Privacy Policy

Privacy Policy

Effective for the website www.bognerdefi.com, the “Bogner DeFi Navigator” application, and the Bogner DeFi GmbH presences on social media platforms X, Facebook, Instagram, Vimeo, and YouTube.

 

Contents

I. Overview – Data Processing at Bogner DeFi GmbH

II. General Information and Mandatory Disclosures

A. Responsible Entity

B. Data Protection Officer

III. Description and Scope of Data Processing

 

  1. General and Technically Necessary Processing

Markdown

Code kopieren

 

  1. Provision of the Website
  • a) Purpose of Data Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Session Cookies
  • a) Purpose of Data Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Brokerage Interface
  • a) Purpose of Processing
  • b) Disclosure of Data to Third Parties
  • c) Legal Basis
  • d) Duration of Storage
  •  
  1. Google Fonts – Fonts
  • a) Purpose of Processing
  • b) Legal Basis
  1. Google Tag Manager – Tool Management
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Processing
  1. Email and Contact Form
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage
  • d) Right to Object
  1. Handling Applicant Data
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Newsletter
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Processing
  1. Personalized Product Recommendations and Updates on Our Platforms via Email
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Processing
  1. Zendesk – Customer Support
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage / Deletion Periods
  • d) Right to Object

B. Analysis and Marketing Tools

 

Markdown

Code kopieren

 

  1. Consent via Cookiebot
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Data Structuring with Snowflake and Airbyte
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Google Analytics
  • a) Purpose of Processing
  • b) Data Recipients
  • c) Legal Basis
  • d) Duration of Storage
  1. Hotjar
  • a) Purpose of Processing
  • b) Legal Basis
  • c) Duration of Storage
  1. Marketing Tools / Affiliate Programs
  • a) Amazon Affiliate Program
  • b) AWIN
  • c) FinanceAds
  • d) Adition

C. Social Media and Media Content

 

Markdown

Code kopieren

 

  • X (formerly Twitter)
  • Facebook
  • Spotify
  • Apple Podcasts
  • Vimeo
  • Instagram
  • YouTube

IV. Special Features on www.bognerdefi.com

  1. User Behavior
  2. Personal Stream / Personal Dashboard
  3. Interests
  4. Settings
  5. Display of Images in Streams

V. Special Processing in Our Mobile Applications (Bogner DeFi App)

  1. Google Analytics for Firebase
  2. Firebase Crashlytics
  3. Interests / Registration in the App
  4. Adjust
  1. Your Rights

VII. Questions?

 

I. Overview – Data Processing at Bogner DeFi GmbH

 

As a company that processes large amounts of data daily, we are committed to handling your personal data responsibly. Data protection is a top priority at Bogner DeFi GmbH. In our privacy policy, we explain how we generally process personal data, particularly on our websites. We also inform you about your rights under data protection laws.

We collect personal data in our company solely based on relevant legal grounds, such as your consent, a contract with you, or legal requirements. When collecting data under the so-called legitimate interest, we apply the highest standards in balancing economic/business interests with the fundamental rights and freedoms of the individuals concerned.

Data processing is always carried out in good faith, meaning we inform you properly and comprehensively about the conditions and scope of the use of your data – transparently and understandably. You will not experience any surprises regarding your personal data at Bogner DeFi GmbH.

It goes without saying that we use data only for predetermined purposes and only as much and as long as necessary or legally required. We also consider the technical and organizational protection and security of your data, ensuring confidentiality, integrity, and availability as core elements of our responsibility.

If you have any concerns, please let us know:

Our data protection team is available at support@bognerdefi.com and happy to assist you.

We provide you with information about the data we process about you at any time, as well as the opportunity to correct, delete, and object to the processing. You also have the right to data portability and the right to lodge a complaint with our supervisory authority, the Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, or any other supervisory authority in the European Union.

With this in mind, we wish you an enjoyable experience on our websites and with our products and services!

Your Bogner DeFi GmbH

 

II. General Information and Mandatory Disclosures

 

       a) Responsible Entity

The entity responsible for data processing on the web presences of Bogner DeFi is:

  • Bogner DeFi GmbH
  • Thierschstraße 20
  • 80538 Munich
  • Email: support@bognerdefi.com
  • Represented by Managing Director Ulrich-Leonhard Bogner

       b) Data Protection Officer

Bogner DeFi GmbH has not appointed a Data Protection Officer.

