Privacy Policy
Privacy Policy
We are delighted that you are interested in our company. Data protection is a particularly high priority for the management of Valdonedo. It is generally possible to use the Valdonedo website without providing any personal data. However, if a data subject wishes to use special services offered by our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to Valdonedo. Through this privacy policy, our company wishes to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.
As the controller, Valdonedo has implemented numerous technical and organizational measures to ensure the most complete protection possible of the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
Definitions
Valdonedo’s privacy policy is based on the terminology used by the European legislator in the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the general public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
In this privacy policy, we use the following terms, among others:
a) Personal data Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution, or otherwise making available, alignment or combination, restriction, erasure, or destruction. d) Restriction of processing Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
e) Profiling Profiling is any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.) Controller or processor The controller or processor is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Recipient Recipient means a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party A third party is a natural or legal person, public authority, agency, or other body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
k) Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and address of the controller
The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other provisions of a data protection nature is:
Johannes Roosen-Runge
Rua do Valdonedo 173
4625-379 Penha Longa
Marco de Canaveses
Contact:
Phone: +351 931388056
E-Mail: info@valdonedo.net
As the number of employees responsible for data processing in the company is less than 10, there is no company data protection officer.
Cookies
Change cookie settings
History of cookie settings
Einwilligungen widerrufen
The Valdonedo websites use cookies. Cookies are text files that are stored on a computer system via an Internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
By using cookies, Valdonedo can provide users of this website with more user-friendly services that would not be possible without the use of cookies.
Cookies enable us to optimize the information and offers on our website for the benefit of the user. As already mentioned, cookies enable us to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, users of a website that uses cookies do not have to re-enter their access data each time they visit the website, as this is done by the website and the cookie stored on the user’s computer system. Another example is the cookie used for a shopping cart in an online shop. The online shop uses a cookie to remember the items that a customer has placed in their virtual shopping cart.
The data subject can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers.
Real Cookie Banner
We use the consent tool “Real Cookie Banner” to manage the cookies and similar technologies (tracking pixels, web beacons, etc.) we use and the related consents. Details on how “Real Cookie Banner” works can be found at https://devowl.io/de/rcb/datenverarbeitung/.
The legal basis for the processing of personal data in this context is Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide personal data. If you do not provide personal data, we cannot manage your consents.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP addressThis data is not merged with other data sources.
The basis for data processing is Art. 6 (1) (b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Use of script libraries (Google Web Fonts)
In order to display our content correctly and in a graphically appealing manner across browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/) on this website. Google Web Fonts are transferred to your browser’s cache to avoid multiple loading. If your browser does not support Google Web Fonts or prevents access, content will be displayed in a standard font.
Calling up script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible—although currently unclear whether and, if so, for what purposes—that operators of such libraries collect data.
The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
Collection of general data and information
The VALDONEDO website collects a range of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The following may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serves to avert danger in the event of attacks on our information technology systems.
When using this general data and information, VALDONEDO does not draw any conclusions about the data subject. Rather, this information is required in order to (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack. This anonymously collected data and information is therefore evaluated by VALDONEDO statistically and further with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.
Contact option via the website
Due to legal requirements, the VALDONEDO website contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for electronic mail (e-mail address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted voluntarily by a data subject to the controller is stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.
Routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or as provided for by the European legislator or another legislator in laws or regulations to which the controller is subject.
If the purpose of storage no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
Rights of the data subject
Rights of the data subject
a) Right to confirmation
Every data subject has the right granted by the European legislator to obtain from the controller confirmation as to whether or not personal data concerning them are being processed. If a data subject wishes to exercise this right of confirmation, they may, at any time, contact our data protection officer or another employee of the controller.
b) Right of access
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller, at any time and free of charge, information about the personal data stored concerning them and to receive a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information:
the purposes of the processing
the categories of personal data concerned
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
the existence of the right to request rectification or erasure of personal data concerning them, or restriction of processing by the controller, or to object to such processing
the existence of a right to lodge a complaint with a supervisory authority
where the personal data are not collected from the data subject: any available information as to their source
the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and—at least in those cases—meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject
Furthermore, the data subject has the right to be informed whether personal data have been transferred to a third country or to an international organization. Where this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to exercise this right of access, they may, at any time, contact our data protection officer or another employee of the controller.
c) Right to rectification
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to obtain without undue delay the rectification of inaccurate personal data concerning them. Furthermore, taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.
