Data Protection Statement for Zinger Portfolio Management Ltd. (Zinger)

Last Modified 17 Feb. 22

The protection of your personal data is of paramount important to us. Our objective is to build secure, safe connections between people and technology. We do not sell customer data, or any data uploaded into the Zinger service. Your personal data is always processed in accordance with the General Data Protection Regulation (GDPR) and the country-specific data protection regulations applicable to Zinger.

With this data protection declaration, we would like to inform you about the type, scope, and purpose of the personal data we collect and process. We will also inform you about the rights to which you are entitled. If we would like to offer you special services via our website or otherwise, and if there is no legal basis for the data processing required in this context, we will obtain your consent.

You can exercise your rights as a data subject - such as the right to information, correction, deletion, restriction of processing, data portability and the right to object by contacting the Data Protection Officer support@zingerpm.com.

You can also report data protection incidents such as unauthorized access, acknowledgment, disclosure, processing, loss of personal via the same contact email.

1. Data protection officer

We have appointed a Data Protection Officer. If you have any questions about this Data Protection Statement or the way in which your Personal Data is being used by us, please contact:

Data Protection Officer
Zinger Portfolio Management Ltd.
36 Dewberry, Mount Oval Village, Rochestown, Co Cork, Ireland, T12 W8CK

support@zingerpm.com

2. Collection of general data and information

This website collects a series of general data and information each time it is accessed. This general data and information are stored in the log files on the server. (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites, which are accessed via an accessing system on our website is controlled, (5) the date and time of access to the website, (6) the internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information that serves to avert danger in the event of attacks on our information technology systems. Zinger also uses a multi-layer encryption architecture to protect data.

We need this general data and information to deliver the content of our website correctly, to optimize the content of our website and its advertising, to ensure the long-term functionality of our information technology systems and the technology of our website, and to provide law enforcement authorities with criminal prosecution in the event of a cyber-attack to provide necessary information. There is no profiling.

Zinger evaluates this anonymously collected data and information statistically with the aim of increasing data protection and data security in our company. We store the anonymous data of the server log files separately from all personal data provided by you.

Ref: Article 6 Paragraph 1 Letter f) GDPR - temporary storage of the data and the log files

3. Data processing when contacting us

You can contact us via the contact form provided on our website or via the e-mail address provided in the imprint. If you contact Zinger via one of these channels, we will automatically save the personal data you have transmitted. Such personal data transmitted to Zinger on a voluntary basis is stored for the purpose of processing your request and/or contacting you.

Ref: Art. 6 (1) (b) GDPR the processing of the data when initiating or executing a contract and Art. 6 (1) (f) GDPR in all other cases.

Ref: is Art. 49 (1) (b) GDPR. - data transfer to a third country

4.Cookies

Only technically necessary cookies are used on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you use and through which certain information flows to the site that sets the cookie (us in this case). Cookies cannot execute any programmes or transfer any viruses to your computer. Their purpose is to make the website user friendlier and more effective on the whole. Cookies enable us to recognize the users of our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is done by the website and the cookie stored on the user's computer system.

5. Social Plugins

We use social plug-ins ("plug-ins") from Twitter, YouTube and LinkedIn on our website. We use plug-ins so that you can share content from our website with other users of social networks or refer them to such content. You can recognize the provider of the respective plug-in by its logo or initials.

When you visit our site, we initially do not transmit any personal data to the providers of the plug-ins. However, if you click on the marked field, your personal data will be transmitted directly to the provider of the respective plug-in and processed by them - possibly in third countries such as the USA. After clicking on the plug-in field, a new window opens in your browser and calls up the website of the provider of the respective social network. The data is transmitted to the provider of the respective plug-in regardless of whether you have an account with the social network of the plug-in provider. If you are logged in to the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider.

We have no influence on the type and scope of the data that is collected and processed through the use of the plug-ins, nor are we aware of the full scope of the data collection, the purposes of the processing or the storage periods. According to the provider of the plug-ins, the transmitted data includes information about your browser, the websites visited and the date and time of the visit. The plug-in providers process this information, for example, to create user profiles of you and to display needs-based advertising. You have the right to object to the creation of these user profiles, although you must contact the respective plug-in provider to exercise your right to object.

Ref: Article 6 Paragraph 1 Letter f) GDPR. the processing of your personal data using the social plug-ins.

