Privacy Policy
We, that is Quantiko GmbH, Mergenthalerallee 15-21, 65760 Eschborn, are delighted by your visit on our website www.quantiko-computing.com and your interest in the content offered. When you visit our website or get in touch with us, we might collect various personal data from you. Personal data is data which might identify you, for instance your name, address or e-mail address. In compliance with Article 13 of the General Data Protection Regulation (GDPR) the following privacy policy informs you (the "data subject" according to Article 4 (1) GDPR) which of your personal data is processed for what purpose and informs you about your rights regarding the processing of your personal data.
1 Coverage
This privacy policy covers the processing of personal data when you access the web content offered by Quantiko GmbH at www.quantiko-computing.com and by communication with us, for instance by e-mail using an e-mail address under the domain quantiko.de. The privacy policy for the content offered by Quantiko GmbH at www.quantiko.de can be found here. Our website may contain links to other websites managed by third parties. Those website might be subject to privacy policies as stated by their providers.
2 Responsible Person ("Controller") according to Article 4 (4) GDPR
Quantiko GmbH
Managing Director Dr. Reinhard Baltin
Mergenthalerallee 15-21
65760 Eschborn
Telephone: +49 (0) 6196 770 0020
E-Mail: info@quantiko.de
3 General Information on Data Processing
3.1 Scope of Processed Data
Basically, we collect and process personal data only to the extend necessary to provide a functioning website, and our content and services.
3.2 Lawful Basis for Processing Personal Data
Unless explicitly stated below we base the processing of personal data on the following: In case we obtain consent for processing personal data from the data subject, Art. 6 (1)(a) GDPR serves as the lawful basis. In case we have to fulfil a contract with the data subject as a contracting party, or have to take steps at the request of the data subject prior to entering into a contract, Art. 6 (1)(b) GDPR serves as the lawful basis. In case we have to comply to legal obligations we are subject to, Art. 6 (1)(c) GDPR serves as the lawful basis. In case vital interests of the data subject or of another natural person have to be protected, Art. 6 (1)(d) GDPR serves as the lawful basis. In case we have a legimitate interest in processing personal data and those interest are not overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 (1)(f) GDPR serves as the lawful basis.
3.3 Retention Period and Deletion
Unless explicitly stated below the personal data processed by us will be deleted or will be made restricted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory storage obligations we are subject to under Union or Member State Law. In case we have to fulfil those storage obligations we will delete the data once the mandatory retention periods have expired - unless we have to retain the data for contractual fulfilments.
3.4 Cooperation with Data Processors and Third Parties
If we disclose data to other persons and companies (data processors or third parties) within the scope of our processing, transfer data to them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission (for instance in order to fulfil contractual obligations according to Art. 6 (1)(b) GDPR), if you have given your consent, based on a legal obligation we are subject to or on the basis of our legitimate interests (for instance if we make use of web hosting in order to provide a secure and efficient website).
If we use the services of an external data processor, the processing of personal data by the processor will be governed by a contract according Art. 28 GDPR.
3.5 Transfer of Personal Data to Third Countries
We do not transfer personal data for processing, disclosure or for using the services by data processors to third countries (that is countries outside the European Union or the European Economic Area).
3.6 Updates
We kindly ask you to check our privacy policy regularly. We might modify or update its content whenever changes to the personal data processed make this necessary.
4 Access to the Website and Log-Files
4.1 Description and Scope of the Data Processed
Whenever you access our website our system captures data and information about your device and computer system you use for the access. The following is processed:
(1) name of the web page requested, (2) date and time of your access, (3) status message whether accessing the web page was successful, (4) amount of data transferred, (5) type and version of your browser, (6) type and version of your operating system, (7) previously visited website (Referrer URL), (8) your IP address.
These data and information are stored in log-files on our system as well. We will not use these data to cross-reference or augment other personal data.
4.2 Lawful Basis for Data Processing
Our legitimate interests according to Art. 6 (1)(f) GDPR serve as the lawful basis.
