Status: May 4th 2018
Special note on giving approval for data processing:
For the purposes of establishment, performance and development of the contractual relationship, the user gives his/her approval for the collection, processing and use of his/her personal data by myiyo. The data processing entity in the sense of the applicable data protection legislation is mo’web GmbH, Mertensgasse 12, 40213 Düsseldorf, Germany.
Contact Company Data Protection Officer: firstname.lastname@example.org
Professional codices and ethics - myiyo is a service by mo’web GmbH, which is listed in the ESOMAR Directory of Research Organizations. Mr. Herbert Höckel, Managing Director of mo’web, is also a personal member of ESOMAR (World Association of Opinion and Marketing Research Professionals). ESOMAR has issued clear directives for an ethical professional conduct (ICC/ESOMAR International Code of Marketing and Social Research Practice). Furthermore, mo’web is a corporate member of the BVM (Berufsverband Deutscher Markt- und Sozialforscher e.V. - Association of German Market and Social Researchers) and the DGOF (Deutsche Gesellschaft für Online-Forschung e.V. - German Society for Online Research) which have also issued clear directives for data protection and ethical conduct in market research practice.
1. What are personal data?
Personal data are individual items of information regarding the personal or factual situation of a defined or definable natural person (the person affected) (Section 3 I BDSG/German Data Protection Act). Items of information whose collection and use is required for the establishment, formation of the content of or making changes to the contractual relationship between myiyo and the user (inventory data, such as first name and surname), or to enable the use of the services of myiyo (usage data, such as the log-in password) are among those considered as personal data.
2. What information is to be provided to myiyo, what conditions can you agree with myiyo and other users and what happens to your personal files?
- 2.1 Information given on registration
Initially, myiyo will collect and process certain personal data for registration purposes. These are primarily:
- Name (first name and surname)
- Email address
This is information required for successful registration.
The password is private. It will not be visible to members of myiyo at any time and will not be given to third parties under any circumstances.
The default settings provide for the Email address to be private. However the user can make it public for friends or for all users by changing the setting under the "Profile Settings" page.
Name, gender and country are public and therefore visible to all other users according to default settings. myiyo recognises the country based on the user`s IP address in order to simplify the registration. This information can be modified by the user under the "Profile Settings" page. Visibility for gender and country can be limited to friends or made private. The name is always public. The birthday is visible to friends by default. The age of the user is calculated based on the borthday and is public by default. The user can limit the visibility of his/her age and birthday separately under the "Profile Settings" page.
Information regarding the user`s employment is private and not visible to other users.
- 2.2 Voluntary information
In order to do justice to the community idea, the default settings provide for the profile to be partially public and therefore in principle visible to all other users. The term profile includes all the user`s pages.
According to the default settings the user`s "About me" page as well as the user`s friendslist are set public. The user`s Shoutbox and photos are visible to the user`s friends by default.
Visibility may however be limited at any time by the user in the "Profile Settings" under the subsection "Privacy".
The "Profile Questionnaire" allows the user to give a large number of his/her personal information regarding the topics education, employment, household, travel, use of goods and services, internet, computer, spartphone, transport, health. This information cannot be made visible to other users. This information is used to better determine which surveys the user can be invited to. The data is also used for other market research in an anonymized form. myiyo does not give this data to trird parties.
The user is asked to participate in surveys on a regular basis where he/she can give more information. The participation in idividual surveys is voluntary as is answering the questions therein. Surveys are commisioned by the clients of mo’web for the purpose of conducting opinion and market research. The data collection within surveys takes place in an anonymized form. A client is not able to match answers given in surveys to individual user accounts in myiyo or other personally identifiable data such as the user`s email address or postal address.
- 2.3 Changes to the information
The user can change any information at any time. This applies both to required and to voluntary profile information.
- 2.4 Visibility for non-users and availability for search engines
Users not logged in can view all profile information marked as public. This public content can also be accessed by search engines.
- 2.5 Ending membership
Membership can be ended at any time. The user can find the termination form under the "Profile Settings" while logged in. After successful termination, personal data are deleted. Entries by the user in other user`s Shoutboxes, comments and privately sent messages will however remain, though with no information on identity and with a note that the contribution was made by a deleted user.
