Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy set out below this text.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the section “Information on the controller” in this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter into a contact form.

Other data is collected automatically by our IT systems, or after your consent, when you visit the website. This is primarily technical data (e.g. internet browser, operating system, or time the page was accessed). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other order-related inquiries.

What rights do you have regarding your data?

You have the right at any time to obtain information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request that this data be corrected or deleted. If you have given consent to data processing, you may revoke this consent at any time with effect for the future. In addition, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time regarding this and any other questions on the subject of data protection.

Analytics tools and tools from third-party providers

When visiting this website, your browsing behavior may be statistically analyzed. This is done primarily using so-called analytics programs.

Detailed information about these analytics programs can be found in the privacy policy below.

2. Hosting

We host the content of our website with the following provider:

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the host or hosts. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access data, and other data generated via a website.

External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 para. 1 lit. f GDPR). If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.

Our host or hosts will only process your data insofar as this is necessary to fulfill their service obligations and to follow our instructions regarding this data.

We use the following host:

Vercel Inc.

440 N Barranca Ave #4133

Covina, CA 91723

Data processing agreement

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the internet (e.g. when communicating by email) may have security gaps. Complete protection of data against access by third parties is not possible.

Information on the Controller

The controller responsible for data processing on this website is:

LS Media UG (haftungsbeschränkt)

c/o Postflex #9968

Emsdettener Straße 10

48268 Greven

Telephone: +49 174 2836521

Email: info@screenerhub.app

The controller is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Storage Period

Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once those reasons no longer apply.

General Information on the Legal Bases for Data Processing on This Website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data pursuant to Art. 9 para. 1 GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information on your end device (e.g. via device fingerprinting), data processing is additionally carried out on the basis of Section 25 para. 1 TDDDG. Consent may be revoked at any time. If your data is required for contract fulfillment or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the legal bases applicable in each individual case is provided in the following sections of this privacy policy.

Information on data transfers to third countries that are not secure under data protection law and transfers to US companies that are not DPF-certified

Among other things, we use tools from companies based in third countries that are not secure under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in third countries that are not secure under data protection law.

We would like to point out that the USA, as a secure third country, generally has a level of data protection comparable to that of the EU. Data transfer to the USA is therefore permissible if the recipient has certification under the “EU-US Data Privacy Framework” (DPF) or has suitable additional safeguards. Information on transfers to third countries, including the data recipients, can be found in this privacy policy.

Recipients of Personal Data

As part of our business activities, we work together with various external parties. In some cases, this also requires the transfer of personal data to these external parties. We only pass on personal data to external parties if this is necessary in the context of contract fulfillment, if we are legally obliged to do so (e.g. disclosure of data to tax authorities), if we have a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the disclosure, or if another legal basis permits the disclosure. When using processors, we only pass on personal data of our customers on the basis of a valid data processing agreement. In the case of joint processing, an agreement on joint processing is concluded.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You may revoke consent already given at any time. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THOSE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH ANY PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES TO ESTABLISH, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Information, Rectification, and Erasure

Within the framework of the applicable statutory provisions, you have the right at any time to obtain information free of charge about your stored personal data, its origin and recipients, and the purpose of data processing and, if applicable, a right to rectification or erasure of this data. You can contact us at any time regarding this and any other questions on the subject of personal data.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time regarding this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the verification, you have the right to request restriction of the processing of your personal data.

If the processing of your personal data was or is unlawful, you may request restriction of data processing instead of erasure.

If we no longer need your personal data, but you require it for the exercise, defense, or assertion of legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.

If you have lodged an objection pursuant to Art. 21 para. 1 GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data may, apart from being stored, only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address line changes from “http://” to “https://” and by the lock icon in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted Payment Transactions on This Website

Payment processing is carried out via the payment service provider Stripe. Your payment data is entered directly via Stripe; we ourselves do not process or store any complete credit card or bank account data. Your data is transmitted in encrypted form using SSL or TLS technology. Further information on data processing by Stripe can be found in Stripe's privacy policy.

4. Data Collection on This Website

Cookies

Our websites use so-called “cookies.” Cookies are small data packets and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your end device until you delete them yourself or your web browser deletes them automatically.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies may be used to evaluate user behavior or for advertising purposes.

Cookies required to carry out the electronic communication process, to provide certain functions you request (e.g. for the shopping cart function), or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is stated. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG); consent may be revoked at any time.

You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

If additional cookies and services are used on this website, you can find this information in this privacy policy.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version

Operating system used

Referrer URL

Hostname of the accessing computer

Time of the server request

IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website; for this purpose, the server log files must be recorded.

PostHog

We use PostHog to analyze user behavior on our platform in order to improve our offering technically and in terms of content. The provider is PostHog, Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA Website: https://posthog.com. Depending on the consent status, PostHog is operated in two modes:

1. Cookieless mode (without consent)

If no consent has been granted for analytics cookies, use takes place in a cookieless mode. Processed data: Aggregated usage events (e.g. clicks, page views, dwell time), device information (user agent, hostname). Individual persons are not identified. IP addresses are not stored permanently. Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in privacy-friendly product optimization).

