Privacy policy
Last update: 6, Oct 2024
Description
In the following, we inform about the collection and, if applicable, further processing (storage, etc.) of personal data in accordance with Art. 13 and Art. 14 of the EU General Data Protection Regulation (DSGVO).
Information about the responsible person
The responsible party according to Art. 4 No. 7 DSGVO is NIFTEE GmbH. You can find the direct contact details in the imprint.
Collection and further processing of personal data as well as type and purpose of processing
In the following, we inform you in which cases we collect personal data and for which purposes. In principle,
there is no legal or contractual obligation to provide your data; however, within the framework of the contractual relationship, it may be necessary to process certain data for the purpose of providing our services or on
the basis of legal obligations (e.g. tax regulations, GWG).
Processing of personal data when visiting our website
When using the website for information purposes only, we collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data on the basis of legitimate
interests to this extent, which are technically absolutely necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO): IP address, date and time of the
request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request came, browser, operating system and its interface, language and version of the browser software.
The data is stored in log files and is not merged with other data. The data is regularly deleted after one month at the latest.
For questions of any kind, we offer you the possibility to contact us via a form provided on the website. You can also contact us by e-mail or telephone. If you contact us, the information you provide (e.g. in the input mask) will be transmitted to us and stored.
The processing of the personal data provided by you in this respect serves to establish contact quickly and thus to process your inquiry promptly. This enables us to provide good customer service (legal basis is Art. 6 para. 1 lit. f DSGVO or your consent, Art. 6 para. 1 lit. a DSGVO). If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
Registration, use of the account and bidding process
To use the platform, your registration is required, otherwise you will not be able to bid in auctions. For this purpose, corresponding information is requested in the registration mask. If you can provide additional data voluntarily, you will be informed of this in the registration form. The data you provide will be stored by us in encrypted form. The data is stored on specially protected servers in Frankfurt am Main, Germany.
For security reasons, we use a KYC process ("Know Your Customer") as part of the registration process. This serves to verify your details and identity in order to prevent misuse and fraudulent actions and thus to increase the security of and trust in the platform. For this purpose, your data is transmitted to the service provider and KYC provider sumsub commissioned by us. The transmission is based on your free decision. If you do not wish this, we ask you to refrain from registering. In this case, however, you will not be able to participate in auctions. You can read details about the data processing by sumsub here: https://sumsub.com/data-protection-policy/ Sumsub confirms to work in particular DSGVO compliant.
After successful verification by sumsub, only the KYC status is transmitted to us and stored in our database in encrypted form.
During the bidding process, only your chosen username and wallet address will be displayed. If you are the highest bidder and win the bid, you will then be asked to pay. After the payment has been made, the seller can view the buyer's data in his account in order to create an invoice.
Cookies
When using our website, cookies are stored on your computer. Cookies are small files that are stored on your hard drive assigned to the browser you are using and through which the body that sets the cookie (in this case by us) receives certain information. Cookies are used to make the Internet offer as a whole more user-friendly and effective.
We use cookies that are technically necessary for the operation of the website. The purpose is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change (The legal basis is Art. 6 para. 1 lit. f DSGVO).
We require the following cookies for the operation of the website:
- [Please describe cookies].
Cookies are stored on the user's computer and transmitted to us by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full. Session cookies are automatically deleted after the end of your visit.
If we use cookies in addition, we will inform you about this at the appropriate place in this data protection declaration.
Deletion data
Unless otherwise stated in this declaration, personal data will be deleted immediately after the purpose for which it was collected has ceased to apply and provided that no retention periods (e.g. 10-year retention period based on tax law regulations with regard to all data relevant to the tax case or 6-year retention period based on commercial law regulations) or, for example, limitation periods for data that may be useful for legal prosecution (generally 3 years from the end of the year in which the claim arose) conflict with this. The personal data collected by us for contact inquiries will be deleted as a matter of principle once your inquiry has been dealt with, unless legitimate interests require us to store it for a longer period (e.g. because we have announced further inquiries, etc.). If your inquiry leads to the conclusion of a contract, your data will be deleted immediately after expiration of the statute of limitations and the legal retention periods.
Other processing and transmission of data
Beyond the cases mentioned in this privacy policy, we process your data only if:
you have consented to this in accordance with Art. 6 para. 1 lit. a DSGVO, this is necessary according to Art. 6 para. 1 lit. b DSGVO for the processing of contractual relationships with you (e.g. transmission to service providers required for the execution of the contract, in particular post office, authorities, tax advisors, etc.), there is a legal obligation for the processing pursuant to Art. 6 (1) c DSGVO (in particular professional, tax and commercial law retention and transmission obligations), and the processing according to Art. 6 para. lit. f DSGVO is necessary to protect the legitimate interests of us or third parties, in particular the assertion, exercise or defense of legal claims (e.g. disclosure to courts, debt collection, lawyers), unless your interests or fundamental rights and freedoms, which require the protection of personal data, override.
Recipients of the data may also be employed service providers on whose services we rely for the operation of our company (e.g. technical service providers for the maintenance of the software and IT landscape, hosting providers) and for the fulfillment of our contractual obligations. These process your data for us as so-called order processors and are obliged to handle the data with care.
Your rights
With regard to the personal data concerning you, you have the right to information, if necessary correction or deletion, if necessary restriction of processing, objection to processing (see below in more detail) and data portability.
You also have the right to complain to a data protection supervisory authority.
You have the right to revoke a declaration of consent under data protection law at any time with effect for the future.
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) DSGVO, you have the right to object to the processing of your personal data with effect for the future pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation.
Notes on email comunication
E-mail communication with us is unencrypted by default. If you write us an unencrypted e-mail or make an inquiry and ask for a response by regular e-mail, we initially assume that you agree to unencrypted communication. If you would like encrypted communication, please let us know.