Solutions
Use Cases
Developers
About us
Jobs
2
Contact
Login
Privacy Policy

 

Data protection 

We are very pleased about your interest in our company. Data protection is of a particularly high priority for the management of Wallis GmbH. The use of the Internet pages of the Wallis GmbH (hereinafter also referred to as "we") is possible without any indication of personal data. However, if a data subject wants to use special services provided by our enterprise via our website, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain the consent of the data subject. 

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the German Data Protection Regulation (Datenschutz-Grundverordnung - DS-GVO), and in accordance with the provisions of the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG). By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this data protection declaration. 

As the controller, the Wallis GmbH has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always be subject to security vulnerabilities, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone. 

 

I. Definitions 

The data protection declaration of Wallis GmbH is based on the terms used by the European Directive and Ordinance Maker when issuing the DS-GVO. 

We use the following terms, among others, in this privacy policy: 

 

1. personal data 

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

 

2. person concerned 

Data subject means any identified or identifiable natural person whose personal data is processed by the controller. 

 

3. processing 

Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. 

 

4. restriction of processing 

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing. 

 

5 Profiling 

Profiling is any form of automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location. 

 

6. pseudonymisation 

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. 

 

7. controller or person responsible for processing 

The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law. 

 

8. order processor 

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. 

 

9. receiver 

A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients. 

 

10. third party 

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor. 

 

11. consent 

Consent shall mean any freely given specific and informed indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her. 

 

II. Person responsible/ data protection officer 

 

1. the name and address of the controller

The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is: 

 

Wallis GmbH

Grüner Deich 15D  

20097 Hamburg 

 

Hamburg Local Court HRB 161517 

Phone +49 40 23728 - 0 

info@starfinanz-ahoi.de 

 

2. name and address of the data protection officer

The data protection officer of the data controller can be reached by post at address shown below with the addition of "The data protection officer". 

E-mail:  datenschutz-wallis@nbs-partners.de

Telefax: +49 40 441 960 55 

 

Any data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection. 

 

III. Processing of personal data 

 

1. informative visit to our website 

The website of the Wallis GmbH collects a series of general data and information every time a data subject or automated system calls up the website. This general data and information is stored in the log files of the server. The following data may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems. 

When using these general data and information, the Wallis GmbH does not draw any conclusions about the data subject. Rather, this information is needed (1) to deliver the contents of our website correctly, (2) to optimise the contents of our website and the advertising for these, and (3) to ensure the long-term operability of our information technology systems and the technology of our website. This collected data and information is anonymised by Wallis GmbH and processed in this form for the creation of usage statistics. 

 

2. contacting 

You have the option of contacting us by e-mail as well as via a contact form provided on the website. When using the form, you are required to provide your name, a valid email address, a subject and a message. We need this information to know who the enquiry is from and to be able to answer it. In addition, you can tell us your company. The legal basis for the processing of your data is the implementation of pre-contractual measures in response to your enquiry, Art. 6 para. 1 p. 1 lit. b) DSGVO or our overriding legitimate interest pursuant to Art. 6 para. 1 p. 1 lit. f) DSGVO.  

 2.1 Support-Requests

We also process your personal data as part of customer support if you contact us with a request regarding the AHOI or our sandbox. In doing so, we process the following personal data in particular: first name, last name, e-mail, telephone number and account data.

The legal basis for data processing in accordance with this section is Art. 6 (1) lit. a), b) and f) GDPR.

3 AHOI Sandbox 

To use the API, it is necessary to generate a sandbox access. The following information is required to register a private access: Your email address, a password of your choice, your first and last name, your address, postcode and city. You can also voluntarily provide us with your mobile phone number and other address details. You can also voluntarily provide us with further details within the API. In the case of commercial use, we also ask for the purpose of use, your company and your job title as part of the registration process. 

We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed when you have confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. If you do not confirm your registration within 7 days, your registration and your personal data will be deleted from our database.  

After registering, you will receive your personal Sandbank access along with your user name and PIN. 

The legal basis for data processing is Art. 6 para. 1 lit. a) and f) DSGVO.

