Terms and Conditions Customer card Kriftel

In dieser Datenschutzerklärung erfahren Sie, wie Ihre personenbezogenen Daten bei Nutzung Ihrer digitalen Kundenkarte für MAXWASH Waschanlagen („Maxwash“) verarbeitet werden und welche Datenschutzrechte Sie als betroffene Person haben. Hinsichtlich der verwendeten Begrifflichkeiten (z.B. „personenbezogene Daten“, „Verarbeitung“ oder „Verantwortlicher“) verweisen wir auf die Definitionen in Art. 4 der Europäischen Datenschutz-Grundverordnung („GDPR “).

1. Person responsible for data protection
2. Contact details of the data protection officer
3. Purposes and legal basis of the Processing
   1. Registration and user account
   2. Use of the digital customer card
   3. Use of payment service providers (payment services)
   4. Inquiries and contacting
   5. Benachrichtigungen (Push-Nachrichten)
   6. Log data and other usage data and analysis
4. Recipients of your Data
5. Storage period
6. Provision of personal data
7. Rights of those affected
8. RIGHT TO OBJECT
9. Right to complain to the supervisory authority

1. Person responsible for data protection
The company Maxwash Waschanlagen, Kapellenstraße 43, 65830 Kriftel is responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR. You can reach us at our postal address or using the following contact details:

Phone: +49 6192 979 8181
Email: info@tenerol.info

2 . Purposes and legal basis of processing
2.1 Registration and user account
To register as a new customer, you must provide your first and last name, your email address and a password of your choice. If you or your employer/client are already a customer of ours and you have a Maxwash customer card, you must also provide your customer number and customer card number so that we can assign your digital customer card to the existing customer account. After registering and logging in, you can complete your customer profile with additional information via the account and card area (e.g. company name, address and your date of birth). You can change and manage your master data yourself at any time via the account area.

We process your data exclusively for the purpose of authenticating you when you log in, enabling you to use the software and your digital customer card, and if necessary . to offer further service offers and services and to inform you about technical or legal notices, updates, security reports or similar. The legal basis is Article 6 Paragraph 1 Sentence 1 Letter b GDPR. The processing is necessary to carry out the contract concluded with you regarding the use of the customer card and this software. Without processing your data, we cannot provide you with the digital customer card and the respective functions within the software for use.

2.2 Use of the digital customer card
Using the digital customer card you have the option of car washing at the Maxwash car wash Kriftel cashless via our website - the connection is made to the software of the service provider Connell Informationssysteme, 86556 Kuhbach - to pay. You can also use the “Top up” function to top up the prepaid credit on your customer card at any time directly via the software. To process payments, we collect - depending on the payment method - the necessary payment information (e.g. credit card details, transaction data when paying with Paypal, see section 3.3). If you use your customer card, we also record further information about the transactions carried out (time of using the customer card, goods/services purchased, amount of sales, discounts granted/customer promotions, payment method, personal requests or service comments if applicable). Via the software menu You can view your transactions/history at any time.

We process your customer and payment data for the purposes of implementing and processing the contract for the use of the customer card. This includes, in particular, blocking the card in the event of misuse or loss , checking and approving a discount or special promotions granted, payment processing and crediting when topping up the card, payment of remaining balance when the contract is terminated or blocked, contractual correspondence with you and, if necessary, the legal basis for the processing of your data The scope of the use of the digital customer card is Art. 6 Paragraph 1 Sentence 1 Letter b GDPR, insofar as the processing is necessary to fulfill a contract concluded with you regarding the use of the customer card. If it is not you, but your employer or client who is our contractual partner, your data will be processed as part of the use of the card on the basis of Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. We have a legitimate interest in processing your data as a card and app user for the purposes of contract processing. We also process information about transactions carried out in order to carry out statistical evaluations and marketing analyses/actions (e.g. evaluation of sales/purchasing behavior and customer interests in order to submit individual special offers, discounts, etc. and to improve our offers).  This is due to our legitimate interest in target group-oriented marketing, customer loyalty and ongoing improvement of our products. You have the right to object to the processing of your data on the basis of Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR (Section 6).