 

III. Description and Scope of Data Processing

 

      A) General and Technically Necessary Processing

 

  1. Provision of the Website

Each time our website is accessed, our system, i.e., the web server, automatically collects information from the system of your accessing computer or device. The following data is collected:

    • Information about the browser type and version used
    • The operating system of the user’s device
    • The user’s internet service provider
    • The user’s IP address
    • Date and time of access
    • The previous website from which the user accessed our website (referrer URL) 

       a) Purpose of Data Processing

The temporary storage of your IP address by our system is necessary to deliver the website to your device. For this purpose, the user’s IP address must be stored for the duration of the session. The storage of the above-mentioned data in so-called log files is done to ensure the functionality of our website. Additionally, this data helps us technically optimize the website and ensure the security of our information technology systems (e.g., for attack detection).

 

       b) Legal Basis

The legal basis for the temporary storage of this data and the log files is Article 6(1)(1)(f) GDPR (legitimate interests of us as website operators in the secure, uninterrupted, and lawful provision of the website).

 

       c) Duration of Storage

The aforementioned data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this occurs when the respective session is terminated. In the case of storage of data in log files, this happens after no more than 14 days. Further storage is possible. In this case, the user’s IP address is deleted or anonymized by us, so that an assignment of the calling client is no longer possible and the contained data no longer have a personal reference.

 

 2. Session Cookies

 

To ensure certain functions in some areas of our websites, it may be technically necessary to use so-called session cookies. These are data sets (strings) that are temporarily stored on your device.

 

       a) Purpose of Data Processing

The setting of session cookies serves to recognize a calling browser even after a page change. The data is not used to analyze user behavior.

 

       b) Legal Basis

The legal basis for the storage of session cookies is Article 6(1)(1)(f) GDPR in conjunction with § 25(2)(2) TTDSG (our legitimate interest in providing certain functions on our websites). In cases where the processing of session cookies serves the preparation or execution of contracts, the legal basis is Article 6(1)(1)(b) GDPR.

 

       c) Duration of Storage

Session cookies are deleted when the browser is closed.

 

4. Google Fonts – Fonts

 

In principle, all fonts used on our website are provided by our own web servers. In individual cases, parts of our offerings (subsequently loaded services) use so-called Google Fonts, which are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To load the fonts, your browser connects to Google’s servers, which transmits your IP address to Google.

 

       a) Purpose of Processing

We use Google Fonts to achieve an optimal graphical representation of our offerings.

 

       b) Legal Basis

The legal basis for the processing is Article 6(1)(1)(a) GDPR (your consent, which you have given us via our consent banner for the use of the respective service). For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which legitimizes the data transfer based on an adequacy decision of the European Commission pursuant to Article 45 GDPR. You can find Google’s privacy policy here: Google Privacy.

 

       c) Duration of Processing

Google Fonts itself does not store any data. However, when loading the fonts, the user’s IP address is transmitted to Google.

 

5. Google Tag Manager – Tool Management

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, with whom we have concluded a corresponding data processing agreement.

 

       a) Purpose of Processing

As website operators, we have an interest in the fast and uncomplicated management of the various tools on our website. Google Tag Manager is an organization tool that allows us to centrally integrate and efficiently manage website tags via a user interface. Google Tag Manager collects data on the website and forwards it to the connected analysis tools. These tools (e.g., Google Analytics) then store and evaluate this data if they are activated. Google Tag Manager itself does not store any data. The Tag Manager only collects data on how individual tags are used. However, Google Tag Manager collects your IP address, which can also be transmitted to Google’s parent company in the United States.

 

       b) Legal Basis

The legal basis for the processing is Article 6(1)(1)(a) GDPR (your consent, which you have given us via our consent banner). You can view Google’s privacy policy here: Google Privacy. Google processes your data, among other places, in the USA. We have concluded a data processing agreement with Google, including the so-called Standard Contractual Clauses (SCCs) of the European Commission, and have taken additional technical and organizational measures to increase the protection of your personal data. Nevertheless, we point out that, according to the current state of affairs, there is no level of data protection in the USA comparable to the standards of the European Union, and you do not have comparable legal remedies available. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which legitimizes the data transfer based on an adequacy decision of the European Commission pursuant to Article 45 GDPR.

