of About You SE & Co. KG, Domstraße 10, 20095 Hamburg (as of March 2025).
In the following Privacy Policy, we inform you about the processing of personal data carried out by About You SE & Co. KG, Domstraße 10, 20095 Hamburg ("ABOUT YOU" and/or the "Controller") in accordance with the General Data Protection Regulation ("GDPR") and the German Federal Data Protection Act ("BDSG"). Our Privacy Policy applies to the following websites, applications and further services and performances (hereinafter jointly referred to as "Services"):
Please read our Privacy Policy carefully. If you have any questions or comments about our Privacy Policy, please contact us at: [email protected]
This Privacy Policy applies to the data processing by the
About You SE & Co KG,
Domstraße 10, 20095 Hamburg
Phone: +49 (0) 40 638 569 0
Email: [email protected]
legally represented by: ABOUT YOU Verwaltungs SE, which in turn is represented by the Management Board members Tarek Müller, Hannes Wiese and Sebastian Betz.
Chairman of the Supervisory Board: Sebastian Klauke
for usage of the Scayle Panel Services on the website(s): www.cloud-panel.collins.kg and https://cloud-panel.collins.kg
You can contact the Data Protection Officer of the Controller at
About You SE & Co. KG
attn. Sebastian Herting - Datenschutzkanzlei
Domstraße 10
20095 Hamburg Germany
Email: [email protected]
Each time Services are accessed, information is sent by the respective Internet browser of your respective end device to the server of our service and temporarily stored in Log-Files. The data records stored in the Log-Files contain the following data: Date and time of the request, name of the requested page, IP address of the requesting device, device type, cfRayId, referrer URL (origin URL from which you came to our Service), the amount of data transferred, loading time, product and version information of the browser used in each case, as well as the name of the provider of your Internet access. We process the Log-Files in order to be able to provide our Services reliably and securely.
Insofar as we process personal data (e.g. the IP address) in this context, the legal basis for this is Art. 6 (1) f) GDPR. Our legitimate interest is to
A direct conclusion on your identity is not possible on the basis of the information and will not be drawn by us. The information is stored and automatically deleted after the aforementioned purposes have been achieved. The standard periods for deletion are based on the criterion of necessity.
Insofar as we use cookies or similar technologies in connection with the processing of Log-Files described above, this is absolutely necessary in order to provide the Services requested by you. We may use these cookies without your consent on the basis of Section 25 (2) No. 2 Telecommunications-Digital-Services Data Protection Act ("TDDDG").
In our Services, we and our Partners (see below) use Cookies or similar technologies (together also referred to as "Cookies"). Cookies are small text files that can be stored on your end device (laptop, tablet, smartphone or similar) when you visit and/or use our Services. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. Information is stored in the Cookie that is related to the specific end device used. This does not mean, however, that we can gain direct knowledge of your identity and/or draw conclusions about your person.
Some of the Cookies used are deleted again after the end of the browser session (so-called session Cookies). Such Cookies allow us, for example, to improve the security of our Services by preventing bot attacks.
Other Cookies remain on your terminal device and allow us to recognize your terminal device on your next visit (so-called persistent or session-spanning Cookies). These Cookies are used, for example, to show you ads and content in our Services that are tailored to you personally.
We need certain information to provide our Services safely and reliably. To do this, we monitor and prevent unusual and potentially fraudulent activity (e.g., advertising, ad clicks by bots) and ensure that systems and processes are working properly and securely. The information may also be used to troubleshoot problems you or we have in providing or interacting with content and ads. In addition, we need certain information to provide you with our Services in the form you requested.
You can find out which information we or the respective Partners use for these purposes below.
The legal basis for data processing is Section 25 (2) No. 2 TDDDG as well as Art. 6 (1) f) GDPR. We have a legitimate interest in offering our Services securely and reliably as well as providing Services that you expressly request (e.g. our shopping cart function).
Scayle Core Panel is a service of the SCAYLE GmbH. Scayle Core Panel is the backend/admin interface which allows users (i.e. companies using the AY SCAYLE panel) to maintain/configure their online business.
Scayle Core Panel processes the following data (via local storage/cookies): ID of the last company the user viewed, translations, timestamp of the last access and the transport type (e.g., WebSockets, xhr_streaming) and the latency of the connection, Unix timestamp.
We and our partners use certain information about interactions with content in the Service to better understand how they are received by our users. To do this, we combine data sets (such as user profiles, statistics, market research and analytics data) that tell us how you and other users interact with content and ads. This information allows us to identify common characteristics, e.g. to determine which content is relevant for which target groups.
To the extent this is a processing of personal data at all, the legal basis is Art. 6 (1) f) GDPR. We have a legitimate interest in improving our Services based on very limited data.
Plausible Analytic is a market research service of Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia. We use Plausible Analytics on this site to collect anonymous (non-personal) usage data for statistical purposes. We also do not store or access any data in the terminal end devices of website users. This is to track overall trends in our website traffic, not to track individual visitors. Plausible does not process any Personal Data such as IP-address.
Plausible processes the following data: Browser information, device information, IP address (only parts of these), location information, Session id, User id.
