LEGAL NOTICE

calimoto GmbH

Babelsberger Straße 12

14473 Potsdam

Germany

E-Mail: support@roadtrip.calimoto.com

We don’t offer support on the phone. Please write us a mail instead. Thanks!. Phone: +49 331 – 20115605

Represented by: CEO: Sebastian Dambeck

Register entry:

Entry in commercial register.

Register Court: Berlin Charlottenburg

Register Number: HRB 175693 B VAT: DE306450342

 

General terms and conditions

(as on November, 2017)

1. Scope
1.1. These Terms and Conditions regulate the business relations between calimoto GmbH, with headquarters in Berlin, registered in the local court of Charlottenburg under number HRB 175693 (in the following: “calimoto“) and the persons who make use of the application by calimoto described below.
1.2. The term “application“ as used in the following refers to the mobile and web applications offered by calimoto and imply the functions and services belonging to them, regardless of the used domains, systems, platforms or devices.
1.3. The term „content“ resumes all the content either being transmitted by users within the application or being other content being delivered to calimoto like for example pictures, videos, texts, links, and information about persons, places or tours.
1.4. The term “function“ shall be understood as separate service and application areas and their respective content (e.g. map presentation, picture upload, commenting on tours, etc.).
1.5. “Users“ are within the meaning of these Terms and Conditions all persons who make use of the application offered by calimoto.
1.6. All terms and definitions used, like for example „user“, shall be neutral in gender.
1.7. The user accepts these Terms and Conditions by using the application. Contrary or alternative conditions proposed by the users shall not be recognized, unless calimoto agreed on and accepted them expressly. The lack of objection does not mean in any way acceptance or consent.  
 
2. Limitation on adult, natural entities
2.1. This application may only be used by natural entities. The users have to have reached the age of 16 or have the authorization by their parents or their legal guardian. They confirm this with the registration to this service.
2.2. calimoto reserves the right to demand a proper confirmation of these conditions from the users.  
 
3. Scope of Service and Changes
3.1. This application implies different functions. Some of them are freely available; some of them require a registration, signing up for a premium membership or the purchase of specific function packages.
3.2. Users will be informed separately about the actual costs and have to give their expressed consent on the purchase.
3.3. The purchase of the paid features is done by so called “in-app purchases“ in the respective app stores which offer the application (in particular the Google PlayStore and the Apple AppStore). The purchasing process is takes place directly between the respective user and the particular app store. For these processes, the terms of payment, rights of revocation and other regulations of the respective app store shall apply.
3.4. The functions offered within this application imply amongst others the providing of street and landscape maps (in the following resumed as “maps“) for creating and displaying individual or already prepared tours with detailed information about the route (like route profile, length of the tour, description of it in textual and visual form, pictures and/or videos of the respective individual or selected tour), as well as acoustic and visual direction commands of the created or selected tours. calimoto especially offers the possibility to create individual user tours, the selection of tours which individually match the user’s preferences and tastes, such as detailed information about the respective selected tour (like route profile, length of the tour, description of it in textual and visual form, pictures and/or videos of the respective tour).
3.5. Furthermore, the services imply community functions which allow an exchange of information between the users such as sharing content among each other and in public.  
 
4. Registration
4.1. Each user may only register once and only create one user profile.
4.2. Users have no legal claim of registration in order to use the functions and content for registered users. Therefore, according to the legal requirements, calimoto reserves the right to refuse a requested registration with a orresponding message without giving any reason.
4.3. After the successful registration the user submits an offer for signing an agreement for using the functions that need registration. calimoto accepts this offer by activating the user account for the application.
4.4. calimoto is authorized to eliminate irreversibly the incomplete account including all the information inserted by the user, if the process of registration isn’t undergone completely.
4.5. The user informs calimoto about his actual email address which can be used by calimoto in order to contact the user. The user is responsible for keeping the email address updated and for protecting the access data from the access of third parties.  
 
5. Changes in the Scope of Service from calimoto
5.1. One of the key aspects of calimoto’s offered services is the constant development of the application. This development implies eventual adaptions to the technical and legal progress and the consideration of the users’ expectations in the use of the application.
5.2. In connection with the continuous development, calimoto is allowed to change the application as well as its functions without creating a lack or defect, as long as this change is reasonable and doesn’t threaten the contract purpose. In the case of users who are consumers, these reasonable changes in the paid features imply:
– Changes who benefit the user;
– If the change is for adapting the services with the applicable law in order to create an accordance, in particular if the legal situation has changed;
– If the change is necessary for calimoto in order to fulfill judicial or administrative decisions;
– If the change is necessary in order to close existing security gaps;
– If the change is purely technical or of procedual structure without significant impact on the user;
– Changes without significant impact on the functions do not count to changes in the in this sense.
This is valid in particular for visual changes and simple changes in the order of the functions.
5.3. calimoto informs that the access to the freely available functions is not guaranteed. Any kind of restrictions may only be done if reasonable.  
 
6. Temporal availability The user acknowledges, that calimoto technically cannot guarantee the uninterrupted operation of its own website, the third-party applications and/or the own application (for example the tracking of location data by GPS, visual and acoustic guidance and evaluation of sensor data). The user therefore cannot claim the right for calimoto and its permanent availability. calimoto reserves the right in particular, to restrict or temporally suspend the application for purposes of maintenance, safety or capacity according to their own judgement.  
 
