Privacy Policy

In our User Privacy Notice we have compiled all essential information about our handling of your personal data and your corresponding rights for you.

 

This User Privacy Notice is effective from 24 Aug 2019

 

1.   Scope and updates of this User Privacy Notice

This User Privacy Notice applies to your use of this website and all ReMi-Net applications, services (including payment services), products and tools (collectively the 'Services'), regardless of how you access or use these Services, including access via mobile devices and apps.

This User Privacy Notice also applies if explicit reference is made to it via a link or in a similar manner, e.g. on websites of partners on which Services from ReMi-Net are offered.

We may change this User Privacy Notice at any time by posting the revised User Privacy Notice on this website and indicating the effective date of the revised User Privacy Notice. You will be notified of any material changes to this User Privacy Notice via your ReMi-Net account and/or by email.

 

2. Controller

Which REMI NETWORK Ltd company is responsible for the collection and processing of your personal data in connection with the provision of the Services depends on how you use our Services.

 

2.1 Use of the Services

The following REMI NETWORK Ltd company is responsible for the collection and processing of your personal data in connection with the provision of our Services (except payment services for subscription services, see below under Use of the payment for subscription services), depending on the region in which you are located:

 

2.2 Use of the payment services for subscription services

The following REMI NETWORK Ltd company is responsible for the collection and processing of your personal data in connection with the provision of our subscription services, depending on which region you are located in and whether we provide our payment services there:

 

3.  Data protection officer and contact

In those countries where we are required to do so by law, we have appointed data protection officers to oversee the protection of your personal data. If you have any questions about this User Privacy Notice or about data protection at ReMi-Net in general, you can contact the data protection officer responsible for your country at any time. You will find the contact details of your data protection officer in the list of our data protection officers in our ReMi-Net Privacy Centre.

Furthermore, if you have any questions or complaints regarding this User Privacy Notice, our global privacy standards (see section 6.1 Data transfers to ReMi-Net Limited corporate family members under section 6. International data transfers below) or our handling of personal data, you can also contact the ReMi-Net Privacy Team or the controller who is responsible for the processing of your personal data at any time (for further information, see Controller above). This applies regardless of whether we have appointed a data protection officer in your country or not. You can find all necessary information and contact details including a contact form in our ReMi-Net Privacy Centre.

 

4.  What personal data we collect and process 

We collect your personal data when you use our Services, create a new ReMi-Net account, provide us with information via a web form, add or update information in your ReMi-Net account, participate in online community discussions or otherwise interact with us. We also collect personal data from other sources (such as other REMI NETWORK Limited corporate family members or credit agencies or bureaus).

 

In total, we collect the following personal data:

4.1 Personal data you provide when using our Services or creating a ReMi-Net account

 

4.2 Personal data we collect automatically when you use our Services or create a ReMi-Net account

 

4.3 Personal data we collect in connection with the use of cookies and similar technologies

We use cookies, web beacons and similar technologies to collect data while you use our Services. We collect this data from the devices (including mobile devices) that you use our Services with. The data collected includes the following usage- and device-related information:

For more information about our use of these technologies and your choices, see Cookies & similar technologies.

 

4.4 Personal data from other sources

We also collect personal data about you from other sources and from third parties to the extent permitted by applicable law. In particular, this includes the following data:

With regard to our payment services for subscription services: data from government or other sources concerning any previous convictions of the respective account holder, to the extent permitted by applicable law. We combine or connect the personal data we collect from you with data from these other sources. Where personal data is disclosed to us by third parties, we take steps to confirm that the information has been collected with your consent and/or that these third parties are otherwise legally permitted to disclose your personal data to us. We also receive access to personal data about you from other members of the REMI NETWORK Limited corporate family.

 

4.5 Social network data you share with us

 

5.  Purposes and legal basis for data processing and categories of recipients

We process your personal data for various purposes and pursuant to various legal bases. We process your personal data primarily to provide and improve our Services, to provide you with a personalised user experience on this website, to contact you about your ReMi-Net account and our Services, to provide customer service, to provide you with personalised advertising and marketing communications, and to detect, prevent, mitigate and investigate fraudulent or illegal activity. We also share your information with third parties for these purposes.

