General Privacy Policy
Data Privacy Statement
The following data privacy statement is intended to inform you about the types of your personal data (hereinafter also referred to as “data”) that we process, for what purposes, and to what extent. This data privacy statement applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, and within external online websites, such as our social media profiles (hereinafter collectively referred to as “online services”).
All terms used are not gender-specific.
Introduction
Controller
Wagawin GmbH
Haydnstr. 11
80336 Munich
Germany
E-mail: info@wagawin.com
Directors: Nicolas Leonhardt, Andreas Merold
Imprint: https://www.wagawin.com/imprint/
Data Protection Officer – Contact Details
Ms Regina Mühlich
Data Protection Officer
Wagawin GmbH
Haydnstr. 11
80336 München
Germany
E-Mail: datenschutz@wagawin.com / privacy@wagawin.com
Relevant Legal Grounds
Below you will find the legal grounds of the General Data Protection Regulation (GDPR) that form the basis for the way in which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may also apply in your and our home state. Furthermore, we will inform you in the data privacy statement if more specific legal grounds apply in individual cases.
Security Measures
We undertake appropriate technical and organizational measures in accordance with legal requirements, and taking into account the state of the art, implementation costs and the nature, scope, circumstances, and purposes of processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection commensurate with the risk.
These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, safeguarding of availability, and the separation of data. Furthermore, we have established procedures to ensure that the rights of data subjects are observed, that data are erased, and that we respond to any threat to the data. We also consider the protection of personal data as early as in the development or selection of hardware, software, and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.
IP address truncation: Wherever it is possible for us, or if it is not necessary to store your IP address, we will truncate your IP address or have it truncated. In the event that your IP address is truncated, which is also known as “IP masking”, the last octet will be deleted (the IP address in this context is an identifier individually assigned to an Internet connection by the online access provider). The reason for truncating an IP address is to prevent or significantly inhibit the identification of a person based on their IP address.
SSL encryption (https): We use SSL encryption to protect the data transmitted via our online services. You can recognize such encrypted connections by the prefix https:// in the address line of your browser.
Transmission and Disclosure of Personal Data
When we process personal data, it may happen that the data are transferred to, or disclosed to, other bodies, companies, legally independent organizational entities, or individuals. The recipients of such data may include, for example, payment institutions in connection with payment transactions, service providers commissioned to perform with IT-related tasks, or providers of services and content that are integrated into a website. We observe the statutory provisions in such cases and in particular conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
Data transmission within the organization: We may transfer, or grant access to, personal information to other people within our organization. Where such transfer is for administrative purposes, the transfer of the data is based on our legitimate commercial and business interests, or is performed in order to meet our contractual obligations, or is based the consent of the data subjects, or legal authorization, that has been obtained.
Data Processing in Third Countries
We will only process data in a third country (i.e. outside of the European Union (EU), the European Economic Area (EEA)), or if processing takes place in connection with the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, in accordance with legal requirements.
We only process, or allow data to be processed, in third countries that offer a recognized level of data protection, or on the basis of special guarantees – such as contractual obligations based on so-called standard protection clauses of the EU Commission, the existence of certifications, or binding internal data protection regulations – subject to express consent or if transfer is contractually or legally required (Articles 44 to 49 GDPR; please refer to the information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en).
Erasure of Data
The data we process will be deleted in accordance with statutory provisions as soon as the consent granted for processing is withdrawn or other authorizations cease to apply (e.g. if the purpose for which the data were processed ceases to apply or if they are no longer necessary for such purpose).
The processing of the data will be limited to these purposes, unless the data are not erased because they are required for other, legally permissible purposes. This means that the data are blocked and not available for processing for other purposes. This applies, for example, to data that need to be retained for commercial or tax law reasons, or that need to be stored to assert, exercise, or defend legal claims, or to protect the rights of another natural or legal person.
You can find further information on the erasure of personal data in the individual data protection information of this privacy statement.
Use of Cookies
Cookies are text files that contain data from websites or domains visited and are stored by the browser on a user’s computer. The primary purpose of a cookie is to store information about a user during or after their visit to a website. Stored information may include, for example, the language settings for a website, login status, a shopping cart, or the location where a video was viewed. The term “cookies” also covers other technologies that perform the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as “user IDs”).
A distinction is made between the following cookie types and functions:
- Temporary cookies (also called session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.
- Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, a user’s login status can be saved, or preferred content can be displayed directly when the user revisits a website. Similarly, users’ interests, which are used to measure reach or for marketing purposes, can be stored in such a cookie.
- First-party cookies: First-party cookies are set by us.
- Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user entries, or for security reasons).
- Statistical, marketing and personalization cookies: In addition, cookies are also generally used in connection with range measurement and when the interests of a user or their behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also known as “tracking”, i.e. monitoring the potential interests of users. We will inform you separately in our data privacy statement when we use cookies or “tracking” technologies, or at the time we obtain your consent.