4.3 Purpose for the Data Processing
The temporary storage of your IP-adress in our system is necessary in order to deliver the content of the requested web page to your computer system.
We store the access data in log-files in order to ensure the stability and security of our website (for instance for fraud detection and prevention). We do not use this data for marketing purposes.
These purposes represent our legitimate interests according to Art. 6 (1)(f) GDPR.
4.4 Retention Period
The data will be deleted as soon as it is no longer required for its intended purpose. Regarding the data temporarily stored in order to deliver the content of the website this is the case when the session has been terminated.
We will keep the access data stored in log-files for six month at most. We might extend this period in case of fraud investigation until the respective incidents have been clarified.
4.5 Possibility to Object
The collection of access data and its storage in log-files are essential for providing a functioning and stable website and constitute compelling legitimate grounds for the processing. Therefore, any objection of the data subject against the data processing cannot be sustained (Art. 21 (1) GDPR).
5 Contacting us and Communication, for instance by e-mail
5.1 Description and Scope of the Data Processed
If you are contacting us, for instance by e-mail, we will store personal data you have provided to us like name, e-mail address and content of your enquiry. We will not pass on that data to third parties. The data will exclusively be used for communication with you and for processing your enquiry.
5.2 Lawful Basis for Data Processing
Our legitimate interests according to Art. 6 (1)(f) GDPR to process your enquiry serve as the lawful basis.
If your enquiry aims at contracting with us or the communication with you is necessary to fulfil our contractual obligations with you Art. 6 (1)(b) GDPR serves as the lawful basis.
If you consent by e-mail to processing your personal data, Art. 6 (1)(a) GDPR serves as the lawful basis.
5.3 Purpose for the Data Processing
The personal data is needed in order to process your enquiry. This purpose represents our legitimate interests according to Art. 6 (1)(f) GDPR.
If your enquiry aims at contracting with us or the communication is necessary to fulfil our contractual obligations with you we need to process your data just for these purposes.
If you consent by e-mail to processing your personal data, we need to process your personal data in that e-mail in order to demonstrate that you have consented according to Art. 7 (1) GDPR.
5.4 Retention Period
The data will be deleted as soon as it is no longer required for its intended purpose. For data necessary to process your enquiry this is the case when the conversation with you has obviously been finished, i.e. after all issues in your enquiry have been conclusively clarified.
Personal data which are processed for contractual fulfilment with you will be delete after legal requirements (for instance retention periods for commercial or tax reasons) allow us to do so.
Data necessary to demonstrate your consent to the processing of your personal data will be deleted after legal obligations allow us to do so.
5.5 Possibility to Object
If you have contacted us, for instance by e-mail, with an enquiry, you have the right to object to the processing of your personal data at any time (Art. 21 (1) GDPR) by sending an e-mail to info@quantiko.de stating your objection. In this case we are not able to continue to process your enquiry or to communicate with you. All personal data you provided when you have contacted us will be deleted.
6 Registration and Access to our Web-Service
6.1 Description and Scope of the Data Processed
Quantiko GmbH offers registered users a web-service on www.quantiko-computing.com for valuation and risk measurement of portfolios of financial instruments. For registration you have to provide us with a valid e-mail address, your first and last name, and the name of the company you are with. Before registration you have to consent to processing your personal data by sending an e-mail to us. After successful registration you can log in to our web-service by entering your user name and your password.
Whenever a registered user successfully logs into our web-service, our system stores a session-ID and date and time of the log-in. When the user logs out the user session is marked as closed in our system.
6.2 Lawful Basis for Data Processing
The consent given by the registered user for processing personal data serves as the lawful basis according to Art. 6 (1)(a) GDPR.
6.3 Purpose for the Data Processing
The personal data processed during registration is used for addressing the registered user, as user name, for allowing access to certain functionality, and for informing the registered user by e-mail about important innovations and changes regarding the web-service.
The user session data processed with every log-in is necessary for providing the web-service, in particular for identifying a registered user as authenticated.