7. Regulations on users’ content and responsibility
7.1. calimoto is not responsible for the content of their users and therefore does not recognize the content as its own.
7.2. calimoto reserves the right to not publish content, to undo the publication of content, to block or delete content in any other way where legally permitted and according to the reasonableness and in particular in accordance to the Privacy Policy and the users’ personal rights, where there is concrete, objective evidence of content violating official or legal regulations, the rights of third parties or if they are immoral. calimoto is not obligated to control content in advance.
7.3. The user makes a commitment about not publishing or sharing unlawful content, in particular racist, pornographic, insulting or libelous content, or content violating the rights of third parties, in particular copyrights and copyrighted rights. Accordingly, the user is fully responsible for all content he publishes and shares on the platform of calimoto.
7.4. If users upload pictures where one or more persons can be identified, this may only happen with the permission of the third party or if it is permitted legally.
7.5. If a user gets informed about or acknowledges on any other way that his content has violated the current legislation, he has to immediately delete the content from the platform of calimoto.
7.6. If users can contact other users within the application of calimoto, they may not molest them in any way (for example with advertisement, sexually understandable requests or repetitive requests when there is no response or when the wish has been expressed not to be contacted).  
 
8. Usage Authorization and extent of utilization
8.1. calimoto informs that the users may only use the application for the personal purposes according to the contract.
8.2. Furthermore, users are not allowed to rent, confer, lease, sell, change or give third parties access to the abovementioned aspects in any technical way to the application, neither free of charge nor in return for payment, without the expressed written permission by calimoto. The prhobitons mentioned above are subject to mandatory legal requirements, sublicences may not be given.
8.3. Sharing the application for example by sharing or making the access data public with more persons is not allowed. This is also valid if the persons do not use the application at the same time. If it is reasonably certain that an account is used by more persons, we reserve the right to disable the account. The user can enter an objection against the blocking.
8.4. Users may only use the application over the offered input masks and interfaces (for example shall tours only be exported by the offered export option to other devices). Actions that may harm the functionality of the application, the software and the infrastructure, are forbidden (e.g. scripts, robots, crawlers). An excessive load which is above the regular frequency and intensity of use of the application is also forbidden in particular.  
 
9. Exemption
9.1. The users exempt calimoto from any claims that third parties may claim because of a violation of their rights.
9.2. Insofar, users have to take the costs of an eventual necessary legal defense including the costs for lawyers and court costs. An exemption by the users does not take place if they are not responsible for the violation of rights.  
 
10. Concession of rights of use by users
10.1. The following concession is non-exclusive; this means users keep the rights on their content.
10.2. The users give calimoto the right to use their legally protected content, as long as it is necessary for the fulfilling of their contractual obligations. This permission implies in particular to reproduce content and make it public in order to save it on the servers of calimoto, to create server backups or to give users access to the content by functions for sharing.
10.3. This usage authorization is free of charge, undetermined by date and place, non-exclusive and valid for all currently known types of use and implies, if technically applicable, the reproduction, distribution, digitalization, exhibition, presentation, transmission, the publicly available making, public communication by vision, sound and data carriers, the storage in data bases as well as the analogue and digital usage.
10.4. calimoto may commission third parties in order to exercise these usage rights in the scope of the legal regulations (for example by commissioning a subcontractor).
10.5. The user content may be edited or changed while protecting users’ the personal rights (e.g. texts may be shortened ad published as teasers).
10.6. Furthermore, calimoto only uses these rights considering the contractual and legal regulations about confidentiality and privacy as well as the rights of objection.
10.7. The users give calimoto free of charge the non-exclusive and by time and space unlimited right to reproduce, share, publish or edit the tour data they generated in any other way, to use it or to make it available to third parties free of charge or fee required, like for example location and motion data as well as data about localities, in anonymized form even after cancellation of the contract.  
 
11. Careful tour selection by the user, Principle of personal responsibility
11.1. The user acknowledges the fact, that the successful drive of a tour, regardless of if it is individually created by the user or if it is a selected tour, depends most of all on his driving skill, the used vehicle, as well as inner and external influences (weather, traffic situation, physical condition). The user takes full responsibility for choosing the right tour and the right way to drive regarding the abovementioned conditions.
11.2. Accordingly, calimoto does not take any responsibility and liability for
– making sure that the user has the physical and mental ability to drive the tour he chose with a motorcycle, a two-wheeler or any other vehicle; 
– making sure that the us is equipped appropriately for the tour he chose;
– if the respective weather conditions allow the user to drive down a tour he chose without having more risk for his life, body and health in the road traffic than the usual elevated risk;
– correct information about the route or ubication;
– for the permission to use the visual and acoustic commands according to the relevant road traffic regulations and only in accordance with the abovementioned conditions and technical tools;
– the possible need of a specific mount for the used device in order to record sensor data, whereby the user shall consider the technical data and the manufacturer specifications, as well as the legal requirements.
11.3. The user acknowledges that a tour offered by calimoto, for whatever reasons, might be subject to temporal or long-term road closures (e.g. by local authorities because of natural events, traffic disruptions of any kind, etc.). It is the user’s full responsibility to pay attention to the local (administrative) orders about the road closures and to pay attention to warnings (for example from the internet, radio or TV about natural events and traffic disruptions of any kind) and to adapt his actions and behavior to them.
11.4. The user acknowledges that the road traffic regulations (in particular the StVO) have full priority before any kind of command by the route navigation from calimoto.
11.5. calimoto does not warrant or guarantee the full access, to the public or to other users, to content being sent to the calimoto system or being forwarded over it by users or other third parties including devices connected to them (for example cell phones). calimoto especially does not warrant the completeness and correctness of content being made available for use from users to other users. The usage of third-party content may be subject to further Terms and Conditions which can be accessed by the user.
11.6. The following regulations about liability of calimoto remain unaffected from the regulations made under this number.  
 