If a data subject wishes to exercise this right of rectification, they may, at any time, contact our data protection officer or another employee of the controller.
d) Right to erasure (right to be forgotten)
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to demand from the controller that the personal data concerning them be erased without undue delay, where one of the following grounds applies and to the extent that the processing is not required:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject withdraws the consent on which the processing is based according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Article 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
The personal data have been unlawfully processed.
The erasure of the personal data is required for compliance with a legal obligation under Union law or the law of the Member States to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
If one of the above-mentioned reasons applies and a data subject wishes to request the deletion of personal data stored by VALDONEDO, they may, at any time, contact our data protection officer or another employee of the controller. The data protection officer of VALDONEDO or another employee will ensure that the request for erasure is complied with immediately.
If the personal data have been made public by VALDONEDO and our company, as the controller, is obliged pursuant to Article 17(1) GDPR to erase the personal data, VALDONEDO, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers which are processing the published personal data that the data subject has requested the erasure by such controllers of any links to, or copies or replications of, those personal data, insofar as the processing is not required. The data protection officer of VALDONEDO or another employee will take the necessary measures in each individual case.
e) Right to restriction of processing
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller restriction of processing where one of the following conditions applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, the data subject opposes the erasure of the personal data and requests instead the restriction of their use.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
The data subject has objected to processing pursuant to Article 21(1) GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions applies and a data subject wishes to request the restriction of personal data stored by VALDONEDO, they may, at any time, contact our data protection officer or another employee of the controller. The data protection officer of VALDONEDO or another employee will arrange for the restriction of processing.
f) Right to data portability
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided, where the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, or on a contract pursuant to Article 6(1)(b) GDPR, and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising their right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.
To assert the right to data portability, the data subject may, at any time, contact the data protection officer appointed by VALDONEDO or another employee.
g) Right to object
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to object, on grounds relating to their particular situation, at any time, to the processing of personal data concerning them which is based on Article 6(1)(e) or (f) GDPR. This also applies to profiling based on those provisions.
VALDONEDO shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defence of legal claims.
If VALDONEDO processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning them for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to VALDONEDO to the processing for direct marketing purposes, VALDONEDO will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to their particular situation, to object to the processing of personal data concerning them which is carried out by VALDONEDO for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject may contact directly the data protection officer of VALDONEDO or another employee. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.
h) Automated individual decision-making, including profiling
Every data subject affected by the processing of personal data has the right, granted by the European legislator, not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is based on the data subject’s explicit consent.
If the decision (1) is necessary for entering into or the performance of a contract between the data subject and the controller, or (2) is based on the data subject’s explicit consent, VALDONEDO shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.
If the data subject wishes to assert rights concerning automated decisions, they may, at any time, contact our data protection officer or another employee of the controller.
i) Right to withdraw data protection consent
Every data subject affected by the processing of personal data has the right, granted by the European legislator, to withdraw consent to the processing of personal data at any time.
If the data subject wishes to exercise their right to withdraw consent, they may, at any time, contact our data protection officer or another employee of the controller.
- Social Media
Facebook Plugins (Like & Share Button)
Our website uses the plugin “Custom Facebook Feed.” The plugin is developed by Smash Balloon LLC in the USA (https://smashballoon.com/) (“Provider”) and is offered either as a WordPress plugin or as a standalone PHP plugin. The plugin allows us to display the news feed from our Facebook fan page directly on our website. For this purpose, the plugin retrieves information from Facebook and embeds it into our website.
To the best of our current knowledge, no specific cookies are set in your browser by this plugin that collect, process, or use personal data. However, we cannot completely exclude the possibility that personal data (e.g., IP addresses, browser data, etc.) may be transmitted to the provider of the plugin or to Facebook.
If you click on a link within the news feed, you will be redirected to our Facebook fan page. In this case, Facebook stores information indicating from which website you accessed our Facebook page. For more details on what data Facebook collects, processes, or uses when you visit Facebook pages, please refer to Facebook’s privacy policy.