Notes on legal basis: The legal basis on which we process your personal data using cookies depends on whether we ask you for your consent. If this is the case, and you consent to the use of cookies, the legal basis for processing your data is declared consent. Otherwise, data processed using cookies will be processed on the basis of our legitimate interests (e.g. for the commercial operation of our website and its improvement) or if the use of cookies is necessary to meet our contractual obligations.
Storage duration: Please assume that the storage duration can be up to two years unless we provide you with explicit information on the storage duration of permanent cookies (e.g. In connection with a so-called cookie opt-in).
General information on withdrawal and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you may at any time withdraw any consent you may have given or object to the processing of your data by cookie technologies (collectively referred to as an “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (this may also limit the functionality of our website). An objection to the use of cookies for online marketing purposes can also be lodge through a number of services, especially in the case of tracking, via websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can receive further information on objections as part of the information on service providers and the cookies they use.
Processing cookie data based on consent: Before we process, or allow data to be processed, in connection with the use of cookies, we ask users for their consent, which can be withdrawn at any time. Until consent has been explicitly given, only those cookies will be used that are absolutely necessary for the operation of our website.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Legal grounds: Consent (Article 6 (1) (a) GDPR), legitimate interests (Article 6 (1) (f) GDPR).
Services Used and their Providers:
- Google Tag Manager
This website uses the Google Tag Manager. which allows website tags to be managed through an interface. The Google Tool Manager only implements tags. This means that cookies are used, and no personal data are collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access these data. If deactivation was performed at the domain or cookie level, it will remain for all tracking tags, provided they are implemented with the Google Tag Manager.- Provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
- Website: https://www.google.com
- Privacy policy: https://policies.google.com/privacy?hl=en
- Facebook Pixel
Our website uses Facebook Pixel, a remarketing service.
Facebook Pixel allows us to understand whether you complete certain actions on our website after you have viewed or clicked on one of our display/video ads on Facebook or another Facebook platform. Using the data from your interaction, we can then subsequently present you with targeted advertising.
The information generated by the pixel is transferred by Facebook to a server in the USA for evaluation and stored there. If you have a Facebook account, the information associated with Facebook Pixel can also be added to your Facebook account.- Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
- Website: https://www.facebook.com
- Privacy policy: https://www.facebook.com/policy.php
- Google Floodlight Pixel
Our website uses Google Floodlight Pixel, a remarketing service.
Google Floodlight Pixel enables us to understand whether you complete certain actions on our website after viewing or clicking on one of our display/video ads on Google or another Google platform. Using the data from your interaction, we can then subsequently present you with targeted advertising.
The information generated by the pixel is transferred by Google to a server in the USA for evaluation and stored there. If you have a Google account, the information associated with Google Floodlight Pixel can also be added to your Google account.- Provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
- Website: https://www.google.com
- Privacy policy: https://policies.google.com/privacy?hl=en
- LinkedIn Conversion Tracking (LinkedIn Corporation)
LinkedIn Conversion Tracking is an analytics service provided by LinkedIn Corporation that links data from the LinkedIn advertising network to actions taken through this application.- Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
- Website https://business.linkedin.com/marketing-solutions/conversion-tracking
- Privacy policy: https://www.linkedin.com/legal/privacy-policy; https://www.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Product Privacy Policy
1. Introduction
Wagawin GmbH (“Wagawin”, “we”, “us”) respects your privacy and we are responsible for taking care of it. This privacy policy will tell you about your relationship with us. We therefore ask you to read them carefully. This privacy statement is intended for end users of Wagawin’s advertising services, called “LivingAds”.
Why you should read this privacy statement:
Many website operators and app developers make their content available free of charge. But of course they also have to pay their bills. That’s why they broadcast advertisements to you. We help to place advertisements on websites and in apps. As you know, advertising is often annoying and boring. That’s why we create interactive advertising and try to show you the advertising that is interesting for you.
To accomplish this, however, we need some information about you that the Data Protection Act (DS-GVO) classifies as personal data. If we store personal data about you, this is only an identification number or a cookie that is stored in your browser. We will never be able to find out your name, birthday or address and therefore will not store it. Your personal data will only be processed by us if this is necessary to fulfil the contract, if we or the third party have a legitimate interest in the processing or if you have given your consent.
To ensure that your are well informed about your privacy rights we want
- To inform you about the way in which we use your personal data
- To ensure that you understand what information we collect, what we do with it, and most importantly, do not do with it
- To show us responsible for the protection of your data and rights within the framework of this privacy statement /li>
2. Our service called “LivingAds“
Wagawin provides advertising & marketing services for our Advertiser clients (“Advertisers”). When it comes to mobile advertising, we think interaction matters. Therefore we provide ad formats, called LivingAds, that allow users to interact with advertising content. Our service helps our advertisers’ ads to generate higher awareness and higher performance as we show ads to users that are interacting with advertising content. Furthermore, we aim to make advertising more useful and relevant to users by showing ads that are best tied to their specific interests. Our platform uses interaction data, as well as other data described below, to help Advertisers provide ads to you that are more relevant to you.