12. Liability by calimoto
12.1. For damage caused by slightly negligent violations from calimoto of their obligations, calimoto is liable in so far as it is a foreseeable and contract-typical damage which has been a direct result of the breach of duty. In particular, the liability of data loss will be limited to the typical recovery effort which would be the case if regular backup copies would have been made, appropriate to the level of risk. Is the slightly negligent violated obligation of minor importance, calimoto is not liable.
12.2. The abovementioned limitation of liability also implies any possible compensation claims by the users for the compensation of such expenses he had, trusting in the receipt of a contractual performance and which reasonably could be done.
12.3. calimoto shall be unrestrictedly liable in case of damages for harm to life, body and health, should the cause of the damage be based on intent or gross negligence by calimoto or one of its legal representatives or the respective vicarious agents, as well as calimoto is unrestrictedly liable for any further damages caused by intent, grossly negligent violation of the obligations or by fraudulent intent of the abovementioned persons. Furthermore, calimoto is liable for damage that are implied in the mandatory legal liability and under any guarantee assumed by calimoto.
12.4. As long as nothing else has been determined in the above mentioned, there is no liability in any other case irrespective of their legal grounds.  
 
13. Warranty
13.1. calimoto makes efforts to keep the application available constantly. Nevertheless, the user recognizes that the complete availability cannot be realized technically. Especially maintenance, safety and capacity issues which are not within the control of calimoto (e.g. disruptions to public communication networks, electricity outages, etc.) can lead to temporary non-availability of the application.
13.2. To users who are entrepreneurs apply the commercial duties to examination and notification. Any claims of defects in case of entrepreneur users shall be statute-barred within twelve months, with exception of fraudulently concealed defects.
13.3. In other respects, the statutory warranty is valid.  
 
14. Sanctions
14.1. Because of the essential importance of the functionality and integrity of the application, any users being subject to concrete indications about violating legal provisions, rights of third parties, the good morals and/or the General Terms and Conditions, will be sanctioned.
14.2. The imposed sanctions shall be based on the factual circumstances, the legitimate interests of the concerned parties and be in consideration of whether an accidental misconduct is involved or a deliberate violation.
14.3. The following gradual range of sanctions can be used:
– Deleting content. – Admonishment of a user. – Limitation or restriction of the use of the application. – Block a user temporarily. – Final exclusion of a user, eventually combined with an exclusion order.  
14.4. The legal provisions regarding the right to terminate shall not be affected by the agreements made as specified above.  
 
15. Termination of the Contract
15.1. The registered user is allowed to terminate the contract about usage of the application with calimoto at any time.
15.2. calimoto on the other hand is only allowed to properly terminate the contract with a notice period of two weeks. This provision shall not affect calimoto’s right to declare an immediate extraordinary termination to the concerned user if an important reason is given. In particular, an important reason is given, if the circumstances lead to the assumption that the concerned user has acted in an unlawful way within the use of the platform of calimoto, especially if inserted content into the system of calimoto which violates the property rights of third parties or if he registered with several profiles.
15.3. The termination has to be made in text form at least. Deleting the application from the user’s device does not mean a termination declaration.
15.4. It is the responsibility of the users to save their data before the end of the contract in case of a termination. calimoto is permitted to delete irreversibly any kind of data stored while the period of the contract.
15.5. All of the content and personal information will be deleted with the termination of the contract. Shared content or comments will be excluded out of respect for other users, so that conversations, advice or other content does not lose its value or reverse their meaning. In this case the user’s name will be anonymized. The users have the right to demand the deletion of their remaining personal data.  
 
16. Modification of the GTC
16.1. calimoto reserves the right to modify the GTC at all times with future effect, unless the modification would be unreasonable to accept for the user. In the case of users being consumers, the GTC may be changed in these cases:
– If the change is for adapting the services with the applicable law in order to create an accordance, in particular if the legal situation has changed;
– If the change is necessary for calimoto in order to fulfill judicial or administrative decisions;
– If there are completely new services or elements of service from calimoto as well as technical or organizational processes demand a description in the General Terms and Conditions;
– Changes who just benefit the user.
16.2. In such cases, calimoto will either send the GTC to the email address the user has indicated with two weeks in advance before the GTC takes effect or with a notification dialogue within the application.
16.3. If the user does not object to the new GTC within the two weeks after receiving the email or reading the dialogue within the application, the changed GTC are taken as accepted. calimoto will inform the users along with the change notification about the consequences of an omitted objection.
16.4. If the user objects the new GTC within the given period, calimoto has the permission to properly terminate the contract with the user within one week.
16.5. The users can also accept the new GTC with an express consent.  
17. Final Provisions
17.1. The contractual relationship with calimoto is not transferable to other persons or companies.
17.2. In the case of entrepreneurs, the law of the Federal Republic of Germany is valid as long as no mandatory statutory provisions dictate otherwise.
17.3. Place of performance for users who are entrepreneurs is Berlin. If the user is merchant, legal entity of public law or a special public fund, or has no general place of jurisdiction within the Federal Republic of Germany, the place of jurisdiction is Berlin. calimoto reserves the right to permit his claims at any other permissible place of jurisdiction.
17.4. Platform of the European Commission for Online Dispute Resolution for consumers is: http://ec.europa.eu/consumers/odr/ . calimoto is not obligated and not willing to participate in a dispute resolution before a consumer conciliation body.