 

       c) Duration of Processing

Data is not stored by the Tag Manager itself. You can revoke your consent to the use of the tool at any time with effect for the future.

 

6. Email and Contact Form

 

You can contact us via contact forms and the provided email addresses. In this case, the personal data transmitted with the inquiry (in any case, the email address) along with the content of the message will be stored. Optionally, users can provide additional information such as contact details, company names, etc., in the respective fields or checkboxes.

       a) Purpose of Data Processing

 

The processing of this personal data serves to handle the content of the contact inquiry.

       b) Legal Basis

 

The legal basis for processing this data, transmitted in the course of sending an inquiry, is Art. 6(1)(1)(f) GDPR (legitimate, aligned interest of us as the responsible party in communicating with the person transmitting the message). If the inquiry aims at concluding or fulfilling a contract, the legal basis is Art. 6(1)(1)(b) GDPR (fulfillment of a contract or pre-contractual measures).

       c) Duration of Storage

 

The aforementioned data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For personal data transmitted via email or the contact form, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the relevant matter has been conclusively clarified. Especially in the case of preparing or executing contracts, longer retention periods may arise due to legal reasons and statutory (e.g., tax law) requirements.

       d) Right to Object

 

As a user, you have the right to object to data processing with effect for the future at any time. All personal data stored in the course of contacting will be deleted immediately in this case, provided there are no statutory retention periods or other legal reasons opposing this.

 

7. Handling Applicant Data

 

Bogner DeFi GmbH publishes job postings on its website. As a user of the website, you can apply for an advertised position or submit an unsolicited application. Regardless, you can send us application documents via email at any time.

 

       a) Purpose of Processing

The purpose of processing the data you submit is to initiate an employment relationship. The scope and nature of the processed data depend solely on the data you voluntarily provide in this context. The data is processed exclusively for the purpose of personnel recruitment and, if applicable, separately from any other data.

 

       b) Legal Basis

The legal basis is Art. 6(1)(1)(b) GDPR (pre-contractual or contractual measures). For optional functions activated based on your explicit consent, the legal basis is Art. 6(1)(1)(a) GDPR.

 

       c) Duration of Storage

In the case of a successful application, we will include the submitted data in our personnel files and retain or process it for the duration of the statutory retention period. Otherwise, we will process your submitted data solely for the purposes of the application process and automatically delete it no later than 6 months after the conclusion of the application process. Within the career portal, you have the option to unsubscribe from job postings emails and delete your search profile independently at any time. Data processed based on your consent will be deleted immediately upon your revocation with effect for the future.

 

8. Newsletter

 

We use the “Brevo” service from Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, with whom we have concluded a data processing agreement pursuant to Art. 28 GDPR, for sending our newsletters.

For this purpose, we transmit the following personal data to Sendinblue: email address.

After subscribing to the newsletter, you will receive an email from Sendinblue. Only after clicking on the link contained therein will you be added to the newsletter distribution list (double opt-in procedure).

Sendinblue is the recipient of your personal data and acts as a data processor on our behalf concerning the sending of our newsletters. Without your consent and the transmission of your personal data, we cannot send you a newsletter.

 

       a) Purpose of Processing

Sending newsletters allows us to provide subscribers with information directly and regularly. Additionally, we analyze your usage behavior to optimize our offerings. This means we learn, for example, whether and when the newsletter was opened by you or whether and when you clicked on a link in the newsletter.

 

       b) Legal Basis

The legal basis for this processing is your consent pursuant to Art. 6(1)(1)(a) GDPR. You can revoke your consent to the processing of your personal data at any time. All email communications contain a corresponding link that allows you to unsubscribe from our distribution list. Additionally, the revocation can be made via the provided contact options. The legality of the processing carried out based on the consent until the revocation remains unaffected.

 

       c) Duration of Processing

Your data will be processed as long as the corresponding consent exists. Apart from that, they will be deleted after the termination of the contract between us and Sendinblue, unless legal requirements necessitate further storage.

 

9. Individual Product Recommendations and Updates on Our Platforms via Email

 

As part of our services, we present information and offers from Bogner DeFi as part of our contractual obligations. In selecting product recommendations, we primarily use data from your previous orders in compliance with legal requirements. Therefore, you will receive a limited number of product recommendations, surveys, and exclusive offers from us, even if you have not subscribed to a newsletter. As a free registered customer, you will only receive information about updates on our platforms and in the offer environment via email.

