Concio Sarl (hereinafter only referred to as “Concio” or ”we”) takes the protection of your personal data as the Data Controller very seriously. We treat your personal data confidentially and in accordance with the provisions of data protection law. This privacy statement informs you about how, to what extent and for what purposes we process the personal data of customers using the Concio website and App.
Version No.: 1.1
Subject of data protection is personal data. Data is personal if it can be assigned to an identified or identifiable natural person. This includes information such as names, addresses, email addresses and telephone numbers.
The use of our website and App is generally possible without providing personal data. You are neither obliged to visit this website nor to provide any personal data. If you do not provide us with personal data, you might not be able to use individual functionalities of this website. Otherwise there will be no consequences for you. The collection of users’ personal data on our site is always on a voluntary basis, except in the cases described in the following. We would like to point out that data transmission over the Internet (e.g. communication by email) can have security gaps. A complete protection of data against access by third parties is not possible.
We collect, process and use your personal data, which you have provided us with when booking or registering an account for our member area, to the extent necessary in each case for the following purposes:
When you visit our website, we collect the necessary data to enable you to use it (usage data). This includes your IP address and data about the start, end and subject of your use of the website as well as any identification data (e.g. your login data when you log into a secure area). This data is used to provide and design the service according to users’ preference. This data is always deleted as soon as it is no longer required and if there are no storage obligations. For information on the processing of pseudonymous usage profiles, see item VII.
When you download data, use our mobile applications or access one of our websites optimized for mobile devices, we may collect information about you and your mobile device as described above in this statement. This can include location data, for example, if you release it for our mobile application. We use this information to provide you with location-based services such as search results and other personalized content, if approved by you and your device. You can control or deactivate location services from the settings menu on most mobile devices. If you have questions about deactivating location services on your device, we recommend that you contact your mobile service provider or the manufacturer of your device. If we collect other personal data that is transferred as a result of your use of our mobile applications or your access to our website with a mobile device, we will obtain your express consent in advance.
We may obtain additional information about you from third parties to supplement our account information to the extent permitted by law. This includes demographic and navigation data, credit check data and other information from credit agencies, to the extent permitted by law.
When you visit our website, information may be stored on your computer in the form of a cookie.
Concio uses web tracking systems for advertising, market research and to make your use of our website as pleasant as possible. This allows us to further develop our website and tailor content to your needs. Concio and third-party businesses may use the information collected through the Sites using cookies, web beacons, and other similar technologies to help manage online advertising programs. This information may enable us and our third-party advertising services and other third-party businesses to track the actions of users online over time and across different websites or platforms to measure statistics relating to marketing efforts, and to deliver electronic advertisements that may be more relevant to individual consumers and that will improve the consumer experience. For information about how tracking works for online advertising purposes, and what happens when you elect a do-not-track option, visit http://www.aboutads.info/choices. In addition, some third-party businesses may provide a mechanism to opt-out of their technology. For more information about the opt-out process, you may visit the Network Advertising Initiative website, available at: http://www.networkadvertising.org/managing/opt_out.asp.
If you reside within the European Economic Area (EEA), our processing of your personal information will be legitimized as follows: (i.) Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit. (a) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This article in the GDPR describes when processing can be done lawfully. (ii.) If the processing of your personal data is necessary for the perfor-mance of a contract between you and Concio or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b).”). If this data is not processed, Concio will not be able to execute the contract with you. (iii.) Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying in the fields of employment law. (iv.) And where the processing is necessary for the purposes of Concio’s’ legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.
Our website contains links to social networks (Facebook, Instagram, Twitter, Google+, Pinterest, LinkedIn). These social networks are operated exclusively by third parties. If you follow the links, information may be transmitted to these third parties. We use the so-called 2-click solution. This means, in general, that no personal data will be passed on if you visit our site.
Your personal data will only be transmitted to third parties if this is legally permitted or if you have given your prior consent. In particular, we will not sell your data to third parties or market it in any other way. We will only disclose your data to government authorities as part of legal obligations or as a result of an official order or court decision. We have bound our employees and partners to secrecy and to comply with data protection regulations.