 

Privacy Policy

Controller

calimoto GmbH

 

Babelsberger Straße 12

14473 Potsdam, Germany

Commecial Register: Local Court of Charlottenburg, HRB 175693 B

General director: Sebastian Dambeck

E-mail address: support@roadtrip.calimoto.com

Legal information: http://roadtrip.calimoto.com/en/legal_notice_gtc_privacy

The Controller is hereinafter also referred to as “we” or “us”.

Description of our services and objectives

A mobile application with GPS functions to help motorcyclists plan and carry out tours.

Type of processed data:

– Inventory data (e.g., customer master data, such as names, addresses).

– Contact details (e.g., e-mail, phone numbers).

– Content Data (e.g., text input, tours, photographs, videos).

– Contract Data (e.g., subject matter of the contract).

– Payment Data (e.g., bank details, payment history).

– Usage Data (e.g., interests, websites visited, purchasing behaviour, access times, log Data).

– Meta/communication Data (e.g., device IDs, IP addresses, location data).

Processing of special categories of Data (Art. 9 (1) GDPR)

No special categories of data are processed.

Categories of data subjects

– Customers / prospective customers / business partners.

– Visitors and users of the application.

In the following, we will also summarise the data subjects as “users”.

Purpose of Processing

– Provision of our application, its contents and functions.

– Provision of contractual services, customer care and support.

– Response to contact requests and communication with users.

– Marketing, advertising and market research.

– Security measures.

Automated individual decision-making (Art. 22 GDPR):

We do not use exclusively automated individual decision-making.

As of: May 2018

 

1. Purpose and Responsibility

1.1. This Privacy Policy provides information about the purpose, type and extent of the collecting, processing, and use of personal data within our websites, the mobile and web applications including the respective functions and contents (in the following resumed as „application“).

1.2. This Privacy Policy applies equally to the used domains, systems, platforms and devices (e.g. desktop or mobile) on which this application is being used..

2. Rights of Data Subjects

2.1. You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the further information and a copy of the data in accordance with Art. 15 GDPR.

2.2. You have correspondingly. In accordance with Article 16 of the GDPR, the right to obtain from the controller the rectification of inaccurate personal data concerning you, or the completion of the data concerning you.

2.3. In accordance with Art. 17 GDPR, you have the right to demand that relevant data be erased without undue delay or, alternatively, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR.

2.4. You have in accordance with Art. 20 GDPR the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

2.5. In accordance with Art. 77 GDPR, you also have the right to file a complaint with a supervisory authority.

3. Right of Withdrawal

You have the right to withdraw consents granted pursuant to Art. 7 (3 GDPR with effect for the future.

4. Right to Object

You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.

5. Cookies and Right to Object in Direct Marketing

5.1. We use temporary and permanent cookies, i.e. small files that are stored on the user’s devices (for the explanation of the term and function, see last section of this Privacy Policy). In part, cookies serve security purposes or are required for the operation of our online services (e.g., for the appearance of the website) or to save the user’s decision when confirming a cookie banner. In addition, we or our technology partners use cookies to measure the reach and for marketing purposes, about which the users will be informed in the scope of the Privacy Policy.

5.2. If users do not want cookies to be stored on their computer, they are advised to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online services.

5.3. An objection to the use of cookies used for online marketing purposes can be declared for many of the services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/ .

6. Solely Automated individual decision-making

6.1. In accordance with Art. 22 GDPR, you have the right not to be subject to a decision based exclusively on automated processing – including profiling – which has legal effect concerning you or similarly significantly affects you.

6.2. We inform you that we do not use exclusively automated individual decision-making.

7. Erasure of data and archiving obligations

7.1. The data processed by us will be erased or its processing restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this Privacy Policy, the data stored by us will be erased as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data are not erased because they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is excluded and not processed for other purposes. This applies, for example, to data that must be retained for commercial or taxation reasons.

7.2. In accordance with statutory requirements, the records shall be kept for 6 years in particular in accordance with § 257 (1) German Commercial Code (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) German Financial Act (books, records, management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.).

8. Changes and Updates to this Privacy Policy

8.1. We ask you to keep yourself regularly informed about the contents of our Privacy Policy. We will adapt the Privacy Policy as soon as any changes in data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

9. Relevant Legal Basis for the Processing;

9.1. In accordance with Art. 13 GDPR, we inform you of the legal basis of our data processing. If the legal basis is not explicitly stated in the Privacy Policy, the following applies: The legal basis for obtaining consents is Art. 6 (1)) a and Art. 7 GDPR, the legal basis for processing for the performance of our services and performance of contractual measures as well as for answering inquiries is Art. 6 (1)) b GDPR, the legal basis for processing to fulfil our legal obligations is Art. 6 (1)) c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 (1)) f GDPR. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

10. Security of Data Processing

10.1. We shall take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons; the measures include in particular ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transfer, integrity and pseudonymity. Furthermore, we have established procedures that guarantee the assertion of data subjects’ rights, the erasure of data and the response to data hazards. Furthermore, we already consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection by design of technology and by data protection-friendly presettings (Art. 25 GDPR).