Below you will find a summary of the purposes for which we process your personal data, including the categories of recipients to whom we transmit personal data for the purposes stated, sorted by legal basis:

 

5.1 We process your personal data in order to fulfil our contract with you and to provide you with our Services. This includes the following purposes:

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

 

5.2 We process your personal data in order to comply with legal obligations to which we are subject. This includes the following purposes:

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

 

5.3 We process your personal data in order to protect your vital interests or the vital interests of another natural person. This includes the following purposes:

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

 

5.4 We process your personal data where necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. In order to reconcile our legitimate interests with your rights, we have introduced appropriate control mechanisms. On this basis, we process your data for the following purposes:

 

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

Information about your right to object to processing based on our legitimate interests can be found below under Rights as a data subject and, with regard to the use of cookies and similar technologies, below under Cookies & similar technologies.

 

5.5 With your consent, we process your personal data for the following purposes:

You can find information about your right to withdraw your consent below under Rights as a data subject and information with regard to the use of cookies and similar technologies below under Cookies & similar technologies.

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

 

Without your consent, we will not pass on your personal data to third parties for their marketing or advertising purposes, nor will we sell or otherwise make it available to third parties for a fee.

 

5.6 Data Sharing between REMI NETWORK Limited Corporate Family Members

As set out above under 'Personal data from other sources,' we also receive access to personal data about you from other REMI NETWORK Limited corporate family members. This enables us, in particular, to provide you, with your consent as legally required, with information about products and services, which we believe might interest you, and improve our products, services, content, and advertising by analysing your use of the services of other REMI NETWORK Limited corporate family members, in particular through the matching of certain data (e.g. cookie IDs). Furthermore, this allows us to better prevent, detect, mitigate and investigate fraud, security breaches and other prohibited or unlawful activities, including the assessment of corresponding risks. We will also grant access to personal data about you to other REMI NETWORK Limited corporate family members for the aforementioned purposes. To the extent that other REMI NETWORK Limited corporate family members have access to your personal data, they will follow practices that are at least as restrictive as the practices described in this User Privacy Notice.

 

5.7 Additional information regarding our payment services for paid subscription services

With regard to our payment services, we additionally point out that ReMi-Net is subject to professional secrecy, which requires special transparency with regard to the processing and, in particular, the transmission of your personal data. We therefore expressly draw your attention to the fact that ReMi-Net may pass on your personal data to trustworthy third parties and business partners where necessary to provide our payment services, as described above in this Section 5 of the User Privacy Notice. This includes in particular the following third parties and business partners:

You can request a complete list of all third party providers and business partners for our payment services for subscription services in the EU by contacting us.

 

5.8 Automated decision-making

We use technologies that are considered automated decision-making or profiling. We will not make any automated decisions about you that would significantly affect you unless such a decision is necessary for entering into, or the performance of, a contract with you, we have obtained your consent, or we are required by applicable law to use such technology. You will find information on your right to object to this processing of your data below under Rights as a data subject.

 

6.  International data transfers 

Some recipients of your personal data are located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country. When transferring personal data to such recipients, we provide appropriate safeguards.

 

6.1 Data transfers to REMI NETWORK Limited corporate family members

The transmission of personal data between different REMI NETWORK Limited corporate family members is based on our worldwide data protection principles, which are binding internal data protection regulations (Binding Corporate Rules, BCRs), or on the basis of other appropriate safeguards (e.g. standard data protection clauses issued or approved by the European Commission (2010/87/EU, 2001/497/EC or 2004/915/EC)). Through our Binding Corporate Rules, the REMI NETWORK Limited corporate family members undertake to protect your personal data and to comply with data protection obligations. Further information on our binding company-wide guidelines and our worldwide data protection principles can be found in the ReMi-Net Privacy Centre.

