Laundering Act (GwG). The retention periods can be up to 10 years.
8. Your rights
You have the right to information about how we process your personal data at any time. When providing this information, we will explain the data processing and provide you with an overview of the data stored about you.
If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected.
You may also demand that your data be erased. Should the erasure not be possible in exceptional cases due to other legal regulations, the data will be blocked so that it is only available for that legal purpose.
You are also entitled to have the processing of your data restricted, e.g. if you believe that the data we have stored is incorrect.
You also have the right to data portability, which means that on request we will send you a digital copy of the personal data you have provided on the basis of consent or a contractual relationship.
In order to assert your rights described here, you can contact us at any time using the contact details provided in Section 1 above.
In addition, you have the right to object to data processing if it is based on Art. 6 (1) (f) GDPR or for marketing purposes.
Finally, you have the right to lodge a complaint with our competent data protection supervisory authority. You can assert this right by contacting a responsible supervisory authority . The supervisory authority in Berlin is:
Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, E-Mail: email@example.com, Internet: http://www.datenschutz-berlin.de
Right of withdrawal and objection. Pursuant to Art. 7 (3) GDPR, you have the right to withdraw consent you gave us at any time. As a result of this, we will cease the data processing based on this consent with future effect. This withdrawal of your consent will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.
If we process your data on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right under Art. 21 GDPR to object to the processing of your data, and to give us reasons which arise from your particular situation which, in your opinion, show that your legitimate interests override ours. If your objection is to data processing for direct marketing purposes, you have a general right of objection, which we will implement without requiring you to give reasons.
In case you withdrawal your consent certain or all services my no longer be available to you.
If you would like to make use of your right of withdrawal or objection, it is sufficient to simply notify us using the contact details provided above.