 

       a) Purpose of Processing

Sending individual product recommendations allows us to send customers emails with content relevant to them. Additionally, we want to inform you about updates on our platforms.

 

       b) Legal Basis

The legal basis is your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. For premium customers, the legal basis is the fulfillment of the contract concluded with you, Art. 6 para. 1 sentence 1 lit. b GDPR, and for sending offers of similar products, Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest, Recital 47 GDPR). You can object to receiving these emails at any time. Regarding information about (e.g., functional) updates for free registered customers, the legal basis is our corresponding legitimate interest according to Art. 6 para. 1 sentence 1 lit. f GDPR in informing about extended/changed usage possibilities when visiting our websites. Regardless, you can object to receiving these emails at any time.

 

       c) Duration of Processing

Your data will be processed as long as the corresponding consent exists or until you inform us within the framework of the contractual relationship that you no longer wish to receive the emails. If you do not wish to receive individual recommendations via email from us, you can object by clicking on the link available in each email or by sending an email to support@bognerdefi.com.

 

10. Customer Support

 

To provide you with comprehensive customer service, we use the appropriate resources and systems when communicating with you, for example, when you contact us via email or through our contact forms on the websites.

 

       a) Purpose of Processing

The purpose of processing is to communicate with interested parties, customers, and other individuals to respond to inquiries or provide support services.

 

       b) Legal Basis

The legal basis for processing is our legitimate interest in legally and technically secure as well as efficient communication with you as a communication partner according to Art. 6 para. 1 sentence 1 lit. f GDPR. If the content of the communication serves the initiation or execution of contractual relationships, this is based on Art. 6 para. 1 sentence 1 lit. b GDPR.

 

       c) Storage Duration / Deletion Periods

Your data will only be stored as long as necessary to fulfill the purposes (e.g., responding to your inquiry) and then deleted. As a rule, this is the case when it is evident from the content of the communication that your concern has been comprehensively and conclusively clarified or answered and no further (e.g., contractual or legal) requirements for storage arise from the communication process.

       d) Right to Object

You can also request the deletion of your data at any time, provided there are no legal or other legitimate reasons against it.

 

B. Analysis and Marketing Tools

 

Like most websites, the internet presence of Bogner DeFi GmbH uses cookies. They serve to make our offer more user-friendly, effective, and secure. A cookie is a small data set that is downloaded to your browser when you visit a website and stored on your device (e.g., PC, laptop, tablet, or smartphone). On the next visit with the same device, the cookie is sent back, usually to our website (first-party cookie). If we have integrated third-party content into our websites, the cookie can also be sent back to the website to which it belongs (third-party cookie). In any case, the website recognizes that it has been accessed with this browser before and may vary the displayed content in some cases.

Most of the cookies we use are purely functional “session cookies,” i.e., they only serve to improve usage and are automatically deleted when the browser window is closed. Other cookies (“persistent cookies”) can be stored for up to 3 years and are used for marketing and analysis of site usage. For example, such a cookie can ensure that you are only shown advertising that matches your interests.

You can control or delete cookies as you wish. For example, you can delete all cookies stored on your computer or prevent the storage of cookies by making the appropriate settings in your browser. However, you may then have to manually adjust some settings each time you visit a site and accept impairments of some functions.

 

1. Consent via Cookiebot

 

Our website uses Cookiebot’s consent technology to obtain your permission for storing certain cookies on your device or for using specific technologies. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (“Cookiebot”).

When you access our website, a connection to Cookiebot’s servers is established. Subsequently, Cookiebot stores a cookie in your browser to associate the consents you have given or revoked.

 

       a) Purpose of Processing

The use of the Cookiebot consent banner serves to obtain and document your consents and other declarations regarding cookie usage in compliance with data protection regulations.

 

       b) Legal Basis

The legal basis is our legitimate interest in the data protection-compliant operation of our web offerings, specifically the collection and legally required documentation of consents, pursuant to Art. 6(1)(1)(c), (f) in conjunction with Art. 5(2) GDPR.

 

       c) Storage Duration

The collected data is stored until you request us to delete it, delete the Cookiebot cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. 

