Overview
Protection of personal data and responsible handling of information that you entrust us with are important and of a special concern to us. Ruptly GmbH ("Ruptly", or "we", or "us") processes personal data only in accordance with legal requirements, in particular the EU Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz or BDSG).
This privacy policy informs you how, on what legal basis, to what extent and for what purposes we process personal data in the case you visit our Website http://ruptly.tv and its subdomains.
Further, this privacy policy informs you about the recipients of your personal data within the EEA and third countries (see section 3), the deletion of your personal data and corresponding retention periods (see section 4), your rights as a data subject (see section 5), security measures used to protect your personal data (see section 6) and whether or not an automated decision making process is carried out (see section 7).
1. Controller and Data Protection Officer
Controller in the meaning of data protection law: Ruptly GmbH, Perleberger Str. 42, 10559 Berlin, Germany, +49 (0) 30 3198 72 300 . For further information please see our impressum.
Data Protection Officer: Datenschutzbeauftragter Ruptly GmbH, Perleberger Str. 42, 10559 Berlin, Germany, privacypolicy@ruptly.tv
2. Website: Processing of your personal Data
Providing this Website requires the processing of personal data to the extent described in section 2.1. In addition, personal data will be processed in the cases described under section 2.4—2.6.
2.1. Data Processing to Enable the Use of the Website
When you visit our Website, we collect personal data to enable your use (usage data). This includes your IP address and data about the start, end and subject of your use of the Website as well as any identification data (e.g. your login data when you log into a secure area or payment data where your account enables purchases). It also includes technical data transmitted by your browser such as browser type/browser version, the previously visited website (referrer URL), monitor resolution, operating system, if applicable device information (e.g. device type) etc. We process these data for the provision and demand-oriented design of this Website in our legitimate interest (Art. 6(1)(f) GDPR). If you would like detailed information on the weighing of interests, please contact one of the addresses given under section 1.
2.2. User Account
When you register on our Website or enroll in our educational courses, we first request that you provide us your e-mail address. By providing it, selecting "I hereby confirm that I have read and accept Privacy Policy" and pressing the "Sign Up" button, you give us the consent to the processing of your personal data for the specific purpose of receiving access to the registered members area of the Website (Art. 6(1)(a) GDPR). To enroll in our educational courses you also will be required to provide additional information, such as your name, surname, CV and short video about yourself. This data processing is necessary in order to take steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR) and for the purposes of our legitimate interests (Art. 6(1)(f) GDPR). After the e-mail confirmation procedure you may be requested to fill additional information, such as your name and surname (if applicable), the country you currently reside in and the name of the company you work for (if there is one). This data processing is necessary in order to take steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR) and for the purposes of our legitimate interests (Art. 6(1)(f) GDPR). If you would like detailed information on the weighing of interests, please contact one of the addresses given under section 1.
It is also possible, that you receive a link to the registration page after receiving an e-mail from our website requested by a member of your team or a colleague. In this case, you will be offered to provide some of the details listed above in a single form. The same conditions will apply.
The registration or the opening of a user account at Ruptly is not possible without providing personal data. You are neither obliged to register with Ruptly nor to provide personal data. If you do not provide us with the required personal data, you may not be able to use the functions of the Website. Otherwise there will be no consequences for you.
It is possible to delete your user account at any time as long as you don’t owe any payments to Ruptly. This can be done by sending a message to one of the persons named in section 1. However, if you have signed up for subscription Plan which implies automatic renewal and regular payments to Ruptly, you should opt out of this automatic renewal first. Your user account will be deleted:
- in case all payments due to Ruptly in accordance with your Plan are already processed — after you opt out of automatic renewal;
- in case any payments to Ruptly in accordance with your Plan are pending — after the last pending payment following the request.
2.3. Downloading Content
In order to download Content from the Website, you need to have a user account (see section 2.2.) and provide us with additional personal data to execute the concluded contract, e.g. billing information. The legal basis for data processing is Art. 6 (1)(b) GDPR. The provision of this personal data is a contractual requirement, or a requirement necessary to enter into a contract. If you do not provide us with this personal data it is not possible to execute the contract, which means no Content can be provided.
Consumers that wish to download Content using the Ruptly Pass plan will need to pass the qualification stage. As you will be requested to provide the billing information before the qualification is confirmed, it is possible that Ruptly will have access to it without entering into a contract. In this case, we will keep this information while offering other licensing plans you may qualify for, so that you don’t need to provide the same billing information again. The legal basis in this case are legitimate interests under Art. 6 (1) (f) GDPR. If you will not agree to any of them and we do not enter into a contract in the end, Ruptly will delete the data provided. More information on types of qualification, Ruptly Pass and Plans or licensing models offered to you by Ruptly is available in our Terms of Service.