2.3 Use of payment service providers (payment services)
We offer you the common payment methods on site, including payment services from so-called payment service providers such as Paypal, Apple Pay, Google Pay, Stripe; You can pay online via PayPal

PayPal:
If you select the PayPal payment service, you will automatically be redirected to PayPal's website or software, where you can log in with your PayPal login register and confirm payment. As part of payment processing, the payment information required for this (usually name, address, Paypal ID, payment amount, IP address, if necessary other required transaction data) is transmitted to PayPal. We have no influence on data processing by PayPal; This is carried out independently by PayPal within the framework of the contractual relationship existing between you and PayPal. After successful payment, we will receive a corresponding confirmation from PayPal. The service provider is

• PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg. Further information can be found in the Data protection declaration of PayPal.

The legal basis for the processing and transfer of your data to the payment service provider you have selected is Art. 6 para . 1 S. 1 lit. b GDPR. The transfer of data to the service provider is necessary for payment processing.

Please note that the payment service providers may also process your data for their own purposes (e.g. fraud detection and defense, ensuring network and information security, performance / Service Analytics). In particular, your data may be transmitted to credit reporting agencies for identity and creditworthiness checks. We have no influence on this. We recommend that you read the data protection information of the respective provider.

2.3 Inquiries and contacting
Through the software you have the opportunity to contact us and send specific inquiries or feedback. If you use these functions, we will receive an email notification with your request. In addition, you can of course contact us at any time by telephone, post or other means. If you send us an inquiry or contact us in any other way, we collect and process the information you provide, including your personal data, for the purpose of answering your questions, processing your request and conducting subsequent communication with you. As a rule, depending on the request, your first and last name, your contact details, information about your specific request as well as the time and processing status of your request are recorded. The legal basis for this data processing is Article 6 Paragraph 1 Sentence 1 Letter b GDPR, if you contact us in a contractual matter. Otherwise, the legal basis is Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. We have a legitimate interest in enabling you to contact us quickly and easily and in processing your inquiries to your satisfaction.

2.4 Notifications (push messages)
When you access the software for the first time or via the “Settings” function you have the opportunity to indicate whether you would like to receive special promotions and offers (e.g. discounts) and news from the Maxwash car wash (e.g. new products/services) from us Want to be notified via push notification. We will only send you such notifications if you have expressly given your consent (opt-in). The legal basis in this respect is Article 6 Paragraph 1 Sentence 1 Letter a GDPR. Of course, you can deactivate the notifications at any time via the “Settings” function or in the settings of your mobile device and thus exercise your right of withdrawal.

2.5 Log data and other usage data and analyzes
At When using the software, certain technical device and access data are automatically collected that are necessary for using the software and its functions. This includes: device ID, date and time of access, amount of data transferred, operating system used, device type (smartphone), manufacturer and model of your smartphone, IP address. This data is processed to enable you to use the software and its functions smoothly and safely, to prevent and eliminate malfunctions and misuse, and to improve the functions and performance characteristics of the software. We also use the data for statistical reach measurement (e.g. frequency of use, length of stay); However, tracking does not take place. The legal basis is Article 6 Paragraph 1 Sentence 1 Letter b GDPR, insofar as the processing is necessary for the fulfillment of the contract for the use of the software. Furthermore, the processing takes place on the basis of our legitimate interest in ensuring the functionality and error-free operation of the software and in being able to offer a service that is in line with the market and interests, Article 6 Paragraph 1 Sentence 1 Letter f GDPR. You will not be personally identified as a user of the software and no usage profile can be created. The data will be stored for 30 days and then deleted.

3. Recipients of your data
When processing your data for the purposes mentioned, we use the following service providers who must have access to your data to the extent necessary in order to provide their services on the basis of order processing:

We only transfer data to external third parties if we are legally obliged to do so (e.g. transfer of data to authorities such as supervisory or financial authorities), if the transfer is necessary for contract processing (e.g. transfer of payment information to your respective bank/credit institution, other integrated payment service providers or payment providers such as Stripe, Paypal, Apple Pay and Google Pay, see also Section 3.3.) or in the context of legal disputes or criminal prosecution (e.g. courts, law enforcement authorities). Data transfer to third countries is not intended.