3. What personal data we collect
Publishers can choose how to receive LivingAds. No matter if publishers use our SDK or API or provide their traffic programmatically, we collect device and browser information for the purpose described below. This is technical information about the device or browser you use to access the Advertiser’s website. For example, your device’s IP address, cookie string data, operating system, and (in the case of mobile devices) your device type and mobile device’s unique identifier such as the Apple IDFA or Google Advertising ID. Knowing this basic information, we collect certain data about the ads we served (or attempted to serve) to you. It includes things like how many times an ad has been served to you, what page the ad appeared on, and whether you clicked on or interacted with the ad.
4. How we process the personal data we collect
We use this data to help our Advertisers identify and serve ads to you that are more relevant to you. We also use this data to operate, improve and enhance our services including enhancing the data points we or our Advertising Partners have about a particular user, browser, or device to serve the most relevant ads to you and, in turn, improve performance of an Advertiser’s ad campaigns. Specifically, we use this data for:
- Re-Targeting: Selecting ads that are more likely to be relevant to you based on the interests previously associated with your device and the time of day you may be most interested in viewing these specific ads
- Frequency capping: Making sure that you don’t see the same ad too many times
- Sequencing: If you are being served a sequence of ads, making sure we show you the right ad next in the sequence
- Attribution: Monitoring when, where, and at what price we served certain ads on behalf of an Advertiser so that we can measure our influence on the marketing result of the Advertiser’s campaigns and overall marketing strategy
- Reporting: Providing Advertisers insights into how their ads are performing and gain insights into their customers. Reporting may include ad metrics such as impressions, interactions, clicks, and conversions (however the Advertiser may define a “conversion,” for example, a sale or a white paper download).
- Fraud Detection: By using the ad metrics mentioned above, we focus on real users and dismiss fraudulant traffic
- Maintenance: The maintenance of the system and the ongoing operations.
5. Management of Cookies and Ad IDs
If you wish to return your browser to a cookie-free state for this domain, find your browser in the list below and follow the instructions. Once complete, your browser will have no cookies from this domain and you can re-attempt some of the tests for the demos.
- Google Chrome: https://support.google.com/accounts/answer/32050?co=GENIE.Platform%3DDesktop&hl=en
- Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
- Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Internet Explorer Edge: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
- Safari (Mobile): https://support.apple.com/en-us/HT201265
- Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Depending on your operating system, manage your Ad IDs as follows:
- GAID (Android): https://support.google.com/ads/answer/2662922?hl=en
- IDFA (iOS): https://support.apple.com/en-us/HT205223
By reseting your GAID/IDFA or removing all cookies of the domain *.wagawin.com, we cannot match you data with your device anymore.
6. Opt out possibility
You can also object to the processing of your data by Wagawin via the following link: https://de.wagawin.com/web/optout
7. Sharing of personal data
We may share your personal data with our subcontractors to track conversions (e.g. app installs).
Information on how you have interacted with a particular ad is only given to third parties by us if we or the third party have a legitimate interest in passing it on or if you have given your consent.
When we are under a legal obligation to do so, for example to comply with a binding order of a court, or where disclosure is necessary to exercise, establish or defend the legal rights of Wagawin, we share your data with the responsible authority.
We store all personal data of EU citizens on servers within the European Union. In the selection of data centers we ensure that country-specific data protection laws are fulfilled.
8. Retention of personal data
We store user data for the purpose of the bullets stated in section 4 and may save such data for longer period for invoicing, reporting, discrepancy reasons and to prevent fraud, but in any case, for no longer than 12 months.
After this time or at the time you wish your data to be removed (see section 10) we employ measures to delete it. Personal data collected for other purposes is held no longer than necessary for our business purposes but is anonymized. For example, we retain anonymized impression and click data to ensure we can meet auditing requirements related to services provided or to meet legal requirements.
9. Security
We apply technical, administrative and organizational security measures to protect the data we collect against accidental or unlawful destruction and loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against other unlawful forms of processing.
10. Data Subject Requests for Data Access or Deletion
Article 15 and 17 of the GDPR provides data subjects with the right to access and/or delete personal data that is related to him/her or is about him/her. Wagawin will cooperate with its partners (i.e. Publishers) to help them to fully comply with any access and/or deletion request of a data subject and shall provide its partners with the requested information or confirmation of deletion of such information, as soon as possible.
The GDPR gives you specific rights to your personal data we process; these rights include obtaining copies of it, requesting changes to it, restricting the processing of it, deleting it, or receiving it in a common electronic format so it can be moved to another controller. To exercise your rights, just contact us on the address stated in section 11.
In case that we process your data based on our legitimate interests pursuant to art. 6 para. 1 letter f GDPR, you can contradict the future processing of your data for other purposes not being based on legitimate interest. You also have the right to desire only a limitation of the processing based on certain purposes (art. 18 GDPR).
11. Note on the responsible body
The responsible body for data processing on this website is:
Wagawin GmbH,
represented by its managing directors Nicolas Leonhardt und Andreas Merold,
Possartstraße 6
D-81679 München
Telephone: +49 (0) 89 62 42 21 00
E-Mail: privacy@wagawin.com
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
In the event of violations of data protection laws, you have the right to lodge a complaint with the Bayerisches Landesamt für Datenschutzaufsicht.