The full functionality of the plugin can be reviewed at:
https://de.wordpress.org/plugins/custom-facebook-feed/
and
https://smashballoon.com/custom-facebook-feed/
If you do not want Facebook to associate your visit to our website with your Facebook user account, please log out of your Facebook account before visiting our site.
Our website uses the plugin Custom Instagram Feed Pro from smashballoon.com to provide you with an overview of the latest posts, photo albums, and events on Instagram. Even if you do not have an Instagram account, you can still view these posts. The plugin embeds content from the social network Instagram.
The operator of Instagram is Instagram LLC, represented by Kevin Systrom and Mike Krieger, 1601 Willow Rd, Menlo Park, CA 94025, USA.
When you visit our website, a direct connection is established between your browser and the Instagram server via the plugin, as this is the only way to retrieve the most recent Instagram content. As a result, Instagram receives information that your IP address has visited our site.
We would like to point out that, as the provider of this website, we have no knowledge of the content of the transmitted data or of its use by Instagram.
For more information and the applicable data protection provisions of Instagram, please visit:
https://help.instagram.com/155833707900388
and
https://www.instagram.com/about/legal/privacy/
YouTube
Our website uses embedded videos from YouTube, a service operated by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages featuring a YouTube video, a connection is established to YouTube’s servers. During this process, the YouTube server is informed which of our pages you have visited.
The use of YouTube is based on our legitimate interest in providing an appealing presentation of our video content in accordance with Art. 6(1)(f) GDPR.
If you do not want YouTube to associate your visit to our pages with your YouTube account, please log out of your YouTube account.
Further information on the handling of user data can be found in YouTube’s privacy policy at:
https://www.google.de/intl/de/policies/privacy
Privacy Policy on the Use and Application of Facebook
The data controller has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is an online platform that serves as a virtual meeting place and allows users to communicate and interact with each other. It can be used to exchange opinions and experiences or to provide personal or company-related information. Facebook enables users to create private profiles, upload photos, and connect with others through friend requests.
The operator of Facebook is Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If the data subject resides outside the USA or Canada, the controller responsible for the processing of personal data is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website—operated by the data controller and incorporating a Facebook component (Facebook plug-in)—is accessed, the web browser on the data subject’s information technology system is automatically prompted by the corresponding Facebook component to download a display of that component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_US During this technical process, Facebook receives information about which specific subpage of our website was visited by the data subject.
If the data subject is logged into Facebook at the same time, Facebook detects with each visit to our website—and for the entire duration of the visit— which specific subpage of our website the data subject visits. This information is collected by the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks one of the Facebook buttons integrated on our website, such as the “Like” button, or leaves a comment, Facebook assigns this information to the user’s personal Facebook account and stores the personal data.
Facebook always receives information that the data subject has visited our website if the data subject is logged into Facebook at the time of access—regardless of whether the Facebook component is clicked or not. If such transmission of this information to Facebook is not desired, the data subject can prevent it by logging out of their Facebook account before visiting our website.
The data policy published by Facebook, available at https://www.facebook.com/about/privacy/ provides information about the collection, processing, and use of personal data by Facebook. It also explains the settings Facebook offers to protect the privacy of the data subject. In addition, various third-party applications are available that can block data transmission to Facebook, such as the Facebook Blocker provided by Webgraph, which can be obtained at http://webgraph.com/resources/facebookblocker Such applications may be used by the data subject to prevent data transmission to Facebook.
Privacy Policy on the Use and Application of Instagram
The data controller has integrated components of the service Instagram on this website. Instagram is an audiovisual platform that allows users to share photos and videos, as well as to distribute such data across other social networks.
The operator of Instagram’s services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.
Each time one of the individual pages of this website—operated by the data controller and incorporating an Instagram component (Insta button)—is accessed, the web browser on the data subject’s information technology system is automatically prompted by the corresponding Instagram component to download a display of that component from Instagram. In the course of this technical process, Instagram receives information about which specific subpage of our website has been visited by the data subject.