 

2. Data Structuring with Snowflake and Airbyte

 

For structuring and analyzing collected information, we use the services of Snowflake Inc., Suite 3a, 106 East Babcock Street, Bozeman, Montana, 59715 (“Snowflake”). Snowflake receives all data in a pseudonymized form and acts as a data processor on our behalf.

For transmitting the pseudonymized data, we utilize the services of Airbyte Inc., 350 29th Ave, San Francisco, California, 94121, United States (“Airbyte”). Airbyte also receives all data in a pseudonymized form and serves as a data processor for us.

 

       a) Purpose of Processing

We use the data to gain insights into our business and make appropriate adjustments. This involves statistical analyses, such as determining which types of subscriptions are preferred, which trading platforms are used, or through which portals and marketing channels our offerings are primarily accessed.

 

       b) Legal Basis

Data structuring and analysis, as well as the selection of the mentioned providers, are conducted based on Art. 6(1)(1)(f) GDPR. Our legitimate interest lies in the continuous optimization of our offerings, with significantly lower error rates and reduced manual effort compared to alternative methods.

 

       c) Storage Duration

The data is archived and retained as long as it serves as a meaningful basis for statistical evaluations.

 

1. Consent via Cookiebot

 

Our website uses Cookiebot’s consent technology to obtain your permission for storing certain cookies on your device or for using specific technologies. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (“Cookiebot”).

When you access our website, a connection is established to Cookiebot’s servers. Subsequently, Cookiebot stores a cookie in your browser to associate the consents you have given or revoked.

 

       a) Purpose of Processing

The use of the Cookiebot consent banner is to obtain and document your consents and other declarations regarding cookie usage in compliance with data protection regulations.

 

       b) Legal Basis

The legal basis is our legitimate interest in the data protection-compliant operation of our web offerings, specifically the obtaining and legally required documentation of consents, Art. 6 para. 1 sentence 1 lit. c, f in conjunction with Art. 5 para. 2 GDPR.

 

       c) Storage Duration

The collected data is stored until you request us to delete it, delete the Cookiebot cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected.

 

       2. Data Structuring with Snowflake and Airbyte

 

For structuring and evaluating collected information, we use services from Snowflake Inc., Suite 3a, 106 East Babcock Street, Bozeman, Montana, 59715 (“Snowflake”). Snowflake receives all data in a pseudonymized form and acts as a data processor on our behalf.

For transmitting the pseudonymized data, we use services from Airbyte Inc., 350 29th Ave, San Francisco, California, 94121, United States (“Airbyte”). Airbyte also receives all data in a pseudonymized form and acts as a data processor on our behalf.

 

       a) Purpose of Processing

We use the data to gain insights into our business and make appropriate adjustments. This involves statistical analyses, such as determining which types of subscriptions are preferred, which trading platforms are used, or through which portals and marketing channels our offerings are primarily accessed.

 

       b) Legal Basis

Data structuring and analysis, as well as the selection of the mentioned providers, are carried out based on Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the continuous optimization of our offerings, with significantly lower error rates and reduced manual effort compared to alternative methods.

 

       c) Storage Duration

The data is archived and retained as long as it serves as a meaningful basis for statistical evaluations.

 

3.Google Analytics

 

With your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies to analyze your use of our websites. The information collected by the cookies about your use of this website is typically transmitted to a Google server in the USA and stored there.

We use the ‘anonymizeIP’ function (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

During your website visit, the following data, among others, is collected:

  • The pages you access, your “click path”
  • Achievement of “website goals” (conversions, e.g., newsletter sign-ups, downloads, purchases)
  • Your user behavior (e.g., clicks, time spent, bounce rates)
  • Your approximate location (region)
  • Your IP address (in shortened form)
  • Technical information about your browser and the devices you use (e.g., language setting, screen resolution)
  • Your internet service provider
  • The referrer URL (through which website/advertisement you came to this website)

       a) Purpose of Processing

On behalf of the operator of this website, Google uses this information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyze the performance of our website.