When using the offers of Facebook, Twitter, YouTube and LinkedIn, data may be transferred to third countries such as the USA. In these cases, we ensure an appropriate level of data protection in order to implement the requirements of European law. This is normally done with the help of the European Commission's EU Standard Contractual Clauses and other appropriate safeguards where necessary.

6. Transfer of Data to Third Parties

Access to personal data is technically possible for service providers and contractual partners that we use to operate our websites. These third party providers are required to use your personal information only to provide the services we have requested or otherwise in accordance with our instructions.

Zinger is responsible for informing you about your rights as a data subject under the applicable data protection laws. You can address your inquiries and complaints regarding your personal data to Zinger.

Apart from the above data transfers, we do not transfer, sell or market your personal data to third parties, such as other companies or organizations, unless you have given your express consent to do so, or the transfer is necessary to fulfil our contractual obligations to you, the user of the website, opposite required

7. Duration of Data Retention

The criterion for the duration of the storage of personal data is the respective statutory retention period. After the period has expired, we routinely delete the relevant data, provided that they are no longer required to fulfil the contract or to initiate a contract.

If the purpose of storage no longer applies or if a storage period stipulated by the European legislator for directives and regulations or another competent legislator expires, the personal data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.

8. Your Rights

As the data subject, you are entitled to the rights specified in Articles 15-21 GDPR against Zinger if the requirements specified there are met. These are the rights to information (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), data portability (Article 20 GDPR) and the right to object (Art. 21 and 22 GDPR). In addition to that, you have the right to lodge a complaint with the supervisory authority in accordance with Art. 77 GDPR.

9. Updates to Our Policy

We may amend or update our Privacy Policy. We will provide you notice of amendments to this Privacy Policy, as appropriate, and update the "Last modified" date at the top of this Privacy Policy. Please review our Privacy Policy from time to time.

Data protection pertaining to Business Transactions or Activity

Information on data protection according to Articles 13 and 14 GDPR

  1. The data protection declaration of Zinger Portfolio Management Ltd. is based on the terms used by the European legislator when the General Data Protection Regulation (GDPR) was issued. We would therefore like to refer you to the definitions in Article 4 of the GDPR
  2. Responsible and data protection officer

    We have appointed a Data Protection Officer. If you have any questions about this Data Protection Statement or the way in which your Personal Data is being used by us, please contact:

    Data Protection Officer
    Zinger Portfolio Management Ltd.
    36 Dewberry, Mount Oval Village, Rochestown, Co Cork, Ireland, T12 W8CK
    support@Zingerpm.com

  3. General information on data processing
    1. Scope of processing of personal data

      We only collect and use personal data from our business partners to the extent that this is necessary to initiate a contract or to process our orders and contracts. After fulfilling the contractual obligations, we only process data after you have given your consent. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons or the processing of the data is permitted or required by statutory provisions.

    2. Handling of personal data

      The collection, processing or use of personal data is generally prohibited unless a legal norm explicitly allows data handling. According to the GDPR, personal data may generally be collected, processed or used:

      • In the case of an existing contractual relationship with the person concerned.
      • In the course of contract initiation or processing with the person concerned.
      • If and to the extent that the person concerned has consented.
    3. Legal basis for the processing of personal data

      Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) GDPR serves as the legal basis.

      Article 6 (1) (b) GDPR serves as the legal basis for the processing of personal data required to fulfil a contract to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures.

      Insofar as processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Article 6 (1) (c) GDPR serves as the legal basis.

      If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for the processing.

    4. Categories of affected groups of people and their data

      In order to carry out business activities and to fulfil all associated obligations, the following data categories are available where necessary:

      • Client data and their contact personnel as well as data of their clients transmitted by the clients to the extent necessary for order processing and client care
      • Data from service providers, suppliers and their contact persons to the extent necessary to fulfil orders with clients, service providers and suppliers. When using personal data and the scope of the data collected, the basic rules of the right to informational self-determination and other data protection standards, in particular the preventive prohibition principle, purpose limitation, transparency, the information and notification obligations, the principles of data avoidance and data economy as well as the rights to correction, Blocking, deletion and objection observed.

        The collection and processing of personal data takes place within the framework of what is legally permissible. The special requirements for the collection and processing of sensitive data in accordance with Art. 9 Para. 1 GDPR must also be observed. In principle, only such information may be processed and used as is necessary to fulfil operational tasks and is directly related to the purpose of processing.