10.2. The security measures include in particular the encrypted transmission of data between your browser and our server.

10.3. Employees are bound to confidentiality with regard to data protection, are instructed, monitored, and informed of possible liability consequences.

11. Disclosure and Transmission of Data

11.1. If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transfer the data to them or otherwise grant them access to the data, this will only be carried out on the basis of a legal permission (e.g. if a transfer of the data to third parties, such as to payment service providers, is required for contract fulfilment pursuant to Art. 6 (1),) b GDPR), if you have consented, if a legal obligation requires this or on the basis of our legitimate interests (e.g. when using agents, web hosting services, etc.).

11.2. If we commission third parties with the processing of data on the basis of a so-called ” Data Processing Agreement”, this is done on the basis of Art. 28 GDPR.

11.3. If we disclose, transfer or otherwise grant access to data to other companies in our Group of Companies (Undertakings), this is done in particular for administrative purposes as a legitimate interest and in addition on the basis of a Data Processing Agreement.

12. Transfers to Third Countries

12.1. If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transmission of data to third parties, this only takes place if it is necessary to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or let the data being processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised adequate data protection level corresponding to the EU (e.g. for the USA by the “Privacy Shield”) or compliance with officially recognised special contractual obligations (so-called “Standard Contractual Clauses”).

13. Processing of Data within the Course of the Performance of Contractual Services

13.1. We process the data of our customers within the scope of our contractual services. The processed data includes inventory data (e.g., names and addresses as well as contact data of customers) and contract data (e.g., services used, names of contact persons, payment information) of our customers for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 (1) b. GDPR.

13.2. Where we process location-based data in the course of our activities, this shall be done anonymously or only to the extent necessary for the performance of our contractual obligations, otherwise only with the consent of the data subjects concerned.

13.3. The data is deleted after the expiry of statutory warranty and comparable obligations, the necessity of data storage is reviewed every three years; in the case of statutory archiving obligations, the data is deleted after their expiry (end of commercial law (6 years) and tax law (10 years) storage obligation).

14. Administration, Financial Accounting, Office Organization, Archiving

14.1. We process data in the course of administrative tasks as well as the organisation of our company, financial accounting and compliance with legal obligations, e.g. archiving. We process the same data that we process as part of the performance of our contractual services. The processing bases are Art. 6 (1) c. GDPR, Art. 6 (1) f., Art. 28 GDPR. Data subjects are affected by the processing: customers, interested parties, business partners and website visitors. The purpose of the processing is the administration, financial accounting, office organization, archiving of data that serve the maintenance of our company and our services.

14.2. We disclose or transmit data to the tax authorities, tax consultants, auditors, other fee offices, legal advisors and payment service providers.

14.3. The deletion of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities.

14.4. Furthermore, we store information on business partners, customers and prospects on the basis of our business interests, e.g. for the purpose of making contact at a later date. We store this data, which is mainly company-related, permanently.

15. Economic Analyses and Market research

15.1. in order to operate our business economically and to identify market trends, customer and user wishes, we analyse the data available to us on business transactions, contracts, inquiries, etc., in order to ensure that we are able to offer our customers the best possible service. We process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 (1) f. GDPR, whereby the persons concerned include customers, prospective customers, business partners, visitors and users of our online service. The analyses are carried out for the purpose of economic evaluations, marketing and market research. The analyses serve us to increase the user-friendliness, the optimization of our offer and the economic efficiency. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with aggregated values.

15.2. If these analyses or profiles are personal, they will be deleted or made anonymous upon cancellation of the contractual relationship, otherwise after three years from the conclusion of the contract. For the rest, macroeconomic analyses and general trend determinations are prepared anonymously wherever possible.

16. Comments and Contributions

16.1. If users leave comments in the forum, on selected routes, on other users’ profiles or make any other type of contributions, their IP addresses will be stored.

16.2. This is done on the basis on our legitimate interests according to Article 6 (1) f. GDPR for our own security reasons, in case someone writes or contributes with illegal content (insults, forbidden political propaganda, etc.). In this case, we might be prosecuted for this comment or post and are therefore interested in the identity of the author.

17. Contact

17.1. While contacting us (for example through the contact form or e-mail), the information of the user will be processed on the basis of Art. 6 (1) b. and f. GDPR for the purpose of handling as well as for subsequent questions.

17.2. The user data can be saved in our Customer-Relationship-Management System (“CRM System”) or other comparable programs for organizing requests and therefore be stored for 6 years as business letters.

18. Registration

18.1. Within the scope of user registration the following mandatory details will be gathered:

– username;

– email address;

– a from the user freely selectable password;

– declaration of consent by the user about the General Terms and Conditions and the Privacy Policy;

– Statement of the user if he or she henceforth wants to receive information according to his or her personal preferences (e.g. newsletters).

18.2. The aforementioned mandatory user data, with exception of the user name, cannot be retrieved neither by registered or non-registered users, nor by other third parties using of the calimoto website.

18.3. The user can decide individually about adding further information in addition to the aforementioned data.

18.4. The user also has the possibility to optionally add further information besides the mandatory data to his profile and therefore to share personal content (e.g. profile picture, city of residence, etc.) with others (in the following “profile data”). Depending on the user’s selected settings, this information will be publicly visible to visitors and/or other registered and non-registered users.

