In this Privacy Policy you will learn how Taurigo GmbH ("Company", "Taurigo", "we", "us" or "our“) collects and process your personal data, as the controller, when you use our services ("Services"). Furthermore, we explain your rights and options regarding the collection and processing of your personal data. If you have any questions, you can contact us.
The policy applies to your use of all our services and covers both the free and paid versions of our offer. In addition, new services offered by us will also be subject to this Privacy Policy unless we publish a different policy when we introduce the new services.
The protection of your personal data is very important to us, which is why we only collect and use your personal data within the framework of the statutory provisions, such as in particular the German Data Protection Regulation ("GDPR") and the German Federal Data Protection Act ("BDSG").
Please do not use our services if you disagree with this policy.
In the Cookie Policy you will find information about our use of cookies, how to manage them, and the possibility to change the settings.
The following structure gives you a rough overview of the structure of the Privacy Policy:
In the following, you will learn which data is collected, processed, or used by us. When we talk about "personal data", we are talking about data by which you can be personally directly or indirectly identified, or other data that can be associated by us with data of this type.
User data: is personal data that we need to create your account or provide our services. We obtain this type of data directly from you, such as from the registration form or by your changing the data in the account settings. This includes:
Usage data: is personal data that we collect from you when you access and use our services. This category of data includes in particular:
Payment data: is personal data that we collect during the payment process for one of our paid subscriptions or is provided to us by our payment processors. The personal data collected depends on the payment method you choose. Typically required personal data are:
Data from website access: Website access data is data that your device automatically transmits for technical reasons when you access our website. This data includes:
To collect the data, we use various technologies such as cookies, browser web storage, application data caches, databases, or server logs. Please see also our Cookie Policy for further information and how we use them.
The reasons for collecting the data are listed below. At the end of this section, the respective legal bases that permit the respective reasons are also listed.
1 Fulfilling a contract: This includes situations in which we necessarily collect personal data from you to either fulfill obligations under a contract with you or to verify data before a new contract begins (Art. 6 (1) lit. b GDPR).
2 Legitimate interest: Use of your personal data by us or third-party providers that is necessary and justified, taking into account potential risks to you and other users (Art. 6 (1) lit. f GDPR).
3 Consent: When we actively seek your consent to use and process your personal data for a specific purpose before using your data (Art. 6 (1) lit. a GDPR).
4 Compliance with a legal obligation: When, in order to comply with a law, we need to process your personal data (Art. 6 (1) lit. c GDPR).
We disclose personal data to the following categories of recipients. This section also explains the purpose for which we pass on this data.
We may send your information to selected third-party service providers, for example, to host our website, secure our system and services, or process payments.
These service providers process your data only on our instructions and have implemented technical and organizational measures for the security of your data during data processing.
Please also see the section “ Transfer and processing of your personal data in other countries”.
We disclose personal information to law enforcement, courts, and other government agencies when we have a good faith belief that access to, or use, preservation or disclosure of, that information is reasonably necessary.
We share your personal information in the event of a purchase of our company or a merger with another company.
In these cases, we continue to ensure the confidentiality of your user-related data. In addition, we will inform you before sharing your data or changing privacy policy.
You have the option to register and log in directly with us using your Google Account. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
To sign in via Google, you must have a valid Google Account. To register, you will need the username and password of your Google Account. When you register, Google will confirm your identity to us via the so-called User ID. Please note that Google will send us your name, email address, and language preference, if applicable. Depending on the settings in your Google Account, other data from your Google user profile may also be transferred.
If data is transferred to Google, LLC (USA), this is done on the basis of the EU Commission's adequacy decision on the EU-US data protection framework.
For more information about data processing by Google, please see the privacy policy: https://policies.google.com/technologies/partner-sites.
The legal basis for this data processing is your consent, Art. 6 (1) lit. a GDPR. You can revoke this consent at any time with effect for the future by deactivating the sign-in function in your Google account.
The purpose of processing your data is to authenticate your identity and provide you with a user account for our services.
The personal data collected will be stored only for as long as necessary to fulfill the above purposes or as required by law. After expiration of these periods, the data will be deleted or anonymized.
You have the option to register and log in directly with us using your Microsoft Account. This service is provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA.
To sign in via Microsoft, you must have a valid Microsoft Account. To register, you will need your Microsoft Account credentials. When you log in, Microsoft will confirm your identity to us and will send us your name, and email address. Depending on your Microsoft Account settings, additional data from your user profile may also be transferred.
If data is transferred to Microsoft’s entities in the USA, this is done based on the EU Commission's adequacy decision regarding the EU-US data protection framework.
For more information about data processing by Microsoft, please see the privacy policy: https://privacy.microsoft.com/en-us/privacystatement.
The legal basis for this data processing is your consent, Art. 6 (1) lit. a GDPR. You can revoke this consent at any time with effect for the future by deactivating the sign-in function in your Microsoft account.
The purpose of processing your data is to authenticate your identity and provide you with a user account for our services.
The personal data collected will be stored only for as long as necessary to fulfill the above purposes or as required by law. After expiration of these periods, the data will be deleted or anonymized.
We use Amazon Web Services (AWS), a cloud computing service owned by Amazon.com, Inc, 410 Terry Ave. North, Seattle WA 98109-5210, USA, to provide and operate our website and services.