6.4 Retention Period
The personal data processed during registration will be deleted after the contractual relationship for the web-service has ended or you as a registered user decide to withdraw your consent for processing your personal data.
After a user session has been marked as closed, the session data processed will be kept in our system for 30 days at most.
6.5 Possibilities to Object
According to Art. 7 (3) GDPR you as a registered user have the right to withdraw your consent for processing your personal data at any time by sending an e-mail to info@quantiko.de stating your withdrawal. In that case we will delete the personal data provided to us during registration and you will no longer be able to use our web-service.
You as a registered user can end your contractual relationship for the web-service at any time by sending an e-mail to info@quantiko.de. We will delete the personal data given during registration and you will no longer be able to use our web-service.
7 Cookies
Cookies are small text files which are stored temporarily on your device when you access a website. We do not use cookies on www.quantiko-computing.com for marketing purposes or site usage statistics and we do not use cookies by third parties.7.1 Description and Scope of the Data Processed
On some web pages of quantiko-computing.com a session cookie is used for technically necessary reasons - namely to identify a registered user as authenticated and to make the web-service user-friendly. The session cookie contains the session-ID which allows us to assign various browser requests to one common user session. After terminating the user session (for instance when you close your web browser) the session cookie will automatically be deleted from your device.
7.2 Lawful Basis for Data Processing
For using session cookies our legitimate interests according to Art. 6 (1)(f) GDPR serve as the lawful basis.
7.3 Purpose for the Data Processing
We use session cookies in order to identify registered users as authenticated and to make the web-service user-friendly. For this it is necessary to assign various web browser requests to one common user session.
These purposes represent our legitimate interests according to Art. 6 (1)(f) GDPR.
7.4 Retention Period
After terminating your user session (for instance when you close your web browser) the session cookie will automatically be deleted from your device.
7.5 Possibilities to Object
Cookies are stored on your device and transmitted to our website. Changing the settings in your web browser allows you to disable or restrict the transmission of cookies. Cookies already stored on your device can be deleted by you at any time. This can also be done automatically. If you disable or delete session cookies for our website on your device you might not be able to use certain functionality (in particular the web-service) of our website any more.
8 Your Rights
You can claim your rights below by sending an e-mail to info@quantiko.de stating your request. We will notify you when personal data concerning you has been corrected, resticted for processing or deleted according to Art. 19 GDPR.
8.1 Right of Access by the Data Subject
You shall have the right to obtain confirmation from the controller as to whether or not personal data concerning you are being processed. If that is the case you shall have the right to obtain additional information and a copy of the data according to Art. 15 GDPR.
8.2 Right to Rectification
You shall have the right to obtain from the controller the rectification of inaccurate personal data concerning you according to Art. 16 GDPR.
8.3 Right to Erasure
You shall have the right to obtain from the controller the erasure of personal data concerning you as stated in Art. 17 GDPR.
8.4 Right to Restriction of Processing
You shall have the right to obtain from the controller the restriction of processing of personal data concerning you as stated in Art. 18 GDPR.
8.5 Right to Data Portability
You shall have the right to receive the personal data concerning you which you have provided to us and to make us transmit those data to another controller according to Art. 20 GDPR.
8.6 Right to Withdraw your Consent
In case the processing of personal data concerning you is based on your consent according to Art. 6 (1)(a) GDPR you shall have the right to withdraw your consent at any time according to Art. 7 (3) GDPR. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
8.7 Right to Object
You shall have the right to object at any time to processing of personal data concerning you as stated in Art. 21 GDPR. In particular you might object against processing personal data concerning you for the purpose of direct marketing (Art. 21 (2) GDPR).
8.8 Right to Lodge a Complaint with a Supervisory Authority
You shall have the right to lodge a complaint with a supervisory authority according to Art. 77 GDPR. The supervisory authority responsible for the controller is
Der Hessische Beauftragte für Datenschutz und InformationsfreiheitPostfach 3163
65021 Wiesbaden
datenschutz.hessen.de/service/beschwerde