 

4. application for cooperation 

Teams can apply for cooperation with us on our website using a form. The following data can be entered: company, field of activity of the company, special features of the team, ideas and wishes regarding the cooperation, contact data, contact person, e-mail address, business, number of customers, competitors, business model, challenge. In addition, a pitch deck can be uploaded. All information is voluntary. The legal basis for data processing is the implementation of pre-contractual measures in response to your enquiry, Art. 6 (1) p. 1 lit. b) DSGVO or our overriding legitimate interest pursuant to Art. 6 (1) p. 1 lit. f) DSGVO. 

 

5. applicants 

In the context of an application for employment with us, your data will be stored and processed for the purpose of the possible offer of employment and application management. The following data is particularly relevant in the application process: Name, first name, title, address data, contact data, date of birth, CV, certificates, cover letters. The legal basis for data processing is Art. 6 para. 1 p. 1 lit. b) DSGVO in conjunction with, § 26 para. 1 BDSG. 

 

IV. Sources 

We receive personal data from our contractual partners in the course of our business relationships. In addition, we process personal data that we receive directly from our customers, interested parties, service providers, employees and applicants. Furthermore, we process - to the extent necessary for the provision of a service - personal data that we have received from other group companies or from other third parties in a permissible manner 

(e.g. for the performance of services, for the fulfilment of contracts or on the basis of consent given by you). 

 

V. Processing purposes and legal bases 

Your personal data will only be collected and processed by us if you have consented to the processing (Art. 6 para. 1 p. 1 lit. a) DSGVO), the data processing is required by law (Art. 6 para. 1 p. 1 lit. c) DSGVO), serves the initiation or settlement of a contractual relationship (Art. 6 para. 1 p. 1 lit. b) DSGVO) or the data processing is based on our legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO). 

The respective processing purposes can be found in the individual processing activities under III. of this privacy statement. 

 

VI. Disclosure of data to third parties and third-party providers 

We will not disclose your personal data to third parties unless you consent to the disclosure, there is a legal obligation to disclose it, it is for the performance of a contract or we can invoke legitimate interests in the economic and effective operation of our business with regard to such disclosure. 

 

VII. Duration of processing and storage of personal data 

We process and store your personal data as long as it is necessary for the purposes for which it was collected or otherwise processed, in particular as long as it is necessary for the fulfilment of our contractual and legal obligations. It should be noted that the business relationship may be a continuing obligation that is intended to last for several years. 

In the case of data storage for the fulfilment of legal obligations, the following deadlines apply in particular: 

·       according to §§ 257 para. 4 HGB, 147 para. 3 AO: 10 years for commercial books and accounting vouchers, beginning with the end of the calendar year in which the last entry was made in the commercial book, 

·       according to §§ 257 para. 4 HGB, 147 para. 3 AO: 6 years for commercial letters beginning with the end of the calendar year in which the last entry was made in the commercial book, 

·       pursuant to section 8 para. 4 GWG: 5 years for records and other evidence relevant under money laundering law, beginning with the end of the calendar year in which the business relationship ends. 

If you have applied to us, we will store your personal data for as long as this is necessary for the decision on your application. Insofar as an employment relationship between you and us does not come about, we may also continue to store the personal data insofar as this is necessary for the defence against possible legal claims. In principle, the application documents are deleted six months after notification of the rejection decision, unless longer storage is necessary (e.g. because an employment relationship has come about or in the event of legal disputes). 

 

VIII. Your data protection rights  

 

You have the following rights against us: 

 

·       Request information about your personal data processed by us, Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling; 

 

·       immediately demand the correction of inaccurate or incomplete personal data stored by us, Art. 16 DSGVO; 

 

·       request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims, Art. 17 DSGVO; 

 

·       to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO, Art. 18 DSGVO; 

 

·       To receive your personal data that you have provided to us in a structured, commonly used and machine-readable format and to request the transfer to another controller, Art. 20 DSGVO; 

 

·       revoke your consent once given to us at any time, Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent for the future; 

 

·       in the event of an automated decision (profiling), the right to express one's point of view and to challenge the decision, Art. 22(3) DSGVO; 

 

·       complain to a supervisory authority, Art. 77 DSGVO. For this purpose, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters. At our company headquarters, the Hamburg Commissioner for Data Protection and Freedom of Information is generally responsible. 