18.5. Regarding the handling of user data after the resignation and in particular the elimination of their data, we refer to our Termination Agreement in our General Terms and Conditions.

18.6. The registration data is processed on the basis of Art. 6 (1) b. GDPR.

19. Tracking Location Data, Usage Data, Remove Content

19.1. calimoto gives the users the possibility to publish contributions to tours in form of texts, pictures, videos, valuations, written comments, or GPS data. These will be resumed in the following as “usage data”. The reference to usage data in a registered user profile will therefore be called “personal usage data” in the following.

19.2. Whenever a user activates the calimoto application on the mobile device he is carrying and therefore initiates the process of GPS tour data upload from the device’s GPS system to the servers of calimoto, he therefore gives his permission for calimoto to analyze, process and save this data:

– The formerly mentioned personal usage data will be analyzed and afterwards saved in reference to the user in the calimoto system in order to provide a more individual automatized tour planning for the users in the future.

– The usage data will by default be analyzed, processed and saved on the calimoto system anonymously and depersonalized, regardless of the user’s identity. The collection and storage of the anonymous usage data serves to identify, update and optimize the informative value of the data calimoto provides for other users.

19.3. The formerly mentioned personal usage data cannot be accessed or retrieve neither by regular visitors of the calimoto website or third parties, nor by registered users of the application unless otherwise specified by the user.
Publicly available are the username, the profile picture and the respective picture.

19.4. The usage data is processed on the basis of Art. 6 (1) b. GDPR.

20. Collection of Access Data

20.1. We collect data based on our legitimate interests according to Art. 6 (1) f. GDPR over every access to the server on which our service is located (so-called server log files). The access data includes the name of the requested web page, file, date and time of access, amount of transferred data, notification of successful requests, browser type along with the version, the operating system of the user, referrer URL (previously visited websites), IP address and the enquiring provider.

20.2. For safety reasons (for example in cases of misuse and fraud), log file information will be saved for up to 7 days and deleted afterwards. If necessary, data will be stored as evidence until an incident is solved.

20.3. Hostingp rovider: 1&1 Internet SE, Eigendorfer Str. 57, 56410 Montabaur, Germany, Privacy Policy: https://hosting.1und1.de/terms-gtc/terms-privacy/ .

21. Google Analytics

21.1. Based on our legitimate interests (which mean the interest in analyzing and optimizing our application and interest in economical operation according to Article 6 (1) f. GDPR, we use Google Analytics, a web analysis service of Google Inc. (“Google“). Google uses cookies. The application usage information created by the cookies are usually transmitted to a Google server in the USA and also stored there.

21.2. Google is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

21.3. Google will use this information on our account to analyze the usage of our application by our users, to create reports about user activity in this application and to deliver other services related to the usage of our application and the internet usage. In this process, there can be created anonymous usage profiles out of the provided user information.

21.4. We only use Google Analytics with activated IP anonymization. This means, that the IP address is shortened by Google within member States of the European Union or other parties of the Agreement in the European Economic Area. Only in special cases will the full IP address be transferred to a Google Server in the USA and shortened there.

21.5. The transmitted IP address will not be combined with other Google data. The users can object the storage of their data with a respective setting in their browser configurations. Furthermore, the users can also prevent the acquisition of the application usage data by Google as well as the processing of it by downloading and installing the following browser plugin:
http://tools.google.com/dlpage/gaoptout?hl=de .

21.6. Further information on Google’s use of data for marketing purposes can be found on the overview page: https://policies.google.com/technologies/ads Google’s data protection declaration can be accessed at https://policies.google.com/privacy .

21.7. If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: https://adssettings.google.com/authenticated . In addition, personal data will be made anonymous or deleted after a period of 14 months.

22. Google Conversion und Advertising Display Services

22.1. Based on our legitimate interests (which mean the interest in analyzing and optimizing our application and interest in economical operation according to Article 6 (1) f. GDPR, we use the Marketing and Remarketing Services (in the following “Google Marketing Services”) by Google Ireland Limited ., Gordon House, Barrow Street, Dublin 4, Irland, (“Google”).

22.2. Google is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

22.3. The Google Marketing Services allow us to display advertisement for and on our website in a more efficient way, based on the preferences and interests of the users. If a user gets advertisement based on his interests he showed on other websites this is called “Remarketing”. Whenever our website or other websites using Google Marketing Services is opened, Google executes a code which incorporates (re)marketing tags into the website (invisible graphics or codes, also called “Web Beacons“).
These Web Beacons save an individual cookie (small file) on the user’s device (instead of cookies other technologies can be used as well). Those cookies can be set by different domains, among others Google, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file contains information about which sites have been visited, which content has interested the user and which offers he has clicked, also technical information about browser and operating system, linking websites, time of visit and other data about the usage of the application.
The IP address is stored as well, although we inform you that that the IP address is shortened by Google within member States of the European Union or other parties of the Agreement in the European Economic Area, and the full IP address will only in special cases be transferred to a Google Server in the USA and then shortened there.
The IP address will not be combined with other user data within other Google offers. The abovementioned information can be combined by Google with other information from other sources. If the user visits other pages afterwards, it is possible that he will receive advertisement according to his interests.