2.4. Cookies and Tracking
When you visit our website, information may be stored on your computer in the form of a cookie. Further, Ruptly uses web tracking to analyse and improve the usability of our website. Please refer to our Cookie Policy for information.
Furthermore, our website uses Plausible, a web analytics service provided by Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, to analyse how our visitors use our websites and to monitor website performance. With Plausible analytics all the site measurement is carried out absolutely anonymously, cookies are not used and no personal data is collected. There are no persistent identifiers and cross-site/cross-device tracking. All information is hosted on our own servers and won’t be shared with anyone. Further information about Plausible web analytics can be foundhere .
2.5. Chat Function
We process your personal data when you use our chat function. If you contact us via the live chat function provided on the website, your contact details and communication contents will be stored so that they can be used to process and answer your enquiry. Depending on the subject of your inquiry, the legal basis for this data processing is the processing for the purpose of initiating or processing a contract, or our legitimate interest in providing a chat function for general enquiries (Art. 6(1)(b) or (f) GDPR).
2.6. Third party services
Our Website contains links to third party services, including but not limited to social networks (e.g. Facebook, Instagram, Twitter or Youtube) or other service providers. These services are operated exclusively by third parties. If you follow the links, information may be transmitted to these providers. This means that no personal data will be passed on when you visit our Website. Only if you click on one of the social buttons, data will be transmitted to the respective provider. The purpose and scope of the data collection and the further processing and use of the data by the provider as well as your relevant rights and setting options for the protection of your privacy can be found in the privacy policy of the respective provider. You can find them here:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA
http://www.facebook.com/policy.php/
Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA
https://help.instagram.com/155833707900388
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
https://policies.google.com/privacy
2.7. Newsletter and E-Mail messages from us
There are several cases where Ruptly may use the e-mail address that you have provided during the application process or registration to send you messages.
- We will send you an e-mail as you register to confirm that the address provided is correct.
- If you forget your password and request us to send you a link to retrieve a new one, we will do so.
- If there are any important changes in our Privacy Policy or Terms of Service , we may inform you with an e-mail message.
- We will use your address to inform you about changes to your account status.
- You may receive notification e-mails while making purchases on our website.
- You may receive invitations to occasional surveys in order to test new features or to share feedback about your experiences with us.
The legal basis for this is Art. 6(1)(b) GDPR as sending you these e-mails is required for the performance of our contractual obligations under terms of use, licensing arrangements or other agreements in our relation.
In case you enroll in our educational courses or register for our newsletter, we collect your e-mail address and send a confirmation e-mail with a confirmation link. You need to click to subscribe to our newsletter. We store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration so that we can trace any possible misuse of your e-mail address at a later time.You can unsubscribe from the newsletter at any time. You will find an explanation on how to revoke your consent in each of our newsletter e-mails or you can send a message to privacypolicy@ruptly.tv. The legal basis is your expressed consent pursuant to Art. 6(1) (a) GDPR.
2.8. Payment Process
To process payments we work together with the service Stripe Payments Europe Limited, which supports us wholly or partially in execution of concluded contracts. Personal data is transferred to this service provider in accordance with the following information. We will pass on your payment data to this service provider within the framework of payment processing, if this is necessary for payment handling. If other payment service providers are used, we explicitly inform you of this. The legal basis for this data processing is Art. 6(1)(b) GDPR.
Stripe Payments Europe Limited is an entity registered and seated in Ireland.
3. Transfer to Third Parties
We will only pass on the personal data described here where necessary for the provision of our Service or otherwise allowed by the law. Within the scope of the purposes stated here, personal data are transmitted to service providers involved in the provision of our Services. In addition to their legal obligation to comply with all data protection regulations, these service providers are bound to additional contractual data protection requirements. This includes in particular contractual obligations as a processor in accordance with Art. 28 GDPR.
Other than that we transmit personal data to other recipients only if there is a legal permission or you have expressed your consent. Any consent given can be revoked at any time with effect for the future. We will only disclose your data to government authorities within the framework of statutory obligations or as a result of an official order or court decision and only insofar as this is permitted under data protection law.
If necessary for our purposes, we may also transfer your data to recipients outside the EU. This is in particular the case if we have to transmit this data to recipients in third countries for the purposes of contract performance or due to legal obligations. Furthermore, we only transfer data to third countries where the recipient has implemented an appropriate level of data protection within the meaning of Art. 45 GDPR or suitable guarantees within the meaning of Art. 46(2) and (3) GDPR and there are no other interests worthy of protection against the data transfer. To ensure an adequate level of protection for the recipient of data, we in particular use the standard contractual clauses of the EU Commission on the transfer of personal data to third countries (controller to controller; controller to processors transfer), unless an adequacy decision within the meaning of Art. 45(1) GDPR has been taken by the EU Commission.