The legal basis for this data processing is Art. 6 (1) b) GDPR. We process the relevant personal data in order to provide our Services to you.
When you register at our website (on behalf of your company), then we shall process the data necessary for managing your account. This means:
We store your data for the term of the use of the account as well as until the expiration of any statutory or possible contractual warranty and guarantee rights. After the expiration of this period, we shall retain the information required under commercial and tax law for the periods set by law. For this period of time, the data shall be processed again solely in the event of a review by the fiscal authorities.
When you use the Notification, Subscription and Shortcut function, the personal data required to provide these functions will be processed.
The notification function will send you a push alert when pre-selected actions take place. Similar to the notification function, the subscription function allows to receive reports about pre-selected actions. The shortcut function allows to get to certain functions/overviews via individual shortcuts. With regard to all these three functions the settings are processed (stored) in order to provide these.
Users with an admin account, will be able to access the user date of all users in the respective Service panel of its company, including making amendments to these (e.g. change roles etc.). This includes also to see who created an approved data replications.
The legal basis for this data processing is Art. 6 (1) b) and Art. 6 (1) f) GDPR. We process the relevant personal data in order to provide our Services to you. Further, it is a companies' interest to monitor the different users in its Service panel.
You have the possibility to contact us in several ways. By email, by phone or by mail. When you contact us, we use the personal data that you voluntarily provide to us in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Art. 6 (1) a), Art. 6 (1) b), Art. 6 (1) c) GDPR and Art. 6 (1) f) GDPR. We have a legitimate interest in answering inquiries from our users that are of a general nature and not directly related to a contractual relationship.
In principle, you are not obliged to provide us with your personal data. However, the use of certain areas of our Services may require the provision of personal data, in particular the purchase of goods. If you do not wish to provide us with the necessary data, you will unfortunately not be able to use the corresponding areas of the Services.
We will only disclose your data to third parties outside of ABOUT YOU if this is legally permissible (e.g., because we or the third party have a legitimate interest in the disclosure, we are legally obligated to disclose the data, or based on your consent).
In addition to the third parties named in our Privacy Policy by name, we may disclose personal data to a third party in particular if,
Insofar as we pass on your data to third parties on the basis of your consent, the explanation can also be given when consent is obtained.
In the course of processing your data, we use so-called processors in some areas. A processor is a natural or legal person who processes personal data on our behalf and on the basis of our instructions, whereby we remain responsible for the data processing. Processors do not use the data for their own purposes, but carry out data processing exclusively for the Controller.
ABOUT YOU stores personal data only as long as it is necessary for the purposes stated in this Privacy Policy, in particular for the fulfillment of our contractual and legal obligations. If necessary, we will also store your personal data for further purposes, if or as long as the further storage for certain purposes is permitted by law.
We also share personal data with third parties or processors located in countries outside the European Economic Area ("EEA"). In this case, we ensure that the recipient either has an adequate level of data protection or has your express consent before transferring the data.
An adequate level of data protection exists, for example, if the European Commission has adopted an adequacy decision for the respective country (Art. 45 GDPR). For the U.S., the European Commission has adopted the decision that an adequate level of data protection exists there, provided that the data recipient participates in the EU-U.S. Data Privacy Framework (DPF) and has a current certification for this. If the recipients of your personal data are located in the U.S. and participate in the DPF, we therefore rely on this adequacy decision (Article 45 GDPR).
Alternatively, we establish an adequate level of data protection by agreeing with recipients on the so-called EU standard contractual clauses of the European Commission (Art. 46 GDPR). In this case, we conduct transfer impact assessments and agree with the recipient or, if necessary, implement additional protective measures. Specifically, we agree Module 1 of the EU Standard Contractual Clauses with recipients who are (independent) controllers and Module 2 of the EU Standard Contractual Clauses with recipients who act as our Processors.
These are third parties or processors in the following countries: U.S. (we rely in this respect on the "DPF").
You can obtain a copy of the specifically agreed regulations for ensuring the appropriate level of data protection from us. Please contact us at [email protected] or the contact information listed in Section 2.
We will not use your personal data to make automated decisions (including profiling) about you that have legal effect on you or similarly significantly affect you.
In addition to the right to revoke your consent given to us, you are entitled to the following further rights if the respective legal requirements are met:
You can assert the aforementioned rights to which you are entitled at [email protected].
You also have the right to complain to a supervisory authority. In particular, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
You have the right to object to the processing of your personal data for advertising purposes at any time ("advertising objection").
In addition, you have the right to object to data processing on the basis of Art. 6 (1) f) GDPR for reasons arising from your particular situation. We will then stop processing your data, unless we can demonstrate - in accordance with the legal requirements - compelling legitimate grounds for further processing that override your rights, or the processing serves the assertion, exercise or defense of legal claims.
You can exercise your right of objection at: [email protected]
If we process data on the basis of your consent, you have the right to revoke this consent at any time. Your revocation does not change the legality of the data processing carried out on the basis of the consent(s) until the revocation.
You can generally exercise your rights of objection at [email protected]