If the data subject is logged into Instagram at the same time, Instagram recognizes each visit to our website by the data subject and, for the entire duration of the respective stay, which specific subpage of our website the data subject visits. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the data subject. If the data subject clicks on one of the Instagram buttons integrated on our website, the data and information thereby transmitted are assigned to the user’s personal Instagram account and stored and processed by Instagram.
Instagram receives information that the data subject has visited our website whenever the data subject is logged into Instagram at the time of access—regardless of whether the Instagram component is clicked or not. If such transmission of this information to Instagram is not desired, the data subject can prevent it by logging out of their Instagram account before visiting our website.
Further information and the applicable data protection provisions of Instagram can be accessed at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/
Privacy Policy on the Use and Application of Twitter
The data controller has integrated components of Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service that allows users to publish and share short messages known as “tweets,” limited to 140 characters. These short messages are visible to anyone, including individuals who are not registered on Twitter. Tweets are also shown to the user’s “followers,” meaning other Twitter users who subscribe to the tweets of a particular person. Additionally, Twitter enables the addressing of a broad audience through hashtags, links, and retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time one of the individual pages of this website—operated by the data controller and containing a Twitter component (Twitter button)—is accessed, the web browser on the data subject’s device automatically triggers a download of the corresponding Twitter component from Twitter. Further information about the Twitter buttons can be found at https://about.twitter.com/de/resources/buttons In the course of this technical process, Twitter gains knowledge of which specific subpage of our website was visited by the data subject. The purpose of integrating the Twitter component is to allow users to share content from our website, to increase its visibility online, and to grow our visitor base.
If the data subject is logged into Twitter at the same time, Twitter detects each visit to our website by the data subject and, for the entire duration of their visit, which specific subpage of our website was accessed. This information is collected by the Twitter component and assigned by Twitter to the corresponding Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated into our website, the resulting data and information are associated with their personal Twitter account and stored and processed by Twitter.
Twitter receives information that the data subject has visited our website whenever the data subject is logged into Twitter at the time of accessing our site—regardless of whether they interact with the Twitter component or not. If the data subject does not wish for this transmission of information to occur, they can prevent it by logging out of their Twitter account before visiting our website.
The applicable data protection provisions of Twitter can be found at:
https://twitter.com/privacy?lang=de
Privacy Policy on the Use and Application of YouTube
The data controller has integrated components of YouTube on this website. YouTube is an Internet video platform that allows video publishers to upload video clips free of charge and enables other users to view, rate, and comment on them at no cost. YouTube permits the publication of all kinds of videos, including full-length films, television programs, music videos, trailers, and user-generated content.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website—operated by the data controller and containing a YouTube component (YouTube video)—is accessed, the Internet browser on the data subject’s device automatically initiates a download of the corresponding YouTube component from YouTube. Further information about YouTube can be found at https://www.youtube.com/yt/about/de/ During this technical process, YouTube and Google gain knowledge of which specific subpage of our website was visited by the data subject.
If the data subject is logged into YouTube at the same time, YouTube recognizes which specific subpage of our website the data subject visits each time a subpage containing a YouTube video is accessed. This information is collected by YouTube and Google and associated with the respective YouTube account of the data subject.
YouTube and Google receive information that the data subject has visited our website whenever the data subject is logged into YouTube at the time of accessing our website—regardless of whether or not the person clicks on a YouTube video. If the data subject does not wish for such transmission of information to YouTube and Google to occur, they can prevent it by logging out of their YouTube account before visiting our website.
The privacy policy published by YouTube, available at https://www.google.de/intl/de/policies/privacy/
Privacy Policy on the Use and Application of WhatsApp
This website uses links and API functions of WhatsApp, a messaging service operated by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The integration is identifiable by the WhatsApp logo. Visitors are offered the option to give their consent to communicate via WhatsApp. Consent is obtained in accordance with Art. 6(1)(a) and Art. 49(1)(a) GDPR.
The consent can be reviewed at https://www.valdonedo.netOn the device and for access by WhatsApp or other companies affiliated with Facebook, only the data required for the use of the service—managed via MDM and other TOMs—are stored in isolation. These data include the mobile phone number and the name provided in WhatsApp. The address book entries stored for WhatsApp contain only the necessary contacts and records of communication partners who use WhatsApp. The saving of attachments, files, and images in the gallery has been disabled through device settings, and synchronization or backup to Google Drive is also deactivated.