When accessing our website or using our services, certain personal data may be transferred to and processed by AWS, such as IP addresses, device information, and browser data.
Since our website is hosted in the US, personal data may be transferred to the US, where it is processed by AWS. However, we have taken the necessary measures to ensure that the transfer of personal data to the US is carried out in accordance with the requirements of the GDPR.
AWS does not collect or process personal data on its own behalf, nor does it disclose it to third parties, unless required to do so by law or we have expressly authorized it to do so.
For more information about data processing by AWS, please see the privacy policy: https://aws.amazon.com/privacy/.
We use AWS for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our offer by a professional provider (Art. 6 (1) lit. f GDPR).
The purpose of processing personal data through AWS is to ensure the reliable and secure hosting of our website and services, enabling us to deliver our offerings effectively to users.
The personal data collected by AWS will be stored only for as long as necessary to fulfill the above purposes or as required by law. After expiration of these periods, the data will be deleted or anonymized.
For the processing of payments, we use the payment service provider Stripe Inc. (510 Townsend Street, San Francisco, CA 94103, USA). In During the payment process, the following personal data in particular are collected and processed:
Stripe acts as an order processor in order to be able to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively according to our instructions and has been contractually obligated within the meaning of Art. 28 GDPR to comply with the provisions of data protection law.
Stripe has implemented compliance measures for international data transfers. These apply to all global activities where Stripe processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You can find more information about Stripe's data protection at: https://stripe.com/privacy-center/legal.
Data processing for the purpose of payment is necessary for the performance of a contract between you and Taurigo and is based on Art. 6 (1) lit. b GDPR. Data processing for the purpose of fraud prevention and offering an efficient and secure payment method is based on our legitimate interests pursuant to Art. 6 (1) lit. f GDPR.
As soon as the processed personal data is no longer required for the fulfillment of the contract, we will delete them. But even after termination of the contract, it may be necessary to store personal data from you in order to comply with contractual or legal obligations, in particular the statutory retention obligations.
We use the services of OpenAI, LLC (1455 3rd Street, San Francisco, CA 94158, USA) for generating Stock Chat answers.
When you send a message in the Stock Chat and your message contains personal information, this personal information is processed and temporarily stored by OpenAI.
OpenAI has implemented compliance measures for international data transfers. These apply to all global activities where OpenAI processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You can find more information about OpenAI's data protection at: https://openai.com/enterprise-privacy/.
We use OpenAI for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) lit. b GDPR).
The personal data collected by OpenAI will be stored only for as long as necessary to fulfill the above purposes or as required by law. After expiration of these periods, the data will be deleted or anonymized.
Once we process your personal data, you have the following rights against us. Please note that in some of these cases you may no longer be able to use Taurigo. To exercise your rights, you can always contact us directly (see section 16: “Contact us”).
You have the right to request information about and access to the data we process.
You have the right to request the correction and/or completion of incorrect or incomplete personal data. We must make this correction without delay.
You have the right to request the deletion of certain personal data.
You have the right to request temporary or permanent restriction of the processing of personal data concerning you.
You have the right to oppose the processing of personal data concerning you at any time on grounds relating to your particular situation. As a result, we will no longer process the data, unless there are compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.
In addition, you have the right to oppose the processing of your personal data for direct marketing purposes. We will subsequently no longer process this data for these purposes.
You have the right to receive a copy of the personal data concerning you in a structured, common and machine-readable format. You also have the right to transfer this data to another party for use by that party.
You have the right to revoke your data protection consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR.
Once you close your account, we will delete or anonymize your personal data. However, for some of this data, we are obliged to retain it or need it for a legally justifiable purpose, such as:
Once the retention period has expired or the legally justifiable purpose no longer applies, the data will also be deleted or anonymized.
We collect personal data only as long as the purpose of collection exists. Therefore, different data have different retention periods depending on the type of data and how we use it:
The protection of your personal data is very important to us. Therefore, we develop and use appropriate technical and organizational measures to protect your data, for example, from unauthorized access and alteration, disclosure or destruction. These measures include for example:
You can also contribute to increased security of your data by, for example:
We continuously improve our security measures in line with technological developments.
In the course of our activities, your personal data may be transferred to countries other than your own country of residence. It may be that the data protection laws in that country are not as strict as the EU legislation or the laws that apply in your country of residence. For these cross-border transfers, we will ensure that the data transfer complies with the applicable law and meets the same level of protection as in the EU.
For example, we use the following measures to ensure this:
To use Taurigo you must be at least 18 years old. If we learn that we have nevertheless collected personal data from a person under the age of 18, we will delete the personal data as soon as possible. In particular, the account of the person concerned will be deleted.
We may change our privacy policy from time to time. This may be due to changes in legal, regulatory or operational requirements. If we make minor changes that do not affect your rights, we will not notify you.
However, if we make a material change to the Privacy Policy, we will notify you by email as required by law, and we will tell you when the changes will take effect. In the event that you continue to use Taurigo after the effective date of the updated policy, we will assume that you agree to the changes. If you do not accept the changes, you must delete your account before the effective date.
You will always see the current modification date under "Last updated" at the top of the terms.
If you have any questions about our privacy policy, please contact us via our contact form, by email or by letter:
Taurigo GmbH.
Fontanestr. 33
71277 Rutesheim
Germany
E-Mail: service@taurigo.com