Privacy policy

We do not sell, exchange or otherwise make available any personally identifiable information to any organizations. We may update this policy and will notify you about significant changes by sending a notice to the email address specified in your account.

I. Name and address of the data controller

The responsible person within the meaning of the General Data Protection Regulation (GDPR) law as well as any other provisions on data protection is:

Maxim Saltanov
Websites:
www.mapmyself.com
www.mapul.com

II. Name and address of the data protection officer

Maxim Saltanov
Websites:
www.mapmyself.com
www.mapul.com

III. General information on data processing

1. Scope of processing of personal data

We generally only process personal data our users if we require this data to offer you the full functionality of our website or if the information is required for access to our content and services.

Your personal data is usually only processed once the user provides their consent. The exception to this rule applies when it's not possible to obtain prior consent for practical reasons and the processing of this data without permission is permitted by law.

2. Legal basis for processing personal data

Article 6, section 1, item (a) of the EU General Data Processing Regulation (GDPR) serves as the legal basis for processing personal data in cases where the user has provided permission for us to do so. In cases where processing personal data is necessary for the performance of a contract that the user in question has signed, article 6, section 1, item b) of the GDPR applies. This also applies for processing procedures that are required for the performance of pre-contractual measures. If the processing of personal data is required for the fulfilment of legal obligations that our company is subject to, article 6, section 1, item (c) of the GDPR applies. For cases in which the vital interests of the person concerned, or those of another natural person, make it necessary to process personal data, article 6, section 1, item (d) of the GDPR applies. If the processing of personal data is necessary to safeguard the interests of our company or a third party, and the interest, fundamental rights and freedoms of the data subject do not outweigh these interests, article 6, section 1, item (f) of the GDPR applies as the legal basis for processing data.

3. Erasure of data and duration of data storage

The personal data of the person concerned is deleted or blocked as soon as the data has served its purpose. Data may be stored beyond this period if provisions are made to this effect by European and national legislators in regulations, laws or other legal texts in accordance with the union law that the data controller is subject to. The data will also be deleted or blocked if the storage period specified in these regulations expires, unless the storage of this data for a longer period is required for the conclusion of a contract or the fulfilment of contractual obligations.

IV. Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the device of the user accessing the site. The following data is collected as part of this process:

• The user's IP address
• The date and time of website access
• Data is also stored in log files on our system. Neither this data nor any other personal data about the user is stored.
2. Legal basis for processing data

The legal basis for temporary storage of data and log files can be found in article 6, section 1, item (f) of the GDPR.

3. Purpose of processing personal data

Temporary storage of IP addresses on the system is necessary in order to make the website available on the user's device. The user's IP address must be stored for the duration of the session. IP addresses are stored in log files to ensure the functionality of the website. Data stored in this way is not evaluated for marketing purposes. These purposes also constitute legitimate interest for processing data within the meaning of article 6, section 1, item (f) of the GDPR.

4. Duration of storage

Data is deleted as soon as the purposes it has been collected for have been fulfilled. If the collection of data is necessary for the provision of the website, data is deleted as soon as the respective session is complete. If data is stored in log files, data will be deleted no more than 14 days after the website is accessed. It is possible that data will be stored for a longer period. In this case, the user's IP address is deleted or distorted, to ensure that the customer accessing the site can no longer be identified.

5. Revocation and deletion

The collection of data for the provision of the website and the storage of data in log files is essential to the operation of the website. There is therefore no possibility for the user to opt out.

V. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are small text files stored in the web browser of the user's device. When a user accesses to a website, a cookie may be stored on the user's operating system. This cookie contains a unique string of characters that make it possible to identify the browser if the user accesses the website again. We use cookies to make our website more user-friendly. Certain elements on our website require us to be able to identify the browser of the user accessing the website even if the user comes back to the site after leaving.

2. Legal basis for processing data

The legal basis for processing personal data using technical cookies can be found in article 6, section 1, item (f) of the GDPR. The legal basis for processing personal data using cookies for the purposes of analysis is the users consent, which can be found in article 6, section 1, item (a) of the GDPR.