Except as set forth in this Privacy Statement or when specifically agreed to by you, we will not disclose personal information we gather from you to third parties unless we are required to share this information to complete your request or for legitimate business purposes. Concio shares personal information in the following circumstances: We may share your information with vendors or third parties who deliver or provide goods and services or otherwise act on behalf of or at the direction of Concio. These third parties may include, for example, our third-party (technology) providers, Suppliers and partners. These third-party service providers will only have access to the information needed to perform these limited functions on our behalf.
As far as this is necessary for the initiation or execution of the contract - e.g. to process bookings for activities in countries outside the EU - we will transmit your data outside the EU. The same applies if such a transmission turns out to be necessary for our purposes. In this respect, we ensure that the data recipient guarantees an appropriate level of data protection and that no other interests worthy of protection conflict with the data transmission. Concio relies on derogations as set forth in Article 49 of the GDPR in the event no “adequacy” decision and no other safeguards under the GDPR are in place (for example binding corporate rules on the transfer outside the EEA). In particular, we collect and transfers to countries outside the EU personal data only: with your explicit consent; to perform a contract with you; in a manner that does not outweigh your rights and freedoms. If this data is not processed and transferred, Concio will not be able to execute the contract with you or you will not have access to any or all of the benefits and features associated with your transaction. We endeavour to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Concio and the practices described in this Privacy Statement. In the event that you have any questions to this end, please contact our Data Protection Officer.
We retain data for the duration of your business relationship with us and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you have a member account or require our services so that we can provide these services to you.
If you are in the European Economic Area, at the moment you withdraw your consent for the processing of your personal data, all your personal data received and stored are erased if no longer needed by us. Unless we are required to retain this personal data by law or to comply with our regulatory obligations. In such a case, we will only keep this personal data for as long as necessary. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact our data privacy resource at email@example.com.
Concio has taken the necessary technical and organisational measures to protect the personal data provided by you against loss, de-struction, manipulation and unauthorized access. Our employees and all persons involved in data processing are obliged to comply with the data protection laws and to treat personal data confidentially. Our employees have been trained accordingly. Both internal and external audits ensure compliance with all data protection processes at Concio.
We use a secure online transmission procedure, the so-called "Secure Socket Layer" (SSL) transmission, to protect the personal data of our users. You can see this from the fact that an "s" (https://) is added to the address component http://, or a green, closed lock icon is displayed. By clicking on the icon, you will receive information about the SSL certificate used. The display of the icon depends on the browser version used by you. The SSL encryption guarantees that your data is transmitted in an encrypted and complete way.
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects. If you wish to confirm that Concio is processing your personal data, or to have access to the personal data Concio may have about you, or have other questions, please contact us via firstname.lastname@example.org. You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Concio might have received the data from us; what the source of the information was (if you did not provide it directly to Concio); where the personal data is stored and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by us if it is inaccurate. You may request that we erase that data or cease processing it, subject to certain exceptions. You may also ask us for your personal data to be supplemented or updated, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may withdraw your consent for the processing of personal data or the further processing of personal data by us at any time. You may also request that Concio ceases using your data for direct marketing purposes. In many countries (including EEA countries), you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Concio processes your personal data. When technically feasible, we will—at your request—provide your personal data to you or transmit it directly to another controller. You have the right to receive your personal information in a structured and standard format. In addition to the information contained in this Privacy Statement, you may be provided with additional and contextual information concerning particular services or the collection and processing of your personal data upon request.
We do not use your personal data for automated individual decisions.
25 Rue Adolphe
VAT - LU32884175
Or by email: email@example.com
You can contact our Data protection Officer at: firstname.lastname@example.org
From time to time, we may need to update or modify this Privacy State-ment, to reflect changes in our business practices, data collection practices or organization. We reserve the right to amend this Privacy Statement at any time, for any reason, without notice to you, other than the posting of the amended Privacy Statement on our website, or, if you have provided your email address to us, sending you an email notifying you of the amended Privacy Statement. It is strongly recommended to check the Website often, referring to the date of the last modification listed at the top. We will in any case not reduce your rights under this Privacy Statement without your explicit and informed consent. If you do not agree to the changes, you should discontinue your use of the Website, and cease providing personal information to us, prior to the time the modified Privacy Statement takes effect. If you continue using the Website or provide personal information after the modified Privacy Statement takes effect, you will be bound by the modified Privacy Statement.