Privacy Policy - Discourse

We take the protection of your personal data seriously. Lightcurve GmbH, Eichhornstraße 3, 10785 Berlin, is committed to data avoidance and data thriftiness. We treat your personal data confidentiality and according to the legal data protection regulations, as well as these data protection regulations.
Please bear in mind that this is a public forum, and search engines can list these discussions. In order to use this forum, it is not necessary that you provide your clear name.

I. Terms

For the terms used, e.g. “personal data”, “processing”, “pseudonymisation”, “profiling”, “person responsible” and “processor”, we refer to Art. 4 GDPR.

II. Responsible entity and data protection officer

The entity responsible for collecting, processing and using your personal data in accordance with Art. 4 No. 7 of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) is the Lightcurve GmbH, c/o WeWork, Eichhornstraße 3, 10785 Berlin (hereinafter referred to as “Lightcurve” or “Data Controller” or “We”).

The data protection officer of Lightcurve is Mr. Silvan Jongerius, of TechGDPR (https://techgdpr.com) and can be reached at the following e-mail address: dpo@lightcurve.io.

III. Scope of data collected and legal basis

Registration on website
We collect information from you when you register on our site and gather data when you participate in the forum by reading, writing, and evaluating the content shared here. When registering on our site, you will be asked to enter your name and email address. You may, however, visit our site without registering. Your e-mail address will be verified by an email containing a unique link. If that link is visited, we know that you control the email address. When registered and posting, we record the IP address that the post originated from.

We process these categories of data to provide you with our website’s functionality, technical support, and to analyse our website traffic (business efficiency). Please note, that without the registration data, we will be unable to provide you with the full functionality of the website. The legal basis for the data processing is pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR (“performance of a contract”).

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits. The following data is temporarily stored by the web server when you visit the provider’s website and until it is automatically deleted:
● Browser type/ browser version* used operating system* IP address
● Date and time of access* Referrer URL* Transferred amount of data
● Message as to whether the call was successful
● Website from which access is gained
● Name of the Internet access provider

The provider uses the log data only for statistical evaluations, for the purpose of operating and providing its service, as well as for the security and optimization of the offer. However, the provider reserves the right to subsequently check the log data if there are concrete indications of justified suspicion of illegal use.

The legal basis for the data processing is pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR (“legitimate interest”).

Visiting the website and cookies
When you visit our website, we, as well as third parties commissioned by us, collect your usage data. This is necessary in order to be able to present the offer at all or in the respective form and with corresponding performance.
Cookies are used to enable full use of the online offer and to improve and personalise the online offer by the website operator automatically receiving certain data about your terminal device and the internet connection. Cookies are stored on your computer. Cookies do not damage your computer and do not contain viruses. You can view the storage time of a stored cookie in your system. The cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit.

The legal basis for the data processing is:
● For functional cookies- Art. 6 para. 1 sentence 1 lit. b GDPR (“performance of contract”).Without functional cookies, we will be unable to make the website work;
● For analytical and advertisement cookies - Art. 6 para. 1 sentence 1 lit. a GDPR (“consent”).

Hosting
We use external hosting services for our online services. When you visit our website, these providers receive your usage data.

The legal basis for the data processing is pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR (“performance of a contract”). Without using hosting provider services, we will be unable to store the data we collect through the website.

Data processing agreement
Insofar as we disclose data to other persons and companies (so-called “Contract Processors” or “Third Parties”) within the framework of our data processing, transfer them to Third Parties or otherwise and grant them access to the data, this shall only take place if the processing is necessary for the performance of a contract to which your are party or in order to take steps at the request of you to entering into a contract (Art. 6 para. 1 sentence 1 lit. b GDPR), if a legal obligation provides for this (Art. 6 para. 1 sentence 1 lit. c GDPR) or on the basis of our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR), e.g. to improve the user experience of our service. If we commission Third Parties to process data, this is done on the legal basis of Art. 28 GDPR and through a data processing agreement.

Cross-border data transfers and service providers in third countries
The processing of data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or the use of Third Party services or the disclosure or transfer of data to Third Parties will only take place if it is carried out to fulfil (pre)contractual obligations (Art. 6 para. 1 sentence 1 lit. b DSGVO), on the basis of a legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) or on the basis of our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR). Subject to legal or contractual permissions, we process or allow the data to be processed in a third country only if the special requirements of Art. 44 et seq. of the GDPR are met.

At present, we use service providers in the USA who have undertaken to comply with the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

We also transfer data to Switzerland which was found to have an adequate level of protection for personal data under the European Commission Decision 2000/518/EC (https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:02000D0518-20161217&from =en).

If you wish to receive a complete and exhaustive list of all companies to which your personal data is transferred to, please contact our data protection officer (dpo@lightcurve.io).

IV. Purpose of data processing

Any of the information we collect from you will be used in one of the following ways:
● Provision of the service, its functions and contents.
● Answering contact requests and communicating with users.
● Security measures.

V. Your rights

You have the following rights under the statutory provisions:
With regard to the processing of personal data, you may request information from the Data Controller (Art. 15 GDPR), have incorrect personal data concerning you corrected (Art. 16 GDPR) and, in particular, exercise your right to cancellation (“right to be forgotten”) (Art. 17 GDPR). In addition, you may request that the processing be restricted (Art. 18 GDPR) and that the data be preserved and transferred to another responsible party (Art. 20 GDPR).

If you are of the opinion that we disregard data protection regulations, you can complain to a supervisory authority (Art. 77 GDPR). The responsible supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

According to Art. 7 para. 3 GDPR, the user generally has the right to withdraw his or her consent to the processing of personal data. This right does not exist as described here, as the data processing is not based on the user’s consent.

You may also object at any time to the future processing of the data relating to you pursuant to Art. 21 GDPR, provided that it was collected on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and there are no compelling legitimate reasons on our part to the contrary.

VI. Deletion, limited processing and storage

We generally retain personal data for so long as it is relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps (e.g. pseudonymized). Data may persist in copies made for backup and business continuity purposes for additional time.

VII. Updates of this Privacy Policy

Further development of this website and the implementation of new technologies to improve the user experience may require changes to this Privacy Policy. We therefore recommend that you re-read this Privacy Policy from time to time.