Privacy Policy

With the following privacy policy, we want to inform you which types of your personal data (hereinafter also simply referred to as "data") we process, for what purposes, and to what extent as part of the provision of our application.

The terms used are not gender-specific.

As of: April 10, 2025

Controller

Amin Hemmati
Checktik UG
Buhrowstr 20B
12167 Berlin

Authorized Representative: Amin Hemmati
Email Address: info@checktik.de

Overview of processing operations

The following overview summarizes the types of data processed, the purposes of their processing, and links to the categories of data subjects.

Types of data processed

• Inventory data.
• Payment data.
• Location data.
• Contact data.
• Content data.
• Contract data.
• Usage data.
• Meta, communication, and procedural data.
• Log data.

Categories of data subjects

• Service recipients and clients.
• Interested parties.
• Communication partners.
• Users.
• Business and contractual partners.
• Customers.

Purposes of processing

• Provision of contractual services and fulfillment of contractual obligations.
• Communication.
• Security measures.
• Reach measurement.
• Tracking.
• Office and organizational procedures.
• Conversion tracking.
• Target group formation.
• Organization and administrative procedures.
• Feedback.
• Marketing.
• Profiles with user-related information.
• Providing our online offer and user experience.
• Information technology infrastructure.
• Public relations.
• Business processes and economic procedures.

Relevant Legal Bases

Relevant Legal Bases under the GDPR: The following provides an overview of the legal bases of the GDPR upon which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Should more specific legal bases be relevant in individual cases, we will inform you of these in the privacy policy.

• Consent (Art. 6 Para. 1 S. 1 lit. a GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
• Fulfillment of a contract and prior to entering into a contract (Art. 6 Para. 1 S. 1 lit. b GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
• Legal obligation (Art. 6 Para. 1 S. 1 lit. c GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
• Legitimate interests (Art. 6 Para. 1 S. 1 lit. f GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National Data Protection Regulations in Germany: In addition to the data protection provisions of the GDPR, national regulations on data protection apply in Germany. These include in particular the Federal Data Protection Act (BDSG).

General Information on Data Storage and Deletion

We delete personal data we process according to legal provisions as soon as the underlying consents are revoked or no further legal bases for processing exist. Exceptions to this rule apply when legal duties or legitimate interests demand a longer retention or archival of data.

Particularly, data required to be kept for accounting or tax purposes or stored for legal prosecution must be correspondingly archived.

Storage and deletion of data: The following general retention periods apply in accordance with German commercial and tax law:

• 10 Years – For books and records, annual financial statements, inventories, management reports, etc.
• 8 Years – For booking vouchers, such as invoices and receipts.
• 6 Years – For remaining business documents, commercial or business letters, etc.
• 3 Years – For documentation of potential warranty and damage claims under civil law.

Rights of Data Subjects

Rights of data subjects under the GDPR: As a data subject under the GDPR, you possess various rights, specifically arising from Articles 15 to 21 GDPR:

• Right to object: You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you.
• Right of withdrawal regarding consents: You have the right to withdraw given initial consents at any time.
• Right to information: You have the right to demand confirmation regarding whether the data in question is being processed and to seek information regarding this data as well as further information and copy of the data in accordance with statutory requirements.
• Right to rectification.
• Right to erasure and restriction of processing.
• Right to data portability.
• Right to complaint with supervisory authority.

Business Transactions Pipeline

We process data of our contractual and business partners as part of contractual obligations and preliminary agreements. We use this data to fulfill our contractual responsibilities, accounting processes, and customer interactions securely.

Payment Providers

We offer effective and secure payment options globally via external third-party payment services (collectively "Payment Service Providers").

• Payment Services: Stripe (Stripe, Inc., USA), Visa Europe Services Inc.

Providing the Online Services and Web Hosting

We process the data of the users strictly necessary to serve our website and application elements securely and functionally.

Contact and Inquiry Management

When you contact us (e.g., via contact form, email, phone, or via social media), your information is processed to answer contact inquiries appropriately.

Web Analytics, Monitoring and Optimization

Web analytics tools (or "Reach Analysis") help us evaluate incoming website traffic. They measure behavior dynamically and gather general demographic footprints (age or gender estimates) anonymously to enhance our applications.

Social Media Presence & Third-Party Plug-Ins

We maintain an online presence across social networks to directly communicate with and offer our products to respective interactive users. We also incorporate functions (e.g. Google Maps or videos) into our offerings provided by third party servers.

Modification and Updates

We ask that you familiarize yourself with our Privacy Policy regularly. We adapt this privacy policy as soon as changes in the data handling we carry out require it. We will notify you whenever changes require active consent from you.