 

       b) Data Recipients

The data recipient is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, acting as a data processor. For this purpose, we have concluded a data processing agreement with Google. A data transfer to the USA cannot be excluded. Google LLC, based in California, USA, and possibly US authorities can access the data stored by Google. We point out that the USA does not offer a level of data protection comparable to that of the EU. Similarly, you do not have legal remedies comparable to those in the European Union. More information on Google Analytics’ terms of use and Google’s privacy policy can be found at https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

 

       c) Legal Basis

The legal basis for this data processing is your consent, Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which legitimizes data transfer based on an adequacy decision of the European Commission pursuant to Art. 45 GDPR.

 

       d) Retention Period

The data we send and associate with cookies are automatically deleted after 14 months. Data whose retention period has expired are automatically deleted once a month.

Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by not consenting to the setting of the cookie or by configuring your browser software accordingly to prevent the storage of cookies. However, if you configure your browser to reject all cookies, this may lead to limitations in the functionality of this and other websites.

 

4. Hotjar

 

We use the tool “Hotjar” from Hotjar Ltd., Level 2, St. Julian’s Business Centre, 3, Elia Zammit Street, St. Julians STJ 1000, Malta, to statistically evaluate visitor data on our website. Hotjar is a service that analyzes the behavior and feedback of you as a visitor to our website. We receive reports and visual representations from Hotjar that show us where and how you “move” on our site (so-called heatmaps). Personal data is anonymized and never reaches Hotjar’s servers. Hotjar stores cookies on your device.

 

       a) Purpose of Processing

The purpose of using Hotjar is to create analyses of visitors’ online behavior and to gather user feedback through a feedback tool to improve the quality of the website.

 

       b) Legal Basis

The use of Hotjar is based on your consent, Art. 6 para. 1 sentence 1 lit. a GDPR, which we have obtained through our cookie consent banner. You can withdraw your consent at any time with effect for the future.

 

       c) Retention Period

Personal data is immediately anonymized by Hotjar. The anonymized data, which after evaluation can no longer be classified as personal data, have a maximum retention period of one year on Hotjar’s servers.

 

5. Marketing Tools / Affiliate Programs

 

As website operators, we participate in so-called affiliate partner programs. If you click on an advertisement on our website that participates in the partner program and subsequently perform a transaction (e.g., a purchase), we receive compensation from our affiliate partners. For this, it is necessary that our affiliate partners can identify you and track that you came to the respective affiliate partner through the advertisement placed with us and performed the predefined transaction. For this purpose, our affiliate partners use cookies or comparable recognition technologies (e.g., device fingerprinting).

Legal Basis: The storage and analysis of data are based on Art. 6 para. 1 sentence 1 lit. f GDPR. As website operators, we have a legitimate interest in the correct calculation of our affiliate compensation. If corresponding consent has been requested (e.g., consent to the storage of cookies), processing is carried out exclusively based on Art. 6 para. 1 sentence 1 lit. a GDPR; this consent can be withdrawn at any time with effect for the future.

Adition

We control the delivery of advertising within our online offerings using the ad server technology of Adition Technologies GmbH, Oststraße 55, D-40211 Düsseldorf. In doing so, a cookie with the following content is set in the user’s browser:

  • Browser type
  • Date, time, and amount of ad deliveries
  • Operating system

You can object to the use of this cookie at https://de.adition.com/privacy/widersprechen. You will also find additional information on data protection when using the ad server technology of ADITION technologies AG on this page. Ad servers from third-party providers (DoubleClick, Smart AdServer, Microsoft Advertising Atlas, ADTECH GmbH, AdSpirit AdServer) are used for advertisements on our websites insofar as the advertising party requires it. While Bogner DeFi does not pass on personal data to third-party ad servers, they may use their own cookies to independently collect some data from you. If you wish to disable cookies from these networks, you must visit the respective websites. It is up to you whether you want to disable third-party ad servers. Your decision does not affect your use of our offerings but only the content of the ads served by that network.

The legal basis for this processing is your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR, which you can withdraw at any time with effect for the future.

 

C. Social Media and Media Content

 

Our websites provide various content (audio, video, social media content), presented either through links directing to external websites or embedded (“framed”) content. Bogner DeFi GmbH has no direct influence over data collection by these external providers; the respective processing is solely the responsibility of each provider. The provision or linking of content is based on Article 6(1)(1)(f) GDPR. Bogner DeFi GmbH’s legitimate interest lies in offering appealing and informative content to enhance the value for website visitors.