 

6.2 Other data transfers (from the European Economic Area to third countries)

We will only transfer your personal data from the European Economic Area (EEA) to third countries, i.e. countries outside the EEA, on the basis of appropriate safeguards. Third countries providing an adequate level of data protection according to the European Commission currently include Andorra, Argentina, Canada (for companies covered by the Personal Information Protection and Electronic Documents Act), Switzerland, the Faroe Islands, Guernsey, the State of Israel, the Isle of Man, Japan, Jersey, New Zealand and Uruguay. Recipients in the USA can be partially certified according to the EU-U.S. Privacy Shield, so that appropriate safeguards for an international data transfer exist. In other cases, ReMi-Net provides the necessary safeguards, e.g. through the conclusion of data protection contracts adopted by the European Commission (e.g. standard data protection clauses (2010/87/EU, 2001/497/EC or 2004/915/EC)) with the recipients, or through other measures provided for by law. A copy of the documentation of the measures taken by us is available on request.

 

7.  Storage duration and erasure 

Your personal data will be stored by us and our service providers in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice (see Purposes and legal basis for data processing and categories of recipients for more information on the processing purposes). Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for tax, accounting or auditing purposes). In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defence against legal claims. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.

The specific retention periods for personal data are documented in our regional data retention guidelines. How long we retain personal data may vary depending on the Services we provide and our legal obligations under applicable national law. The following factors typically affect the retention period:

This includes such things as executing the User Agreement with you, maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. Most of our retention periods are determined on the basis of this general rule.

If we store special categories of personal data, a shorter retention period is usually appropriate.

If we process personal data on the basis of consent (including consent to the extended storage), we store the data for as long as necessary in order to process it according to your consent.

Corresponding storage obligations may arise, for example, from laws or official orders. It may also be necessary to store personal data with regard to pending or future legal disputes. Personal data contained in contracts, notifications and business letters may be subject to statutory storage obligations depending on national law.

 

8.  Rights as a data subject

Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of legitimate interests. You can also lodge a complaint with a supervisory authority.

Your rights in detail:

If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

The exercise of the above data subjects' rights (e.g. right to access or erasure) is generally free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge an appropriate fee (at most our actual costs) in accordance with the applicable statutory regulations or refuse to process the application.

 

Exercising your rights and managing your settings

You can exercise your rights as a data subject via our contact forms. In addition, you are of course free to contact us in any other way.

If you would like to change your preferences regarding ReMi-Net notifications (including marketing communications), you can do so at any time in My ReMi-Net under 'Communication Preferences'. If you do not wish to receive marketing communications from us, you can also unsubscribe by clicking on the link in the email you received. For technical reasons, the implementation may take a few days. For information on how to manage your cookie and similar technology preferences, see the next section Cookies & similar technologies.

 

9.  Cookies & similar technologies 

When you use our Services, we and selected third parties may use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalised advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Services. You can find detailed information about our use of cookies and similar technologies and your choices in our User Cookie Notice.

Our cookies and similar technologies have different functions:

We use cookies and similar technologies that remain on your device only as long as your browser is active (session cookies), as well as cookies and similar technologies that remain on your device longer (permanent cookies). Where possible, we take appropriate security measures to prevent unauthorised access to our cookies and similar technologies. A unique ID ensures that only we and/or selected third parties have access to cookie data.

 

Your choices regarding cookies

You are free to disable the use of cookies and similar technologies if this is supported by your device. You can manage your cookie settings in your browser or device settings. In addition, you can decide whether we may use cookies and similar technologies to show you personalised advertisements:

If you decide not to have your personal data processed by us for advertising purposes via cookies (and similar technologies), this does not mean that we will not show you advertisements. It simply means that these advertisements will not be personalised for you using first-party or third-party cookies, web beacons or similar technologies.

 

10.  Data security 

We protect your personal data through technical and organisational security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration. To this end we use firewalls and data encryption, for example, as well as physical access restrictions for our data centres and authorisation controls for data access. You can find further information on data security in our Security Centre.