4. Storage period
Your customer data, which we process based on a contract concluded with you regarding the use of the customer card, will be deleted as soon as it is no longer required to achieve the stated purposes. We usually store your data for the duration of the contractual relationship. We will then delete your data, unless deletion conflicts with statutory retention obligations (e.g. six or ten year retention in accordance with Section 257 Paragraph 4 HGB, Section 147 Paragraph 3 AO) or, in individual cases, longer storage for legal prosecution purposes in connection with the contract is required. If there is a legal retention obligation that conflicts with deletion, we will initially only block your data and only delete it after the retention obligation has expired.

We will also store your profile data processed via the software for the duration of your registration and the contract Use of the customer card. If you no longer want to use your customer card digitally and would like your app user profile to be deleted, you can send us an email to info@tenerol.info. We will then immediately delete your user account and the data processed through it, unless there is a legal reason for further storage (e.g. conflicting legal obligations, legal prosecution).

5. Provision of personal data
The provision of the data mentioned in Sections 3.1 to 3.3 is necessary for the conclusion and implementation of the contract for the use of the customer card (unless optional). If you do not provide us with this data, we will not be able to provide our service to you or will not be able to provide it in full.

6. Rights of those affected
In connection with the processing of personal data, you as the data subject have the following rights under the GDPR:

• Right to information: According to 15 GDPR, you can request information at any time about your personal data processed by us and the information listed in Art. 15 Paragraphs 1 and 2 GDPR in connection with the processing. As part of your right to information, you have the right to request a copy of your personal data under the conditions of Article 15 Para. 3 GDPR. The restrictions on the right to information in accordance with Art. 15 Para. 4 GDPR, Section 34 BDSG must be observed.
• Right to correction: According to Art. 16 GDPR, you can immediately request the correction of incorrect or complete personal data stored by us.
• Right to Deletion: Under the conditions of Art. 17 GDPR, you can request the deletion of your personal data stored by us, unless the processing is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims is. The further restrictions of Art. 17 Para. 3 GDPR, Section 35 BDSG must be observed.
• Right to restriction of processing: Under the conditions of Art. 18 GDPR GVO you can request the restriction of the processing of your personal data. In this case, your personal data - apart from their storage - may only be processed with your consent or under the conditions of Art. 18 Para. 2 GDPR.
• Right to data portability: Unter den Voraussetzungen des Art. 20 DS-GVO haben Sie das Recht, Ihre personenbezogenen Daten, die Sie uns bereitgestellt haben, in einem strukturierten, gängigen und maschinenlesbaren Format zu erhalten oder, soweit dies technisch machbar ist, die Übermittlung unmittelbar an einen anderen Verantwortlichen zu verlangen.
• Right to revocation: If we process data based on your consent, you are also entitled to withdraw your consent in accordance with Art . 7 paragraph 3 GDPR to revoke at any time. Your revocation will mean that we will no longer continue the data processing that was previously based on this consent in the future. The lawfulness of the processing based on your consent until its revocation remains unaffected by your revocation.

If you would like to exercise your rights, please contact our data protection officer (contact details in section 2).

7. RIGHT TO OBJECT
If we process your data in accordance with the above paragraphs on the basis of Art a right to object. In the event of a justified objection, we will refrain from any further processing of your data unless this is necessary for compelling legitimate reasons that outweigh your interests, rights and freedoms, or to assert, exercise or defend legal claims. The right to object is subject to the restrictions of Section 36 BDSG.

If your personal data is processed for the purposes of direct advertising, you have the right to object at any time without restriction to the processing of your data for the purposes of such advertising. In this case, it is not necessary to specify a special situation.
If you would like to exercise your right to object, please contact our data protection officer (contact details under section 2).

9 . Right to complain to the supervisory authority
If you are of the opinion that the processing of personal data concerning you by us violates data protection regulations, you also have the right to complain to a supervisory authority in accordance with Art. 77 GDPR . As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or the place of the alleged violation. In Hesse this is the Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, telephone 0611-14080, email: poststelle@datenschutz-hessen.de