 

  1. X (formerly Twitter)

Bogner DeFi GmbH operates the X channel at https://twitter.com/bognerdefi. Clicking the “X” icon will redirect you to this page. The provider is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Twitter’s privacy policy is available at https://twitter.com/de/privacy.

 

  1. Facebook

Bogner DeFi GmbH operates the Facebook page at https://www.facebook.com/bognerdefi. Clicking the Facebook icon will redirect you to this page. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Information on Meta/Facebook’s data policy can be viewed at https://de-de.facebook.com/privacy/explanation.

 

  1. Vimeo

We use the platform Vimeo.com to host and provide access to our videos. Vimeo is a service offered by an unrelated third party, Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

Some pages of our website contain links or connections to Vimeo’s offerings. Generally, we are not responsible for the content of linked websites. If you follow a link to Vimeo, please note that Vimeo stores user data (e.g., personal information, IP address) according to their own data usage policies and uses it for business purposes.

On some of our web pages, we also directly embed videos stored on Vimeo. In this embedding, parts of a browser window display content from the Vimeo website. However, the Vimeo videos are only retrieved upon separate clicking. This technique is known as “framing.” When you access a (sub)page of our website where Vimeo videos are embedded in this way, a connection to Vimeo’s servers is established, and the content is displayed on the website by notifying your browser.

When accessing the relevant pages, the IP address and the aforementioned data are transmitted, indicating which of our web pages you have visited. As soon as you start playing an embedded video by clicking, Vimeo stores cookies. These cookies can be prevented through appropriate browser settings and extensions.

The legal basis for embedding the content is Article 6(1)(1)(f) GDPR: Our legitimate interest lies in providing content to inform you as a website visitor about products and services and to make content accessible to you.

Address and link to the third-party provider’s privacy notice:

Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA

Vimeo’s privacy policy can be viewed here: https://vimeo.com/privacy

 

  1. Instagram

Bogner DeFi GmbH operates the Instagram channel https://www.instagram.com/bognerdefi. When you click on the Instagram icon, you will be redirected to this page.
The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Information on Meta / Instagram’s data policy can be accessed at https://privacycenter.instagram.com/.

 

  1. YouTube

We use the platform YouTube.com to upload and publicly share our own videos. YouTube is the offering of a third party not associated with us, namely Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In this context, we explicitly point out that it cannot be excluded that personal data may also be processed in the USA by Google’s parent company and that US authorities or services may have access to personal data. Although we have taken appropriate technical and organizational measures, such as the agreement of the standard contractual clauses (SCCs) approved by the EU Commission, we simultaneously point out that, as it stands, there is no level of data protection in the USA comparable to that of the European Union, and you also have no comparable legal remedies available.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which legitimizes data transfer based on an adequacy decision by the European Commission in accordance with Art. 45 GDPR.
Some of the pages of our offerings contain links or connections to the YouTube platform. In general, we are not responsible for the content of websites to which we link. However, should you follow a link to YouTube, we point out that Google/YouTube stores its users’ data (e.g., personal information, IP address) according to its own data usage policy and uses it for business purposes. You can view Google’s data usage policy here: https://policies.google.com/privacy.
On some of our webpages, we also embed videos stored on YouTube directly. In this embedding, parts of a browser window display content from the YouTube website. This technique is also called “framing.” The YouTube videos are only retrieved by separate clicking. When you access a (sub)page of our website that has YouTube videos embedded in this way, a connection to the YouTube servers is established, and the content is displayed by transferring it to your browser. In this process, your IP address and other IT traffic and usage data are necessarily processed to enable the delivery of the content to your device. This information cannot generally be attributed to you as a person (apart from the possibility of identification via the IP address) unless you are logged into YouTube or another Google service before accessing the page or are permanently logged in. When activating and displaying YouTube content on the pages and apps of Bogner DeFi GmbH, small data sets, so-called cookies, are also stored on your device. This occurs to capture which of our webpages you have visited to call up the respective video. Our legitimate interest in embedding YouTube content generally lies in providing the content to inform you as a website visitor or app user about products and services. Therefore, the legal basis for embedding the content is generally Art. 6 Abs. 1 UAbs. 1 lit. f GDPR. Beyond the mere display of the content, our interest also lies in capturing which individual videos have been accessed and how frequently they have been accessed directly via our website or our apps, to enable a reach-dependent billing of supplied content. The legal basis for storing cookies in this context is your consent, which you granted us through our consent banner or by clicking on the respective thumbnail before the video, Art. 6 Abs. 1 UAbs. 1 lit. a GDPR, § 25 Abs. 1 TTDSG. You can revoke this consent at any time with effect for the future. The collected data will be deleted immediately as soon as the purpose of the processing has ceased and there are no other legal reasons opposing it.

