DATA PROTECTION POLICY api.kachelmannwetter.com / api.meteologix.com
Last updated: May 5, 2023
§ 1 Information about the collection of personal data
(1) Below we inform you about the collection of personal data when using our website. Personal data is any data that can be personally related to you, such as name, address, email addresses, and user behavior.
(2) The controller pursuant to Art. 4 para. 7 EU General Data Protection Regulation (DS-GVO) is Meteologix AG, Dorfplatz 2, CH-6417 Sattel, Switzerland, firstname.lastname@example.org.
(3) We process and store your data in Germany and, if applicable, in Switzerland. The European Commission has decided in Decision 2000/518/EC of 26.7.2000, amended by Decision (EU) 2016/2295 of 16.12.2016, that Switzerland ensures an adequate level of protection for personal data. You can view the decisions here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02000D0518-20161217. Further information can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en .
(4) If we use contracted service providers for individual functions of our offer or if we want to use your data for advertising purposes, we will inform you about the respective processes below.
§ 2 Your rights
(1) You have the following rights with regard to your personal data:
- Right to information (Art. 15 DS-GVO),
- Right to rectification or erasure (Art. 16, 17 DS-GVO),
- Right to restriction of processing (Art. 18 DS-GVO),
- Right to object to processing (Art. 21 DS-GVO),
- Right to data portability (Art. 20 DS-GVO),
- Right to withdraw consent (Art. 7 para. 3 DS-GVO).
(2) You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data by us (Art. 77 DS-GVO).
§ 3 Objection or revocation of the processing of your data
(1) If you have given consent to the processing of your data, you can revoke it at any time. Such a revocation does not affect the legality of the processing of your personal data that occurred prior to your revocation.
(2) If we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary for the fulfillment of a contract with you, as will be shown by us in the respective description of the functions. If you exercise such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of a justified objection, we will examine the situation and either discontinue or adjust the data processing, or show you our compelling legitimate reasons for continuing the processing.
(3) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising at the following contact information: Meteologix AG, Dorfplatz 2, CH-6417 Sattel, Switzerland, email@example.com.
§ 4 Collection of personal data when visiting our website
(1) When using the website for informational purposes only, i.e., if you do not provide us with any other information, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f DS-GVO):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the site that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. This includes in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This enables your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.
§ 5 Further functions and offers on our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if interested. For this purpose, you usually have to provide further personal data that we use to provide the respective service and for which the data processing principles mentioned above apply.
(2) In part, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored.
(3) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer.
§ 6 Contacting us by email
(1) If you have any questions, we offer you the opportunity to contact us via the email addresses provided.
(2) Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily given consent.
(3) When you contact us by email, the data you provide (your email address, your message, and possibly other information) will be stored by us in order to respond to your inquiry. We delete the data that arises in this context when it is no longer required to be stored or restrict the processing if there are statutory retention obligations. In this case, Art. 6 Para. 1 S. 1 lit. c GDPR is the legal basis.
§ 7 Use of our paid API service for weather data
(1) If you want to use our paid API service for weather data, you must register with us using an email address and a self-chosen password. We use the double-opt-in process for registration, which means that your registration is only complete when you confirm your registration by clicking on the link in the confirmation email sent to you for this purpose. Additionally, you must provide us with your payment information (e.g. bank details, credit card number, expiration date, CVC code). If you require an invoice with a complete billing address and provide us with this information in the customer area, it will also be processed and stored. Furthermore, we process and store the following data for your account:
- Account status
- Account type
- Selected service package
- Used portal
- Country code
- Registration date
- Date of last modification
- Key number to verify if the service package is still valid
- Date of the last verification if the service package is still valid
- Created invoices
- Places for which you requested weather information
- Service history
(2) We process the data provided by you to fulfill your order and the contract. For payment processing, we will disclose your payment information and email address to our payment service provider, Stripe Inc. We will store your data until the API key is permanently deleted. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.
(3) Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for ten years. However, after two years, we will limit the processing, which means that your data will only be used to comply with legal obligations. The legal basis is Art. 6 para. 1 sentence 1 lit. c GDPR.
(4) Stripe Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA, has committed to the updated standard contractual clauses of 2021 for cross-border data transfers from the European Economic Area and Switzerland, https://stripe.com/en-de/legal/dpa.
(5) In order to prevent unauthorized access by third parties to your personal data, especially financial data, the connection is encrypted using TLS technology.
§ 8 Data Security
(1) We use the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser during website visits. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we instead use 128-bit v3 technology. You can recognize whether a particular page of our website is transmitted in encrypted form by the closed padlock symbol in your browser's address bar.
(2) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.