3. Purpose of processing personal data

The purpose of using technical cookies is to make the website easier for the user to navigate. Certain functions on our website cannot be provided without the use of cookies. For these functions, it is necessary for the website to be able to recognise the browser even after the user navigates away from the website.

4. Duration of storage/revocation and deletion options

Cookies are stored on the user's device before being transferred to our website. Users therefore have full control over how cookies are used. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. Stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that certain functions will no longer be available.

VI. Registration

1. Description and scope of data processing

We provide users with the option to register on our website by entering their personal data. This data is entered into an online registration form before being transferred to us and stored on our system. This data is not shared with any third parties. The following data is collected as part of the registration process:

  • Name
  • Email address
  • Chosen password
  • The user's IP address

Users are asked to provide their consent for this data to be processed as part of the registration process.

2. Legal basis for processing data

The legal basis for processing data once consent has been provided can be found in article 6, section 1, item a) of the GDPR. If registration is required for the fulfilment of a contract the user is party to, or for the implementation of pre-contractual measures, an additional legal basis for the processing of this data can be found in article 6, section 1, item b) of the GDPR.

3. Purpose of processing personal data

Users are required to register on our website for the purposes of concluding contracts or for the implementation of pre-contractual measures.

4. Duration of storage

Data is deleted as soon as the purposes it has been collected for have been fulfilled. This applies to data collected during the registration process in order to conclude a contract or for the implementation of pre-contractual measures, if the data is no longer required for the fulfilment of the contract. Even once the contract has been concluded, it may be necessary to store the contractual partner's personal data in order to meet contractual or statutory obligations. Your data will be deleted after the end of the contract, unless statutory provisions (e.g. from tax law) provide for longer storage.

5. Revocation and deletion options

As a user, you have the option to cancel your registration at any time. You also have the option to modify the data you have provided at any time. If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, data can only be deleted if there are no legal requirements preventing the deletion of this data.

VII. Contact forms and email contact

1. Description and scope of data processing

A contact form is available on our website that can be used to get in touch with us online. If a user takes advantage of this service, the data entered into the contact form is transferred to us and stored on our system.

These data includes:
  • Name
  • Email
  • IP address of user
  • Date and time of registration

During the subscription process, the user is asked to provide their consent for their data to be processed. A link to this data protection declaration is also provided. Alternatively, it is possible to contact us using the email address provided. In this case, the personal data transferred when the email was sent is stored on our system. None of the data collected for these purposes is shared with third parties. The data is used exclusively for the purpose of processing the conversation.

2. Legal basis for processing data

The legal basis for processing data once consent has been provided can be found in article 6, section 1, item a) of the GDPR. The legal basis for processing data transferred when a user sends an email can be found in article 6, section 1, item a) of the GDPR. If the email is sent for the purposes of concluding a contract, the legal basis for processing this data can also be found in article 6, section 1, item b) of the GDPR.

3. Purpose of processing personal data

The sole purpose of processing personal data provided in our on-line form is to process any communication between our company and the respective user. If a user contacts us by email, this also constitutes a legitimate interest for processing data. Any other data processed when a user sends an email is used to prevent the misuse of our contact form and ensure the security of our IT systems.

4. Duration of storage

Data is deleted as soon as the purposes it has been collected for has been fulfilled. In the case of personal data entered into the contact form, as well as any data sent to us by email, data is deleted once the respective conversation with the user is terminated. The conversation is deemed as terminated once the respective situation is resolved. Any additional personal data collected when an email is sent is generally deleted no later than 14 days after being stored.

5. Revocation and deletion options

The user has the option to revoke their consent for their data to be processed at any time. If the user contacts us by email, they can revoke their consent for their data to be stored at any time. In this case, the conversation cannot be carried on any further. In this case, all personal data provided during the contact procedure is deleted.