 

IV. Special Processes in Our Applications (Bogner DeFi Navigator)

 

1. Google Analytics for Firebase

To continuously improve your user experience, we collect statistics on the use of the app. For this purpose, we use the analytics tool Google Analytics for Firebase, a service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
The tracking measures we implement are based on Art. 6 Abs. 1 UAbs. 1 lit. f GDPR. With the tracking measures employed, we aim to ensure a demand-oriented design and the ongoing optimization of our app. Additionally, we use the tracking measures to statistically capture the use of our app and evaluate it for the purpose of optimizing our offerings for you. These interests are considered legitimate in the sense of the aforementioned regulation.
In the app’s settings menu, you can deactivate Google Analytics for Firebase.

 

2. Firebase Crashlytics
Our app uses Firebase Crashlytics, a service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). This tool anonymously transmits information to us in the event of an app crash, allowing us to identify the cause of the crash and fix it more quickly. The transmitted data is purely technical in nature and has no personal context.
In the app’s settings menu, you can deactivate Firebase Crashlytics.

 

3. Registration in the App

You must register to use the Bogner DeFi Navigator browser app in order to access the app’s features. The data you enter for registration will only be used for the purpose of utilizing the respective offering or service for which you registered. The mandatory information requested during registration must be provided in full; otherwise, we will reject the registration. For important changes, such as changes to the scope of offerings or necessary technical modifications, we will use the email address you provided during registration to inform you.
The processing of the data entered during registration is based on your consent (Art. 6 Abs. 1 UAbs. 1 lit. a GDPR). You can revoke your consent at any time. A simple email to us suffices for this. The legality of the data processing that has already occurred remains unaffected by the revocation. The data collected during registration will be stored by us as long as you are registered in the app and will then be deleted. Legal retention periods remain unaffected.

 

VI. Your Rights

Under the General Data Protection Regulation (GDPR), you have the right to:

  • request information about your personal data processed by us in accordance with Art. 15 GDPR. This includes the processing purposes, the category of personal data, the categories of recipients of the data, the planned storage duration, the origin of your data, and the existence of automated decision-making (profiling);
  • request the correction of inaccurate or incomplete personal data stored by us in accordance with Art. 16 GDPR;
  • request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, provided that the processing is not necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
  • request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you contest the accuracy of the data, if the processing is unlawful and you refuse the deletion of your data, or if we no longer need your data, but you require it for the establishment of legal claims, or in cases where you have objected to the processing as long as it is not yet clear whether our legitimate reasons outweigh yours;
  • receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or request the transfer to another controller in accordance with Art. 20 GDPR;
  • revoke any consent you have given to us at any time in accordance with Art. 7 Abs. 3 GDPR. A corresponding email to us suffices for this. This means that we will no longer continue the data processing based on this consent in the future. The legality of the data processing that has already taken place remains unaffected by the revocation;
  • lodge a complaint against the processing of your personal data in accordance with Art. 21 GDPR. If your objection is directed against direct advertising, we will implement this immediately. If the processing of your data is based on the legitimate interest of Bogner DeFi GmbH or third parties, and your objection is based on your particular situation, we will comply unless there are compelling legitimate grounds for the processing that outweigh your interests, or we need your data to establish legal claims;
  • lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. If you believe that we have not sufficiently complied with your rights and our obligations under the General Data Protection Regulation, you have the right to file a complaint with a data protection authority. The authority responsible for us is the Bavarian State Office for Data Protection Supervision (BayLDA) Promenade 18, 91522 Ansbach.

VII. Questions?
For any questions, our customer service representatives are available at support@bognerdefi.com.
For all questions regarding data protection, you can also contact our data protection team at datenschutz@bognerdefi.com at any time.
These data protection notices are continually updated. Status: November 2024.

BOGNER Academy GmbH

Peter-Behrens-Platz 10

4020 Linz

Austria

Facebook Instagram Youtube X-twitter

Company

Legal

Scroll to Top