Further explanations and information on the WhatsApp service, which belongs to a third-country company (Facebook) that operates as a social media platform and collects data to create user profiles, can be found at:
https://www.whatsapp.com/legal/#privacy-policy
https://faq.whatsapp.com/de/smba
https://faq.whatsapp.com/general/26000121
Consent Declaration
I hereby consent that VALDONEDO, or other messenger accounts managed by VALDONEDO, may process my personal data and my clients’ data according to any applicable data processing agreements (e.g., name, phone number, email address, postal address, customer number) for the purpose of communication regarding the preparation, execution, or billing of business services using the instant messaging service “WhatsApp,” operated by WhatsApp Inc., 1601 Willow Road, Menlo Park, California 94025, USA.
I am aware that WhatsApp Inc. receives personal data (in particular, communication metadata) that may be processed on servers located outside the EU (e.g., in the USA). WhatsApp shares these data with other companies within and outside the Facebook corporate group. Further information can be found in the WhatsApp Privacy Policy: https://www.whatsapp.com/legal/#privacy-policy
VALDONEDO has neither detailed knowledge nor influence over the data processing carried out by WhatsApp Inc.
I understand that I may revoke this consent at any time without providing reasons, with effect for the future, by notifying VALDONEDO, Rua do Valdonedo 173, 4625-379 Penha Longa, or by email at info@valdonedo.net
Data and Customer Data Processing under Potential Data Processing Agreement
Personal data and data of my customers, in accordance with any applicable data processing agreement (e.g., name, phone number, email address, postal address, customer number), are processed for the purpose of communication relating to the preparation, execution, or billing of business services using the instant messaging service “WhatsApp,” operated by WhatsApp Inc., 1601 Willow Road, Menlo Park, California 94025, USA.
I am aware that WhatsApp Inc. receives personal data (in particular, communication metadata) which may also be processed on servers located in countries outside the EU (e.g., the USA). WhatsApp shares this data with other companies within and outside the Facebook corporate group. Further information can be found in WhatsApp’s Privacy Policy: https://www.whatsapp.com/legal/#privacy-policy of my objection to the processing of my personal data.
User Rights: Access, Rectification, and Deletion
As a user, you have the right, upon request, to receive free information about which of your personal data are stored. Provided your request does not conflict with a legal obligation to retain data (e.g., statutory retention requirements), you have the right to the correction of incorrect data as well as the blocking or deletion of your personal data.
Privacy Policy for the Use of TikTok
The provider uses functions of the TikTok service on its website, operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.
If you have a TikTok user account, you can subscribe to the provider’s channel. In doing so, the personal data contained in your profile name and profile picture will be processed for as long as you remain a subscriber. Once you unsubscribe, data processing will automatically end.
The same applies if you like, comment on, tag with hashtags, or share the provider’s posts — even if you are no longer subscribed afterward.
In addition, the provider processes personal data from your profile if you send a message via the contact function. This also includes any information you voluntarily provide in your message.
The legal basis for this processing is the provider’s legitimate interest pursuant to Art. 6 (1) (f) GDPR.
You are not required to provide personal data. However, the full use of TikTok’s features is not possible without doing so.
TikTok also provides the provider with aggregated, statistical data about all visitors to the pages, regardless of whether they are TikTok members. This processing is likewise based on Art. 6 (1) (f) GDPR.
TikTok processes personal data outside the EU as well. To ensure an adequate level of data protection, TikTok uses EU Standard Contractual Clauses.
For further information on TikTok’s privacy practices, please visit:
https://www.tiktok.com/legal/privacy-policy?lang=e
Legal Basis
The personalized advertising shown to you by TikTok is based on your consent. In all other cases, TikTok processes user data on the basis of a contract (Art. 6 (1) (b) GDPR), as part of a legitimate interest assessment (Art. 6 (1) (f) GDPR), or to fulfill legal obligations (Art. 6 (1) (c) GDPR).
Users may withdraw their consent at any time and may object to data processing based on legitimate interests in accordance with Art. 21 GDPR.
For further details, please refer to TikTok’s Privacy Policy and Terms of Service (see link above).