 

IX. Use of cookies 

Cookies are set on our website. Cookies are data packets that are exchanged between the server of the Wallis GmbH website and the visitor's browser. These are stored by the respective devices used (PC, notebook, tablet, smartphone, etc.) when visiting the website. Information is stored in the cookies that arises in each case in connection with the specific end device used.  

Some cookies are used to make our website and our services as a whole more user-friendly, effective and secure - for example, to speed up navigation on our site. Cookies are also used to protect access to areas that are not generally accessible. The legal basis for the use of these cookies is Art. 6 para. 1 p. 1 lit. f) DSGVO. 

Among other things, we use so-called "session cookies". Session cookies are temporary cookie files that are deleted as soon as you leave the website or expire automatically if you have been inactive for more than 30 minutes, i.e. have not done anything on our website. Session cookies are automatically deleted at the end of your visit to our website.  

 

You have several options to block the use of cookies. In the Content Banner and in your browser settings, you can choose not to allow cookies, to allow cookies to be set only by trusted websites, or to accept cookies only from websites that are actually currently being visited. If you block cookies, you may not be able to access certain areas of this website. However, you can of course use the basic information on our website without using cookies. 

The use of cookies that are used for range measurement and advertising purposes only takes place if you have consented to the use of the cookies. The legal basis for the use of these cookies is Art. 6 para. 1 p. 1 lit. a) DSGVO. 

 

X. Use of third-party tools and social media plug-ins  

We would like to point out that personal data may be processed in the USA when using tracking services (Google Analytics, Optimizely and Google Retargeting) and social networks (LinkedIn, Twitter, YouTube). In the opinion of the European Court of Justice, however, there is no level of protection in the USA that is essentially equivalent to the GDPR. In addition, the legal protection options guaranteed to EU citizens by the Charter of Fundamental Rights of the European Union are not available to the same extent in the USA. This concerns in particular legal protection possibilities against the processing of personal data. There is a risk that your data may be processed by US authorities, for control and monitoring purposes, without you being granted redress possibilities. For this reason, the transfer of your personal data to the USA will only take place on the basis of your consent to the transfer of your personal data to a third country in accordance with Art. 49 (1) a) DSGVO. 

 

1. google analytics 

We use the website analysis service Google Analytics on our website, a web analysis service of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 ("Google"). The legal basis for the use of the analysis tool is your consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a DS-GVO. 

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our offers as comfortable and efficient as possible for you. The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for Wallis GmbH and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles can be created from the processed data. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The information generated by the cookies about your use of our website will be shortened due to the activation of IP anonymisation on our website, so that it is no longer possible to draw conclusions about your location. Google will not associate the stored part of your IP address with any other data held by Google. 

 

2. google retargeting 

 

In addition, this website uses the retargeting service "Google Remarketing".  

Retargeting is interest-based advertising. Visitors to a website are marked and then addressed again on other websites with targeted advertising. Google uses stored cookies based on a user's previous website visits for this purpose. 

You can disable the use of cookies for remarketing by visiting the Google advertising disable page. 

 

It is also possible to use our offers without cookies. You can prevent the installation of cookies by setting your browser software accordingly. You can also delete cookies from your PC's hard drive at any time. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. 

 

3. data protection provisions on the use and application of YouTube 

Wallis GmbH has integrated YouTube components on this website. YouTube is an Internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programmes, but also music videos, trailers or videos made by users themselves can be accessed via the internet portal. 

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. 

Each time you call up one of the individual pages of our website on which a YouTube component (YouTube video) has been integrated, the internet browser on your information technology system is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical procedure, YouTube and Google receive information about which specific subpage of our website you are visiting. 

If you are logged in to YouTube at the same time, YouTube recognises which specific subpage of our website you are visiting when you call up a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account. 

YouTube and Google always receive information via the YouTube component that you have visited our website if you are logged into YouTube at the same time as calling up our website; this takes place regardless of whether a YouTube video is clicked on or not. If the data subject does not want this information to be transmitted to YouTube and Google, he or she can prevent the transmission by logging out of his or her YouTube account before accessing our website. 