        If other bodies request information about data subjects, this will only be passed on without the consent of the data subject if there is a legal obligation to do so or if the company has a legitimate interest in forwarding it and the identity of the person making the request is certain.

    5. Recipients of the personal data

      Personal data will only be passed on to third parties involved in the fulfilment of the contract, such as partners, subcontractors, to provide the service you have commissioned. We will neither sell your personal data to third parties nor market it in any other way.

    6. Data transmission to third countries

      Data is transmitted to third countries exclusively for the fulfilment of commissioned services. In the spirit of data minimization, only the data required for contractual fulfilment is passed on to the to external service providers. Data transfer to a third country without an adequate level of data protection is permitted for the fulfilment of a contract between the data subject and the body required for processing, provided that the data transfer is necessary for the fulfilment of the contract.

    7. External service providers/order processing/maintenance

      If necessary, there are agreements with external service providers in accordance with Article 28 GDPR or the EU standard contractual clauses.

    8. IT security

      In addition to the technical and organizational measures taken, Zinger has also drawn up appropriate guidelines for data security.

    9. Data deletion and storage period

      The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

  4. Rights of the data subject

    If personal data is processed by you, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

    1. Right to information

      You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.

      If such processing is present, you can request information from the person responsible for the following information:

      • the purposes for which the personal data are processed;
      • the categories of personal data being processed.
      • the recipients or categories of recipients to whom your personal data has been or will be disclosed.
      • the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration.
      • the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the person responsible or a right to object to this processing
      • the existence of a right of appeal to a supervisory authority
      • all available information about the origin of the data if the personal data are not collected from the data subject
      • the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject. You have the right to request information as to whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.
    2. Right to rectification

      You have the right to rectification and/or completion from the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.

    3. Right to restriction of processing

      Under the following conditions, you can request that the processing of your personal data be restricted:

      • if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to verify the accuracy of the personal data
      • the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted
      • the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
      • if you have lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons. If the processing of the personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed.

      If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.

    4. Right to erasure
      1. Obligation to erasure

        You can demand that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:

        • The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed
        • You revoke your consent on which the processing was based pursuant to Article 6(1)(a) or Article 9(2)(a) GDPR and there is no other legal basis for the processing.
        • You object to the processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21 (2) GDPR.
        • The personal data concerning you have been processed unlawfully.
        • The deletion of the personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
        • The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
      2. Information to third parties

        If the person responsible has made the personal data relating to you public and is obliged to delete it in accordance with Art. 17 (1) GDPR, he shall take appropriate measures, including technical ones, taking into account the available technology and the implementation costs to inform those responsible for data processing who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.

      3. Exceptions

        There is no right to erasure if processing is necessary

        • to exercise the right to freedom of expression and information
        • to fulfil a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller
        • for reasons of public interest in the field of public health in accordance with Article 9 (2) lit. h and i and Article 9 (3) GDPR;
        • for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, insofar as the law mentioned under section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or
        • to assert, exercise or defend legal claims
    5. Right to information

      If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right vis-à-vis the person responsible to be informed about these recipients.

    6. Right to data portability

      You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another person responsible without hindrance by the person responsible for providing the personal data, provided that

      • the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(B) GDPR and
      • the processing is carried out using automated procedures. In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be impaired by this.

      The right to data portability does not apply to processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.

    7. Right to object

      You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions. The person responsible no longer processes the personal data relating to you unless they can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

      If the personal data concerning you is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

      If you object to the processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes. In connection with the use of information society services, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures that use technical specifications.

    8. Right to revoke your declaration of consent under data protection law

      You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.

    9. Automated decision-making in individual cases, including profiling

      You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effect on you or significantly affects you in a similar way. This does not apply if the decision

      • is necessary for the conclusion or performance of a contract between you and the person responsible
      • is permitted on the basis of legal provisions of the Union or the Member States to which the person responsible is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests or
      • takes place with your express consent. However, these decisions must not be based on special categories of personal data according to Article 9 Paragraph 1 GDPR, unless Article 9 Paragraph 2 lit. A or g GDPR applies, and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests

      With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the person responsible, to express his or her point of view and to challenge the decision.

    10. Right to lodge a complaint with a supervisory authority

      Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR. The supervisory authority to which the complaint was lodged will inform the complainant about the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.