VIII. Web analytics using Google Analytics

This website uses Google Analytics with Google Tag Manager, a web analytics tool provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files saved on your device, to help the website to analyze how you use the site. The information generated by the cookie and regarding your behavior when using the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. If the the IP anonymization is activated, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area before transferring data. Only in exceptional cases, the full IP address is sent to Google servers in the USA and then shortened. On behalf of the website provider, Google will use this information for the purpose of analyzing your behavior when you are using the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website provider. Google will not link your IP address to any other data stored by Google. You may disable cookies by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can object to forwarding the data collected with cookies when you visit this website (including the IP address) to Google and prevent Google from processing of data by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en-GB. Google Analytics cookies are stored on the basis of Article 6, section 1, item a) GDPR. The storage is unlimited in time, unless you make use of your possibilities to opt out. In exceptional cases, Google Analytics transfers personal data into the USA, which is subjected to the EU-US-Privacy-Shield https://www.privacyshield.gov/EU-US-Framework . (Legal basis for the use of Google Analytics is Article 6, section 1, item f) GDPR) Information on Google: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Terms of service: https://www.google.com/analytics/terms/us.html, Overview of Privacy Policy: http://www.google.com/intl/en/analytics/learn/privacy.html, Privacy Policy declaration: http://www.google.de/intl/en/policies/privacy.

IX. Subscription or Registration via Facebook

You can sign up for our service with your Facebook account (Facebook Connect). You are forwarded by a link to the Facebook website (Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA), where you can log in with your Facebook login credentials.

1. Scope of processing of personal data

When you sign in using your Facebook account, your Facebook profile will be linked to our service. Please note that we have no influence on the processing of data by Facebook. Please note that you may need to log out of your Facebook account after the transfer process. We receive the following information from Facebook: Name, surname, email address The only information that we use from Facebook is the following: Name, surname, email address This information is mandatory for the login to be able to identify the user. For more information about Facebook Connect, please see Facebook's Privacy Policy and Terms of Service.

2. Legal basis for processing personal data

The legal basis for processing personal data in the subscription or registration process can be found in article 6, section 1, item f) of the GDPR.

3. Purpose of processing personal data

Facebook Connect is used to make your login to our product as convenient as possible.

4. Duration of storage

Data provided to us from Facebook is deleted as soon as the purposes it has been collected for have been fulfilled. If data is stored in log files, data will be deleted no more than 14 days after the website is accessed. It is possible that data will be stored for a longer period. In this case, the user's IP address is deleted or distorted, to ensure that the customer accessing the site can no longer be identified.

5. Revocation and deletion

Users have the possibility to cancel the registration at any time. You can change or delete the data stored about you at any time.

X. Rights of the data subject

The following list comprises all the rights of the data subject under the GDPR. You should not include any rights in your declaration that do not apply to your specific website. The list should be modified appropriately. If your personal data is processed, you are deemed a 'data subject' within the meaning of the GDPR and have the following rights.

1. Right to information

You may ask the data controller to confirm whether any personal data concerning you is processed by us. If this is the case, you can request the following information from the data controller:

• the purposes for which the personal data is processed;
• the categories of personal data processed;
• the recipient or categories of recipients the respective personal data has been shared with or continues to be shared with;
• the planned storage duration of the respective personal data or, if no specific information is available, the criteria for determining storage duration
• whether you have the right to rectification or erasure with regard to the respective personal data, the right to restriction of processing carried out by the data controller or the right to object to processing;
• whether you have the right to appeal to a supervisory authority;
• all available information regarding the origin of the data, if the personal data has not been collected from the data subject;
• whether an automated individual decision-making process including profiling exists in accordance with article 22, sections 1 and 4 of the GDPR and, in this case, what authoritative information is available on the logic involved, as well as the scope and intended effects of this type of processing on the data subject.

You have the right to request information regarding whether your personal data is shared with another country or state, or to an international organisation. In this regard, you may request information on the appropriate guarantees in accordance with article 46 of the GDPR in relation to transfer of data.