22.4. The data will be processed anonymously within the scope of the Google Marketing Services. In consequence, Google will not save or process the user’s name or email address, but the relevant cookie data regarding the anonymous user profiles.
This means that Google does not save the data for a concretely identified person but for a cookie-owner, regardless of the owner’s identity. This does not apply if the user expressly permitted Google to process the data without the anonymization. The data Google Marketing Services collected about the user will be transferred to Google and be sent to the Google servers in the USA.

22.5. One of the services we use by Google Marketing Services is the online advertising system “Google AdWords”. In the case of Google AdWords, each user gets a “Conversion Cookie”. Cookies cannot be traced back to the websites from AdWords clients. The information provided by this cookie is used for the creation of conversion statistics for AdWords clients who decided to activate the conversion tracking. The AdWords clients receive information about the number of people who clicked their advertisement and have been redirected to a site with a conversion-tracking-tag. But they will not receive any information which could identify the user personally.

22.6. Based on the Google Marketing Service “DoubleClick” we can incorporate third-party advertisements. DoubleClick uses cookies which allow Google and partner websites to place advertisement based on the user’s visit on this or other websites.

22.7. Furthermore, we can use the “Google Tag Manager“ in order to integrate and organize the Google Marketing Services on our website.

22.8. The data may be processed by Google for up to two years before it is anonymised or deleted.

22.9. Further information on Google’s use of data for marketing purposes can be found on the overview page: https://policies.google.com/technologies/ads Google’s data protection declaration can be accessed at https://policies.google.com/privacy .

23. Fabric – Development Platform

23.1. We use the Development Platform „Fabric“ and the related functions and services by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, („Google“).

23.2. Fabric is a platform for mobile and website software developers. Fabric offers a wide range of functions which can be seen on this site: https://fabric.io/kits.

23.3. Amongst other things, the functions imply the application storage including the user related data, like for example their created content or information about their interaction with the applications. Fabric offers interfaces which allow interaction between the users of the application and other services, like for example the authentication with services like Facebook, Twitter or an email-password-combination.

23.4. The user interaction gets analyzed with the help of the analysis service “CrashLytics“. Crashlytics analyzes how the users interact with an application. In order to do so, events like the first opening of the application, uninstallation, updating, crashed or the frequency of use will be processed.
But also other information about the user’s interest might be processed such as the interest of specific functions or topics of the application. This can create user profiles as a base for sending individual advertising messages.

23.5. Fabric and the user related data processed by it can be combined with other Google services like for example Google Analytics and the Google Marketing Services (in this case additional information about the device like „Android Advertising ID“ and „Advertising Identifier for iOS“ can be processed to identify the user’s devices).

23.6. We use Fabric based on our legitimate interests in analyzing and optimizing our application and in economical operation from Article 6 (1) f. GDPR. The users are informed about the legal regulations and Google regulations about the inclusion of Fabric and the related services.

23.7. Google is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

23.8. Further information on Google’s use of data for marketing purposes can be found on the overview page: https://policies.google.com/technologies/ads Google’s data protection declaration can be accessed at https://policies.google.com/privacy .

23.9. If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: https://adssettings.google.com/authenticated .

24. Facebook Interfaces

24.1. Based on our legitimate interests in analyzing and optimizing our application and in economical operation from Article 6 (1) f. GDPR, we use interfaces to the social network Facebook, which is run by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are living in the European Union, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

24.2. Facebook is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations
( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).

24.3. We use the so called Facebook-Software-Development-Kits („Facebook-SDK“) in order to measure the effectiveness of our advertisements on Facebook (“Facebook Ads”). With the help of the Facebook-SDK we also want to ensure that our Facebook Ads will be of potential interest of the user without bothering him. The Facebook-SDK helps us to understand the effectiveness of our Facebook Ads for statistical and market research purposes by allowing us to see who clicked on our Facebook Ad and got redirected to our application (“Conversion“).

24.4. The Facebook Pixel is attached to the access to our application and can either save a so called cookie (small file) or save data on another way about the user’s device on your device. The user related data is anonymous for us and doesn’t allow us any kind of conclusions about the user’s identity. Nevertheless, the data will be saved and processed by Facebook, which means that a connection to the respective user profile is possible and can be used for Facebook or for own advertising and market research purposes.

24.5. The data use by Facebook is based on the Facebook Data Usage Regulations. You can find general information about the display of Facebook Ads in the Facebook Data Usage Regulations: https://www.facebook.com/policy.php . Specific information about the Facebook Pixel and its operating principle can be found in the Facebook Help Center: https://www.facebook.com/business/help/651294705016616 .

24.6. You can object the Facebook Pixel and the use of your data for Facebook Ads. You can open the website operated by Facebook to learn how to adjust the Facebook Ads you want to receive. On this site, you will also find information about the configurations on advertisement based on your preferences: https://www.facebook.com/settings?tab=ads . The settings are platform-independent and will be applied on all devices, such as for desktop computers and mobile devices.

24.7. You can object the use of cookies for range measurement and advertisement purposes over the opt out page of the Network Advertising Initiative ( http://optout.networkadvertising.org/ ), the US-American website ( http://www.aboutads.info/choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).

25. Newsletter

25.1. With the following instructions we will inform you about the content of our Newsletter as well as about the login, the distribution, the statistical measurement and your right of revocation. With the subscription to our Newsletter you accept the receipt and the process described below.

25.2. Content of the Newsletter: We send the newsletter, emails and other electronic notifications for promotional purposes (in the following „Newsletter“) only with the permission of the user or a legal permission. If the content of the Newsletter is described in a concrete way with the subscription of the Newsletter, they are decisive for the permission of the user.
Our Newsletter consists of information about tours, news, updates and services of calimoto.