Purpose
TikTok processes personal data for various purposes, including the provision of its services, notifying users about service changes, offering user support, enabling users to share their content with others, developing new services, and fulfilling legal obligations.
TikTok collects, among other things, the following data about its users: profile information, user-generated content and usage data, location data, and information about contacts or friends.
For more details on how your data is used and which data is processed, please refer to TikTok’s Privacy Policy and Terms of Service (see link above).
Duration of Storage
TikTok retains user data for as long as necessary to provide its services, fulfill contractual obligations, and exercise its rights regarding the relevant information. If user information is no longer required for service provision, TikTok will retain the data only as long as it has a legitimate business purpose for doing so.
When a user requests deletion of their TikTok account, the account is first deactivated for several weeks before being permanently deleted. During this process, the user’s personal data related to the in-app messaging function is also deleted. However, messages sent to other TikTok users remain stored on the recipients’ devices.
TikTok also indicates in its Privacy Policy (see link above) that certain data may be subject to longer deletion or retention periods.
Withdrawal, Objection, and Termination of Processing
TikTok provides its users with the ability to control and manage their personal data through various privacy and account settings. The platform also offers automated information services that allow users to access details about how their data is being processed.
Within the scope of legal requirements, users have the right to request deletion or correction of their data, object to or restrict the use of their data, and withdraw any consent they have previously given at any time.
Additional Notice
Please note that TikTok’s Terms of Use and Privacy Policy may change at any time. Therefore, we recommend checking these documents regularly for updates. VALDONEDO assumes no responsibility for the timeliness, accuracy, or completeness of the information provided in relation to TikTok’s Terms of Use or Privacy Policy.
The present privacy information serves to fulfill the informational requirements under Articles 12 et seq. of the GDPR, insofar as VALDONEDO uses TikTok services by embedding videos on one of our websites or when TikTok is used by our employees in customer interactions.
TikTok Terms of Use:
https://www.tiktok.com/legal/terms-of-use?lang=de
Privacy Policy:
https://www.tiktok.com/legal/privacy-policy?lang=de#section-1
Questions Regarding TikTok’s Privacy Policy:
For users who have questions about TikTok’s Privacy Policy or wish to contact TikTok’s Data Protection Officer, TikTok provides a contact form that can be accessed via the link included in its Privacy Policy.
Classified Ads
Collection and Storage of Personal Data, as well as the Type and Purpose of Their Use
You have already been informed by the privacy policy provided by eBay Kleinanzeigen (available at: https://themen.kleinanzeigen.de/datenschutzerklaerung/) about the collection and storage of your personal data, as well as the type and purpose of their use.
Your corresponding consent was obtained by eBay Kleinanzeigen during your registration. We do not collect any additional personal data beyond what is provided by eBay Kleinanzeigen. You have already agreed that eBay Kleinanzeigen may transmit your personal data to us for the purpose of (potential) contract processing. The personal data transmitted to us by eBay Kleinanzeigen is stored by us.
We use this data:
- to identify you as our (potential) guest or customer;
- to process, fulfill, and manage your booking or order;
- for correspondence with you;
- for invoicing;
- for the settlement of any existing liability claims and the enforcement of any claims against you.
During your registration with eBay Kleinanzeigen, you provided consent for the processing of this data. The data processing is carried out at your request/order and, in accordance with Article 6(1)(b) GDPR, is necessary for the purposes mentioned above — namely, to properly handle your request/order and to fulfill mutual contractual obligations.
The personal data collected by eBay Kleinanzeigen and transmitted to us for the execution of your order will be stored by us until the statutory retention period expires and then deleted, unless we are required to retain it longer pursuant to Article 6(1)(c) GDPR due to tax or commercial retention and documentation obligations (under the German Commercial Code, Criminal Code, or Fiscal Code), or you have consented to longer storage pursuant to Article 6(1)(a) GDPR.
Further information regarding the storage of your personal data by eBay Kleinanzeigen can be found in eBay Kleinanzeigen’s Privacy Policy.
Handling of Applicant Data
We offer you the opportunity to apply to us (e.g., via email, post, or through an online application form). Below, we inform you about the scope, purpose, and use of the personal data collected during the application process. We assure you that the collection, processing, and use of your data are carried out in accordance with applicable data protection laws and all other legal provisions, and that your data will be treated strictly confidentially.