2. Right to rectification

You have the right to obtain from the data controller rectification and/or completion of your data if the processed data concerning you is inaccurate or incomplete. The data controller is required to make the correction without undue delay.

3. Right to restriction of processing

Under the following circumstances, you may request the restriction of processing of any of your personal data:

• if you contest the accuracy of your personal data for a period of time that enables the data controller to verify the accuracy of your personal information; • if the processing is unlawful and you refuse the erasure of the personal data in favour of restricted use of the personal data; • the data controller no longer requires the personal data for processing purposes, but you require it for the establishment, exercise, or defence of legal claims;

You have objected to processing pursuant to article 21, section 1 of the GDPR pending verification of whether the legitimate grounds of the controller override your own.

If the processing of your data is restricted, this data will – with the exception of storage – only be processed with your consent or for the establishment, exercise of defence of legal claims or for the protection of the rights of another natural person or for reasons of important public interest of the Union or of a member state. If you have obtained restriction of processing pursuant to the aforementioned provisions, you will be informed by the controller before the restriction of processing is lifted.

4. Right to erasure
a) Erasure obligation

You may request from the data controller that your personal data be deleted without undue delay. The data controller is under obligation to delete the data without undue delay if any of the following points apply:

• the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
• the data subject withdraws consent on which the processing is based according to article 6, section 1, item a), or article 9, section 2 GDPR, and where there is no other legal ground for the processing;
• the data subject objects to the processing pursuant to article 21, section 1 GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to article 21, section 2 GDPR;
• • the personal data has been unlawfully processed;
• the personal data has to be deleted for compliance with a legal obligation in the Union or Member State law to which the controller is subject;
• the personal data has been collected in relation to the offer of information society services referred to in article 8, section 1.
b) Information for third parties

Where the data controller has made the personal data public and is obliged pursuant to article 17, section 1 GDPR to delete the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers who are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, that personal data.

c) Exceptions

Right to erasure does not apply to the extent that processing is necessary

• for exercising the right of freedom of expression and information;
• for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
• for reasons of public interest in the area of public health in accordance with article 9, section 2, items h), and i), and article 9, section 3 of the GDPR.
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89, section 1 of the GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
• for the establishment, exercise or defence of legal claims.
5. Right to notification

If you have the right to notification, erasure or restriction of processing, the data controller is required to communicate this rectification, erasure or restriction to all recipients to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed by the data controller about these recipients.

6. Right to data portability

You have the right to receive any personal data you have provided to the data controller in a structured, commonly used, machine-readable format. You also have the right to transmit this data to another data controller without hindrance from the controller to which you have provided your data, if

• the processing is based on consent pursuant to article 6, section 1, item a) of the GDPR or article 9, section 2, item a) of the GDPR or on a contract pursuant to article 6, section 1, item b) of the GDPR; and
• the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others. The right to portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on article 6 section 1 item e) or f) of the GDPR, including profiling based on those provisions. The data controller will no longer process the personal data unless they demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. If your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes. In the context of the use of information society services and notwithstanding Directive 2002/58/EC, you have the option to exercise your right to object by automated means using technical specifications.

8. Right to revoke the data protection consent declaration

You have the right to revoke your data protection consent declaration at any time. Revocation of consent does not affect the legality of any processing carried out on the basis of consent prior to revocation. In the event of revocation of your consent, we are currently no longer able to make our products available to you for technical reasons.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects that concern you or affects you in a similarly significant way. This does not apply if the decision

• is necessary for entering into, or performance of, a contract between you and the data controller;
• is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your own rights and freedoms and legitimate interests or
• is based on your explicit consent

These decisions must be not be based on special categories of personal data referred to in Article 9, section 1 of the GDPR, unless article 9, section 2, item a) or g) of the GDPR apply and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in points (1) and (3), the data controller will implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the member state you are a resident of, your place of work, or place of alleged infringement if you believe that the processing of your personal data violates the provisions of the GDPR. The supervisory authority to which the complaint has been submitted must inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to article 78 of the GDPR.

Last modified: October 07, 2018