25.3. Double-Opt-In and Recording: The subscription to our newsletter works in a so called Double-Opt-In process. After the subscription you will get an email for authentication. The authentication is necessary to make sure a proper and correct subscription. The subscriptions to our Newsletter are recorded as a proof because of legal regulations. This implies the date and time of subscription and confirmation, such as your IP address. Any changes of your saved data at your delivery service are recorded as well.

25.4. Delivery Service: The newsletter is distributed via “MailChimp”, a Delivery Service Platform of Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can find the Privacy Policy of MailChimp here: https://mailchimp.com/legal/privacy/ .

25.5. The Rocket Science Group LLC d/b/a MailChimp is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations ( https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active ).

25.6. Furthermore, according to their information the delivery service can use the data in anonymized form, this means without the allocation to a user, for enhancement of its own services like the technical delivery and display optimization of the Newsletter and for statistical purposes, to determine which country the recipients come from. However, the delivery service does not use the data of our Newsletter recipients for writing them on their own or transferring the data to third parties.

25.7. Login Information: The indication of an email address is enough for subscribing to our Newsletter. You can optionally indicate your name, so that we can address to you personally.

25.8. Statistical Survey and Analysis: The Newsletter contain so called „web beacons“, small files that are retrieved by the server of the Delivery Service by opening the Newsletter. In this process, technical information like your browser and your system, but also your IP address and the time and date of opening it will be stored. This data will be used for optimization purposes, by analyzing the technical data or the reading behavior of specific target groups and the time, date and location of opening the Newsletter (with the help of your IP address). Also, the statistical surveys imply the identification if the Newsletters are opened, when they are opened and which links are clicked. This information can be related to the specific receivers because of technical reasons, but it is neither our, nor the Delivery Service’s aim to observe individuals. The evaluation is focused on analyzing reading behavior in order to adapt the content if necessary.

25.9. The newsletter with the statistical surveys and analysis is sent on the basis of Art. 6 (1) a. GDPR. The use of the Delivery Service, and the recording of the login process are based on our legitimate interests according to Article 6 (1) f. GDPR. Our aim is creating a user-friendly and save Newsletter system which on the one hand serves our economic interests and on the other hand fulfills the user’s expectations.

25.10. Cancellation/Revocation: You can cancel the receipt of our Newsletter at any time, which means that you can revoke your permissions. You get a link to do so at the end of each Newsletter. If the user only subscribes for the Newsletter and later on cancels this subscription, the user related data will be deleted as soon as it is no longer required to prove their former consent, which can be a period of three years.

26. For United States users: Compliance with the Children’s Online Privacy Protection Act.

26.1. We recognize the need to provide further privacy protections with respect to data we may collect from children who use our application. For that reason, we make every effort to comply with the regulations of the Children’s Online Privacy Protection Act of 1998 (15 U.S.C. § 6501 – 6506). We never collect or maintain data through the application from those we actually know are under thirteen years of age, and no part of the application is structured to attract anyone under thirteen years of age. We expressly disclaim, and you expressly release us from, any and all liability whatsoever for any controversies, claims, suits, injuries, harm, loss, penalties, damages, arising from and/or in any way related to any misrepresentations regarding the age of any user. We reserve the right to suspend and/or terminate with or without notice the account of any user who we believe has provided false information when registering for and/or using the application, and each use agrees to make no further use of the application after termination and/or during suspension.

27. Integration of Third-Party Content

27.1. We use content and service offers based on our legitimate interests (e.g. interest in analyzing and optimizing our application and interest in economical operation according to Article 6 (1) f. GDPR in order to integrate services and contents like videos or fonts (in the following resumed as “content”).
This always requires that the third-party providers receive the users’ IP address. Without the IP address they would not be able to send the content to the browser of the respective user. The IP address is therefore necessary for the presentation of that content. We do our best to use only such content whose provider uses the IP address only in order to deliver the content. Third-party providers can furthermore use so called Pixel Tags (invisible images, also called “Web-Beacons”) for statistical or marketing research purposes. These Pixel Tags can contain information about the visitor traffic on this website. The anonymized information can be saved as cookies on the user’s device and can imply data about the browser and operating system, linking websites, time and date of visit such as further information from other sources.

27.2. The following description shows an overview of third-party providers and their content, as well as links to their Privacy Policies which contain further information about their data processing and the opt-out options, which are partially already mentioned here:

– External Fonts from Google, Inc., https://www.google.com/fonts (“Google Fonts“). The integration of Google Fonts is done by accessing the Google servers (normally in the USA). Privacy Policy: https://www.google.com/policies/privacy/ , Opt-Out: https://www.google.com/settings/ads/ .

– Videos from the platform “YouTube” by the third-party provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Privacy Policy: https://www.google.com/policies/privacy/ , Opt-Out: https://www.google.com/settings/ads/ .

– Information about Google, Inc.: Google is certified with the Privacy-Shield-Agreement and therefore guarantees to adhere to the European Data Protection Regulations ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

– Country Maps of the provider “OpenStreetMap“, https://www.openstreetmap.de. The services of “OpenStreetMap“ are based on a cooperation between people which can be found on the imprint of this provider. To the best of our knowledge, this service only uses the user data in order to provide them with the map functions.