Scope and Purpose of Data Collection
When you submit an application to us, we process the associated personal data (e.g., contact and communication details, application documents, interview notes, etc.) to the extent necessary to decide on the establishment of an employment relationship. The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) under German law (initiation of an employment relationship), Article 6(1)(b) GDPR (general contract initiation), and — if you have given consent — Article 6(1)(a) GDPR. Consent may be withdrawn at any time. Your personal data will only be shared within our company with individuals involved in processing your application.
If your application is successful, the data you have submitted will be stored in our data processing systems for the purpose of carrying out the employment relationship, based on Section 26 BDSG and Article 6(1)(b) GDPR.
Retention Period for Data
If we are unable to offer you a position, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided based on our legitimate interests (Article 6(1)(f) GDPR) for up to six months after the conclusion of the application process (rejection or withdrawal of the application). After this period, the data will be deleted and any physical application documents will be destroyed. The retention serves primarily as evidence in the event of a legal dispute. If it becomes apparent that the data will be required beyond the six-month period (e.g., due to an impending or ongoing legal dispute), deletion will only take place once the purpose for further retention no longer applies.
A longer retention period may also occur if you have given consent for it (Article 6(1)(a) GDPR) or if legal retention obligations prevent deletion.
Legal Basis for Processing
Article 6(1)(a) GDPR serves as the legal basis for our company’s processing operations when we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party—such as processing required for the delivery of goods or the provision of other services or consideration—then the processing is based on Article 6(1)(b) GDPR. The same applies to processing necessary for carrying out pre-contractual measures, for example, in cases of inquiries about our products or services.
If our company is subject to a legal obligation that requires the processing of personal data—such as for compliance with tax obligations—the processing is based on Article 6(1)(c) GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured at our premises and their name, age, health insurance information, or other vital data had to be shared with a doctor, hospital, or other third parties. In such a case, the processing would be based on Article 6(1)(d) GDPR.
Finally, processing operations may be based on Article 6(1)(f) GDPR. This legal basis applies to processing that is not covered by any of the aforementioned grounds, when the processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are particularly permitted because they have been expressly recognized by the European legislator, who considered that a legitimate interest may exist where the data subject is a customer of the controller (Recital 47, Sentence 2 GDPR).
Legitimate Interests in Processing Pursued by the Controller or a Third Party
Where the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest lies in the conduct of our business activities in a manner that benefits the well-being of all our employees and shareholders.
20. Duration of Storage of Personal Data
The criterion for determining the duration of the storage of personal data is the respective statutory retention period. After the expiration of this period, the corresponding data are routinely deleted, provided that they are no longer required for the fulfillment or initiation of a contract.
21. Statutory or Contractual Requirements for Providing Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Non-Provision
We inform you that the provision of personal data may, in part, be required by law (e.g., tax regulations) or may result from contractual provisions (e.g., information about the contracting party).
In some cases, it may be necessary for a data subject to provide us with personal data in order to conclude a contract, which we must then process. For example, the data subject is obliged to provide us with personal data when our company enters into a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded.
Before providing personal data, the data subject should contact our Data Protection Officer. The Data Protection Officer will clarify on a case-by-case basis whether the provision of personal data is legally or contractually required, necessary for the conclusion of a contract, whether there is an obligation to provide the data, and what the consequences of not providing the personal data would be.
22. Existence of Automated Decision-Making
As a responsible company, we do not use automated decision-making or profiling.
23. SSL Encryption
For security reasons and to protect the transmission of confidential content—such as inquiries you send to us as the website operator—this site uses SSL encryption. You can recognize an encrypted connection by the fact that the address line of your browser changes from “http://” to “https://” and by the lock symbol appearing in your browser’s address bar.
When SSL encryption is activated, the data you transmit to us cannot be read by third parties.
24. Objection to Promotional Emails
The use of contact details published in accordance with legal notice requirements for sending unsolicited advertising and informational materials is hereby prohibited. The operator of this website expressly reserves the right to take legal action in the event of unsolicited advertising being sent, such as spam emails.
Englisch 
Portugiesisch 
Deutsch