Cookies are also used to keep information regarding where the user originated from in case the user reached the myiyo websites via an advertising link from an external site. These types of cookies are used to measure the success of ad campaigns. These cookies are also stored for one week unless the user deletes them manually.
myiyo also stores a cookie when the user enters a survey hosted externaly. This cookie is used to make sure the user`s participation in the survey is recorded correctly on the user`s return to myiyo from the survey. This cookie is also used to help prevent the same user from participating in the same survey more than once.
- 2.7 Server log files
myiyo website usage data are saved in protocol files and server log files on access. The following data is recorded:
- IP address of the computer accessing the site
- Name of accessed file
- Date and time of the access, status, quantity of data transferred and URL of origin (referrer) from which the user has arrived at the accessed site
- Information about the browser used (user agent)
- Type of operating system
myiyo evaluates these data in an anonymous form for statistical purposes. It is possible, for instance, to determine the times when myiyo websites are particularly heavily frequented and the volume of data created. Furthermore, possible errors can be spotted and rectified more quickly in this way. Server capacities are also easier to control. The server log files, therefore, help to continually improve the services offered and the user-experience of myiyo.
- 2.8 Notification
myiyo sends notification emails to the user when the user receives a private message by another user, when other users comment on content by the user or content that the user has previously commented on, when content by the user receives a thumbs-up by another user, when the user linked in a photo by another user, when a friend of the user has his/her birthday. Invitations to surveys are also sent to the user via email. The user can disable these notification emails in the "Profile Settings" while logged-in. In addition to this the user can also use the unsubscribe-link, sent with all emails from myiyo in the footer, in order to disable email-sending to his/her email address. This unsubscribe-link can be used even when not logged-in.
- 2.9 Transfer of personal data to third parties
In the following cases, personal data may possibly be transferred to third parties:
- Third parties can access information from the user, which is public according to the user`s privacy settings.
- The transfer of personal data to third parties can only take place with the explicit agreement of the user.
- myiyo may grant judicial authorities access to personal data on demand or in the case of illegal use of myiyo websites.
- 2.1 Information given on registration
3. Rights of the user
- 3.1 Revocation
Personal data will be collected, processed and used for the following purpose: the storage of data is to ensure the security of myiyo websites. It allows monitoring for violations of law and attempts at misuse. The use of the personal data is also essential for the ongoing optimisation of myiyo websites and general user administration. Finally, the data are used to publish information that the user, within the privacy settings, has set as public.
The user behaviour of all members is stored, so there are no options of choice in this respect. Revocation of agreement will therefore lead to deletion of the user account.
The regular privacy options are not revocable.
- 3.2 Self-information
- 3.1 Revocation
4. Reserving the right to make changes
Additional information regarding Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; "Google"). The use includes the "Universal Analytics" operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user's activities across devices.
Additional information for users who choose to make use of voucher offers from our partner Sovendus GmbH:
In order to select a currently interesting voucher offer for you, we will transmit your pseudonymised hash value of your e-mail address and your IP-address in encrypted form to Sovendus GmbH, Moltkestrasse 11, D-76133 Karlsruhe (Sovendus) (Art. 6 par. 1 f GDPR). The pseudonymised hash value of your e-mail address is used to consider a possibly existing objection to receive offers from Sovendus (Art. 21 par.3, Art. 6 par. 1 c GDPR). The IP-address will be exclusively used for data security purposes and as a rule the same will be anonymised after seven days (Art. 6 Abs.1 f DSGVO). Furthermore, we will transmit session ID, coupon code, and time stamp in pseudonymised form to Sovendus for billing purposes (Art. 6 Abs.1 f DSGVO). If you are interested in a voucher offer of Sovendus, while there is no objection existing to receive such offers, and if you click on the voucher banner, we will transmit your form of address, your name and your e-mail address in encrypted form to Sovendus to prepare a voucher (Art. 6 par. 1 b, f GDPR). You will find further information about the processing of your data by Sovendus in their Online Data Protection Notice at www.sovendus.co.uk/privacy_policy.