 

11.  Other important information regarding data protection

This section contains important additional information about the protection of personal data in connection with the use of our Services, including whether you are required to provide personal data.

 

What happens when you share your personal data on our sites or applications?

Other users have access to the information you share on ReMi-Net or disclose to other users. For example, other users can see your content, user ID and associated comments. Other users can also see any information you chose to share in your profile.

When you use our Services, your public user ID may be displayed and available to the public and associated with all of your public ReMi-Net activity. Notices sent to other users about suspicious activity and notice violations on our sites may refer to your public user ID and specific items. Accordingly, if you use a username that allows others to identify you, these others may be able to identify your ReMi-Net activities.

To help protect your personal data, we allow only limited access to other users' contact, postage and financial information as necessary to facilitate your transactions and collect payments. However, when users are involved in a transaction, they have access to each other's name, user ID, email address and other contact and postage information.

 

Your responsibilities over transactional information you receive through ReMi-Net

When you complete a transaction with another user (or a transaction has been cancelled, failed or subsequently invalidated), we will provide you with the other user's personal data (such as name, username, email address, contact information, postage and billing information). Independent from us, you are the controller of such data and responsible for any processing.

Unless you act for purely personal purposes, we recommend that you explain your data processing activities in your own privacy notice and protect the privacy of other users. As an account holder, you must in any case comply with the applicable data protection laws and in particular protect the rights of other users as data subjects, e.g. give them the opportunity to access the personal data collected by you and demand that it be erased.

You may use the personal data that you have access to only for ReMi-Net transaction-related purposes, or for other Services offered through ReMi-Net (such as postage, fraud complaints, and member-to-member communications), and for purposes expressly consented by the user to whom the data relates. Using personal data of other users that you have access to for any other purpose constitutes a violation of our User Agreement.

 

Personal data relating to third parties

If you provide us with personal data relating to another person, you must obtain the consent of this person or the disclosure of the data to us must be otherwise legally permissible. You must inform the other person of how we process personal data in accordance with our User Privacy Notice.

 

Filtering of messages sent via our messaging tools

We filter the messages sent via our messaging tools automatically according to certain criteria and check conspicuous messages manually if necessary. The messages are first received by us and then forwarded to the recipient. All messages are automatically filtered according to certain criteria. If necessary, conspicuous messages are checked manually by our customer service. In the event of a violation, we reserve the right to block the transmission of the message and to restrict the purchase and sales functions of your ReMi-Net account or to block your ReMi-Net account.

This is to protect legitimate interests such as protecting against fraudulent or suspicious activities (e.g. spam, viruses, phishing or other illegal activities) or enforcing our User Agreement and our other rules and policies (e.g. illegal and other prohibited content), including but not limited to enforcing the prohibition of purchases and sales outside of ReMi-Net.

 

Are you obliged to provide your personal data to us?

Some of the personal data that you provide to us (e.g. data by which we can identify you) are required to enter into the User Agreement and the Payments Services Agreement. The provision of any other personal data is voluntary, but may be necessary for the use of our Services, such as subscription services to complete the transaction.

 

Children's Privacy

Our services are not intended for use by children. We do not knowingly collect personal data from users who are considered children under applicable national laws. According to our User Agreement, children are not permitted to use our Services.

 

Staying signed in

When you sign in to your account on our Services, we give you the option to stay signed in to your account for a certain amount of time. If you are using a public or shared computer, we encourage you not to choose to stay signed in. You or any other user of the computer/browser you signed in on will be able to view and access most parts of your account and take certain specific actions during this signed in period without any further authorisation. The specific actions and account activities that you or any other user of this computer/browser may take include:

If you attempt to change your password, User ID, update any other account information or attempt other account activity beyond those listed above, you may be required to enter your password.

You can typically end your signed-in session by either signing out and/or clearing your cookies. If you have certain browser privacy settings enabled, simply closing your browser may also end your signed-in session. If you are using a public or shared computer, you should sign out and/or clear your cookies when you are done using our Services to protect your account and your personal data.