Ruptly Website uses the following processors:
- Tax Services Provider: Taxamo, 1 Library Place, Killorglin, Co Kerry, Ireland, provides assistance to Ruptly in processing VAT payments according to EU regulations. To do so it requires information about the purchases made through our website and this includes processing your personal data.
- Payments Provider: Stripe Payments Europe Limited, C/O A&L Goodbody, Ifsc, North Wall Quay, Dublin 1, Ireland. Stripe facilitates online payments for Ruptly. While we work with Stripe European office, some of your data may be sent to their U.S. branch. Additional information about this is available in clause 2.8.
- Live Chat Provider: Live Chat Inc., 405 North Street, Chapel Hill, NC 27514, USA. If you contact us via the chat function available on the Website, this service will be provided using Live Chat Inc. as a data processor. This means that the data you will voluntarily provide (your name and e-mail address) will be processed by Live Chat Inc. Live Chat Inc. is GDPR compliant (https://www.livechatinc.com/general-data-protection-regulation). The legal basis for this data processing is the processing for the purpose of initiating or processing a contract, or our legitimate interest in providing a chat function for general enquiries (Art. 6(1)(b) or (f) GDPR). If you would like detailed information on the weighing of interests, please contact one of the addresses given under section 1.
- Web protection tools : Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107, USA. To ensure security of Ruptly website and your data and guarantee continious access to Ruptly website, we use Cloudflare web security services.
Cloudflare is a U.S. based, global company. While Cloudflare has office in Europe, some of your data (such as IP addresses, system configuration information, and other information about traffic to and from Ruptly website) may be sent to their U.S. branch.
Cloudflare comply with GDPR and is certified under the EU-U.S. Privacy Shield Framework, which ensures the adequate level of protection for personal data https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active.
For more information about Cloudflare please read Cloudflare's Privacy Policy: https://www.cloudflare.com/privacypolicy/
4. DATA FROM OTHER SOURCES
In some cases we may receive certain personal data from you or third parties. This applies in case we organize a special workshop or online conference and in similar cases. The information required to participate in such events may be provided directly by you or transferred to us by third party platform provider, e.g. Zoom. In case we collect information ourselves we will request consent to the processing of your personal data for the specific purpose of receiving access to our events (Art. 6(1)(a) GDPR).
5. Deletion
We delete your personal data as soon as it is no longer necessary for the aforementioned purposes of processing. We also delete your personal data if you object to a certain processing of data that is based on legitimate interests, unless there are compelling reasons for Ruptly to continue the processing. We also delete your data if you revoke your consent to the processing and if there is no other legal basis for processing. In certain cases, e.g. if there is a statutory retention period, your data will initially be blocked and deleted upon expiry of the retention period.
6. Your Rights
As a data subject of the data processing, you have the following rights:
- a right to confirmation as to whether personal data relating to you are processed by Ruptly and, if this applies, the right to access to this personal data (Art. 15 GDPR) as well as
- a right to rectification of your incorrect data (Art. 16 GDPR),
- a right to erasure (Art. 17 GDPR) or
- a right to restrict (block) your data (Art. 18 GDPR).
In addition, in the case of processing on the basis of Article 6(1)(e) or (f) GDPR, you may object to the processing (Art. 21 GDPR), stating a specific reason, except in the case of direct mail. If you have provided the data, you can request the transmission of the data (Art. 22 GDPR). Whether and to what extent these rights exist in individual cases and under what conditions they apply is stipulated by law in the aforementioned legal norm. If the processing is based on a consent within the meaning of Art. 6(1)(a) or Art. 9(2)(a) GDPR, you can revoke this at any time for the future (Art. 7(3) GDPR). You also have the right to contact the competent data protection supervisory authority (Art. 77 GDPR).
If you have any questions or complaints about data protection at Ruptly, we recommend that you first contact our Data protection officer (see contact details under section 1).
7.Security Measures to protect your Personal Data
We protect your data by technical and organisational measures against unauthorised access, loss or destruction. Our security measures are continuously improved in line with technological developments. Our employees and all persons involved in data processing are obliged to comply with data protection laws and the confidential handling of personal data. Our employees are trained accordingly.
To protect the personal data of our users, we use a secure online transmission procedure, the so-called "Secure Socket Layer" (SSL) transmission. You can recognise this by the fact that an "s" ("https:") or a green, closed lock symbol is added to the address component http:. By clicking on the icon you will receive information about the SSL certificate used. The display of the symbol depends on the browser version you are using. SSL encryption guarantees the encrypted and complete transmission of your data.
8. No Automated individual Decision-Making
We do not use your personal data for automated individual decisions in the meaning of Art. 22(1) GDPR.
9. Amendment of the Privacy Policy
New legal requirements, business decisions or technical developments may require changes to our privacy policy. The privacy policy will then be adapted accordingly. You can always find the latest version on our Website.
Status: February 2021