2. Cookie mode (with consent)

Following explicit consent via our consent tool, PostHog is used in extended mode. Processed data (additionally): Persistent user identifiers (distinct ID), session ID, device ID, feature flags, where applicable IP address, referrer information, UTM parameters, and other technical usage data. Storage takes place via cookies and comparable technologies. Legal basis: Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG.

Consent can be revoked at any time via the cookie settings. The provider is certified under the EU-U.S. Data Privacy Framework (DPF), so an adequate level of data protection pursuant to Art. 45 GDPR exists for data transfers to the USA.

We have also concluded a data processing agreement pursuant to Art. 28 GDPR.

Use of AI on the Website

We use AI-supported services and applications on our website to improve our services. As part of the use of our platform, artificial intelligence may be used to generate suggestions for financial criteria based on user input, which the user can incorporate into a filter set for stock screening. In addition, user-created filter sets can be analyzed automatically. In this case, the AI generates suggestions for additional suitable financial criteria that are relevant to the selected filtering approach.

If you use AI-supported functions, the content you enter is transmitted to our backend and from there forwarded to an AI service to generate a response.

Your IP address is not transmitted directly to the AI provider. Processing of the IP address takes place exclusively within the framework of server communication between your end device and our backend. The AI provider only receives the content data required to answer the request and technically necessary server-side metadata.

Automated decision-making within the meaning of Art. 22 GDPR does not take place.

The use of AI-supported functions is based on Art. 6 para. 1 lit. b GDPR, insofar as processing is necessary for the performance of the user relationship. Insofar as the processing goes beyond this, it is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in optimizing our services and further developing our offering. If consent is required in individual cases (e.g. for the use of cookies or comparable technologies), processing is additionally carried out on the basis of Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG; consent may be revoked at any time.

Further information on the specific AI services used, in particular on providers, third-country transfers, and storage duration, can be found in the section “Plugins and Tools” of this privacy policy.

Inquiry by Email, Telephone, or Fax

If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), if this has been requested; consent may be revoked at any time.

The data you send to us via contact inquiries remains with us until you request us to delete it, revoke your consent to its storage, or the purpose for storing the data no longer applies (e.g. after your request has been fully processed). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.

Email and Support System: Zoho Mail and Zoho Desk

For the receipt, sending, and storage of emails, as well as for the structured handling of support inquiries, we use the services Zoho Mail and Zoho Desk. The provider is Zoho Corporation B.V., Beneluxlaan 4B, 3527 HT Utrecht, Netherlands.

If you contact us (e.g. by email or via a support form), your inquiry and the associated personal data are processed in our email and ticketing system. This includes in particular:

Name
Email address
Communication content
Transmitted attachments
Ticket numbers and status information
Internal processing notes
Technical metadata of the communication (e.g. timestamps)

Processing is carried out for the purpose of handling your request, organizing our customer support, and documenting communication histories.

The legal basis is Art. 6 para. 1 lit. b GDPR if your request is connected with an existing or impending contractual relationship. In all other cases, processing is carried out on the basis of our legitimate interest in efficient and structured handling of inquiries pursuant to Art. 6 para. 1 lit. f GDPR.

The data is processed primarily within the European Union. Access from third countries in the context of maintenance or support services cannot be ruled out. In such cases, protection is ensured by concluding a data processing agreement pursuant to Art. 28 GDPR and, where necessary, by appropriate safeguards pursuant to Art. 46 GDPR (e.g. standard contractual clauses).

The data is stored as long as this is necessary to process your request or as long as statutory retention obligations exist. It is then deleted unless there are further legal reasons for storage.

A data processing agreement pursuant to Art. 28 GDPR has been concluded with the provider.

Registration on This Website

You can register on this website in order to use additional features on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.

For important changes, for example regarding the scope of the offer or technically necessary changes, we use the email address provided during registration to inform you in this way.

The data entered during registration is processed for the purpose of carrying out the user relationship established by the registration and, if applicable, for the initiation of further contracts (Art. 6 para. 1 lit. b GDPR).

The data collected during registration is stored by us as long as you are registered on this website and is then deleted. Statutory retention periods remain unaffected.

Registration with Google

Instead of registering directly on this website, you can register with Google. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To register with Google, you only need to enter your Google name and password. Google will identify you and confirm your identity to our website.

If you sign in with Google, it may be possible for us to use certain information on your account to complete your profile with us. Whether and which information this is depends on your Google security settings, which you can find here: https://myaccount.google.com/security and https://myaccount.google.com/permissions.

The data processing associated with Google registration is based on our legitimate interest in enabling our users to complete the registration process as easily as possible (Art. 6 para. 1 lit. f GDPR). