Status: October 2020
Montold Cap Adviser GmbH (hereinafter referred to as "PULS" or "we") is always aware of the importance of the data you entrust to us. Responsible handling, confidentiality and the protection of your data is therefore of particular importance to us. Therefore, we naturally comply with all legal provisions of the applicable data protection law and this data protection declaration and would like to let you know when we save which data and how we use it.
** We ask you to take the following information carefully:
"Personal data" means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
"Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
"Consent" of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
§2 Controller / Contact
PULS decides independently on the technical means that PULS uses to communicate with the various financial sources, such as banks. The purposes of data processing are partly specified by legal provisions and by the offer of Puls and arise in the context of the respective use. For these reasons, PULS sees itself as the "responsible person" according to Art. 4 No. 7 General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other data protection regulations.
PULS contact address is: Tauentzienstraße 13, 10789 Berlin Germany
Authorised representative: Montold Cap Adviser GmbH,
Tauentzienstraße 13, 10789 Berlin Germany
If you have any questions or suggestions regarding data protection, please do not hesitate to contact us by email: firstname.lastname@example.org
§3 Principles relating to processing of personal data
(1) We undertake to treat all of your personal data that are forwarded to us in accordance with the applicable data protection laws. This means that, in particular, we will not pass them on to third parties without your consent. We also undertake to process the personal data protected by the Federal Data Protection Act and the GDPR only for the purpose of lawful performance of tasks. The data will not be used for purposes other than the legitimate fulfillment of tasks.
(2) The data collected by us is either provided by you when you use the PULS or when you use functions and services, or is generated during use. User data is always required so that the pulse can be used as required. The specific legal basis for data processing depends on the context and purpose for which we receive your data. As a rule, the legal basis for data processing for the following areas is as follows:
• If the processing of personal data is necessary to fulfill the contract concluded with you for the use of the PULS, as is the case, for example, with processing operations within the scope of the App use, which are necessary for the provision of any other service or consideration, the processing is based to Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services.
• Art. 6 I lit. a GDPR serves as the legal basis for processing operations in which we obtain consent for a specific processing purpose. A given consent can be revoked at any time.
• If we are subject to a legal obligation that requires the processing of personal data, such as to fulfill tax obligations, the processing is based on Art. 6 I lit. c GDPR.
(3) If necessary, we process data collected beyond the actual fulfillment of the contract in accordance with Art. 6 I lit. f GDPR to safeguard the legitimate interests of us and third parties, provided that the interests, fundamental rights and freedoms of the person concerned do not outweigh them. This includes the following activities:
• Business and risk management measures, as well as ensuring operational continuity and IT security; including fraud prevention;
• assertion of legal claims and defense in legal disputes;
• Development of aggregated statistics, tests and models for research and development to improve and further develop the existing service provision; incl. customer segmentation and calculation of completion probabilities;
• Advertising or market and opinion research, unless you have objected to the use of your data.
(4) We store your personal data, which arise when using the PULS, as long as this is necessary for the purposes mentioned above. In addition, we are subject to various legal proof and retention requirements, which are regulated in the Commercial Code, tax laws and the tax code, among others. The storage periods are usually up to ten years. In addition, personal data may be kept for the time in which claims can be made against us (statutory limitation period of three or up to thirty years). After the storage period has expired, the personal data is deleted using a standardized or automated process.
We collect the following personal information:
• Your name
• Your email address
• Your username, password and other registration information
• Technical information, including the internet protocol (IP) address used to connect your computer to the internet, your log-in information, the browser type and version, the time-zone setting, the operating system and platform, the type of device you use, a unique device identifier (for example, your device's IMEI number, the MAC address of the device's wireless network interface, or the mobile phone number used by the device), mobile network information, your mobile operating system, the type of mobile browser you use and so on.
• Information about your visit, including the links you have clicked on, through and from our site (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling and clicks), and methods used to browse away from the page.
• Information on transactions (for example, payments into and out of your account), including the date, time, amount, currencies, exchange rate, beneficiary details, details of the merchant or ATMs associated with the transaction, IP address of sender and receiver, sender's and receiver's name and registration information, messages sent or received with the payment, details of device used to arrange the payment and the payment method used.
§4 consent and delivery declarations
If you set up an account access in the PULS, you consent that within the scope of fulfilling the contract of the account information service when calling up account and sales data of the functions described in §5 in the account area, sales data is necessarily processed. These sales data may allow conclusions to be drawn about special types of personal data (information on racial and ethnic origin, political opinions, religious or philosophical beliefs, union membership, health or sex life). We do not draw any conclusions of this kind, this data is therefore used exclusively for the provision of the account information service.
§5 Use of Puls or services
(1) For an application, for example by a registration and subsequent login, leave basic data (including information on how you found us on the Internet) that is sent to us. This data is specified by the registration form and is collected, stored and used exclusively for the use of the PULS and its services. With this registration data we will inform you about changes, additions or new versions of the PULS and information provided on the website as well as e.g. news of The Puls.
(2) As part of and to enable the use of the PULS or the provision of the functions mentioned in the user agreement for the PULS, the PULS-provider collects various types of personal data, some of which are provided by you and some of which are for the use of the PULS and associated service provision are necessary or arise from the use. In particular, we use the account information service to call up sales data for the bank accounts and other accounts you have created, which we then process as part of your use.
(3) The Puls enables you to control your or company's spending behavior and to manage spending budgets in order to obtain a transparent financial overview of your income and expenses. The Puls will automatically categorize the transactions for this. This function is an essential part of the Puls and cannot be deselected by you (basic functionality).
(4) In order to speed up the App start and to be optionally informed about account changes (e.g. via push notification), the PULS-App supports you with an automatic account update. Account information is retrieved from your bank several times a day without you having to initiate it yourself (background update). This is a basic functionality of the PULS- App. A prerequisite for this function is that you have consented to the storage of your bank PIN by Finleap Connect in their interface. For the avoidance of any doubt Puls does neither store nor it has access to your bank PIN at any time. You can revoke your consent to the storage of your access data at any time via Finleap Connect interface.
(5) Another basic functionality are the financial tips, i.e. the presentation of tips relating to your financial and insurance situation, which will help you to keep an even better eye on and optimize your financial situation. For this purpose, we evaluate your account information and the data you have entered in the Puls- app.
(6) As part of the above functions, this data is prepared for you as a user in such a way that the data from the respective sources are merged and then presented to you in a clear manner so that you receive a direct overview of all financial data. In particular, we enable the following:
• Online banking for different banks (multibanking);
• Collected access across all accounts created;
• Transparent overview of turnover history;
• Categorize account sales for your own control of income and expenses
• Spending control and discipline through budgets;
• Greater transparency across all accounts;
• Identification of any shortages or surpluses;
• Identification of savings and financial tips to support independent financial decisions;
• Holistic transparency about the financial situation.
(7) In order to support you in your user experience with personal advice on your financial matters (comparisons, offer calculation) and information about improvements in the app and other actions of the Puls-provider, you can activate the option in the Puls that we will contact you by Contact mail and / or phone.
If you have given your consent to contact us by phone or email, you agree that the app provider will contact you to offer financial services using the telephone number or email address you have provided. This data is only used for the purpose of contacting you and only passed on to other third parties if you expressly agree to this.
(8) You can revoke your consent given in paragraph 7 as well as in §4 at any time. Please note that the cancellation only applies to the future. Processing that took place before the revocation is not affected. By deleting the Pulse account, you revoke the consent given in accordance with §4. You can revoke consent in accordance with paragraph 7 directly within the app.
for more information about cookies.
§ 7 Order processing, opt-out, push
(1) In order to improve the quality and security of our service, we store the data about the individual accesses to the content of the PULS, which the app variant used transmits, for statistical purposes as well as for fraud detection and detection, whenever you use receive PULS. These server protocols differ depending on whether you use the PULS in the browser version (web app) or in the mobile app version. These logs contain data such as your usage request, your IP address, browser type, browser language, date and time of your access as well as general information such as when errors occur and information from security events (change password, password recovery, change email address , Change of mobile phone number, registration with new device).
(2) Puls uses third-party tracking services to improve user-friendliness and to determine how you use the pulse platform and from where you call up our offer. The information collected includes the pages visited, navigation patterns and similar data. Although the providers log the data originating from Puls on our behalf, we have control over how this data can or may not be used. The tracking measures we use are based on Art. 6 Para. 1 S. 1 lit. f GDPR carried out. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our services. On the other hand, we use the tracking measures described below to statistically record the use of Puls and to evaluate it for the purpose of optimizing our offer. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation.
We share your information with:
• Suppliers who provide us with IT, banking data and other data services to help us provide our services to you.
• Our banking and financial-services partners and payments networks, including Visa and Mastercard to help us provide our services to you this includes banking and lending partners, banking intermediaries and international payment-service providers.
• Advertisers to promote our services.
• Analytics providers and search information providers to help us improve our website or app.
• Customer-service providers, survey providers and developers to help us to provide our services to you.
• Communications services providers to help us send you emails, push notifications and text messages.
§ 8 Communication
(1) If you send e-mail messages or other messages to us or enter them directly on the website /Puls, we as the provider store such messages in order to process your request, answer questions and the website, products, Improve functions / services and services.
(2) Communication within the Puls takes place exclusively via an encrypted internet connection and storage on internet-connected servers. In addition, e-mails, SMS and possibly push messages are sent directly to the end device as part of the communication.
§ 9 Data security
(1) Our technical infrastructure reliably protects against unauthorized third parties being able to view and change the data stored by us (data security and integrity). In doing so, we contractually ensure that the fundamental requirements of the data protection regulations of German and European law are met by us and our service providers.
(2) If data is stored and processed on servers on behalf of the app provider as part of services or in any other way, the app provider ensures compliance with the data protection regulations and the content of the data protection declaration by means of suitable technical, organizational and contractual Measures safe. The data created by you as part of the use of the Puls and of services and / or functions within the Puls, in particular via the login (if you choose this) and the application, are stored on dedicated servers in a high-security data center by the app provider the server service provider but not used or processed in any other way.
(3) The app provider takes the necessary security measures to protect data from unauthorized access and to prevent unauthorized modification, publication or destruction of data. This includes internal reviews of data collection, data storage and data processing practices and security measures, as well as physical security measures to protect against unauthorized access to the systems on which personal data is stored.
Should the changes affect processing activities performed on the basis of the User’s consent, the PULS shall collect new consent from the User, where required.