The privacy policy published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provides information on the collection, processing and use of personal data by YouTube and Google. 

The legal basis for data processing is your consent, Art. 6 para. 1 lit. f) DSGVO.

 

XI. Corporate presences in social media 

We operate a company presence in the following social networks: 

·       LinkedIN 

·       Twitter 

·       Xing 

 

in order to be able to communicate with the customers, interested parties and users active there (hereinafter also jointly: "visitors") and to inform them about our projects and services. 

We cannot trace which user data the social networks collect. We have no influence on the data processing that takes place for this purpose, cannot prevent it and also do not gain access to the underlying data. We also do not have full access to your profile data. We can only see the public information of your profile. You decide on the specific public information in each case in your settings in the respective social network. 

We only receive anonymous statistics from the social networks. We use these statistics, from which we cannot draw any conclusions about individual users, to constantly improve our online offer in the social networks and to better respond to the interests of visitors. We cannot link the statistical data with the profile data of our visitors. The legal basis for the use of the statistical data is Art. 6 para. 1 p. 1 lit. f) DSGVO. 

We receive your personal data via the social networks if you actively communicate this to us via a personal message. We use your data (e.g. first name, last name, user name, e-mail address) to respond to your request. Your data will be stored until this purpose is fulfilled. The legal basis for processing in the case of an active approach by you is your consent in the sense of Art. 6 Para. 1 S. 1 lit. a) DSGVO. If your message is in connection with a (pre)contractual relationship with us, the legal basis for data processing is Art. 6 para. 1 p. 1 lit. b) 

DSGVO. 

In the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. This is because only they have access to the complete information and data of the users. 

Insofar as we receive personal data from you via a social network, this is processed under joint responsibility with the respective social network. 

We would like to point out that personal data may be processed in the USA when using the social networks. However, according to the European Court of Justice, there is no level of protection in the USA that is essentially equivalent to the GDPR. In addition, the legal protection possibilities guaranteed to EU citizens by the Charter of Fundamental Rights of the European Union are not available to the same extent in the USA. This concerns in particular legal protection possibilities against the processing of personal data. There is a risk that your data may be processed by US authorities, for control and monitoring purposes, without you being granted redress possibilities. For this reason, the transfer of your personal data to the USA will only take place on the basis of your consent to the transfer of your personal data to a third country in accordance with Art. 49 (1) a) DSGVO. 

Information about the data collection and further processing by the social networks can be found in the links below. 

 

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland 

https://twitter.com/de/privacy 

 

New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany https://privacy.xing.com/de/datenschutzerklaerung 

 

XII. Necessity of providing data 

In the context of using the website and its functions, you must provide us with the personal data that is required for the respective use and/or that we are legally obliged to collect, Art. 13 para. 2 lit. e) DSGVO. Without this data, it will generally not be possible to use the functions, request our services or contact us. 

 

XIII. existence of automated decision making

As part of the use of our website, no fully automated decision-making (profiling) takes place in accordance with Art. 22, Art. 13 para. 2 lit. f), Art. 14 para. 2 lit. g) DSGVO. Should we use these procedures in individual cases, we will inform you of this separately, insofar as this is required by law. 

 

XIV Amendment to the Privacy Policy

This data protection declaration is valid as of 24 June 2021. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time at https://s-wallis.de/de/privacy. 

 

Information about your right to object according to Art. 21 DSGVO 

1.     right to object on a case-by-case basis 

At any time you have the right to object, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e) or f) DSGVO; this also applies to profiling used on the basis of this provision within the meaning of Art. 4 (4) DSGVO. 

 

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of 

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. 

 

2.     right to object to the processing of data for advertising purposes

In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. 

If you object to processing for these purposes, we will no longer process your personal data for these purposes. 

 

3.     the right to object to processing for scientific or historical research purposes or for statistical purposes 

 

You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out for scientific or historical research purposes or for statistical research purposes pursuant to Article 89(1) DSGVO, unless the processing is necessary for the performance of a task carried out in the public interest.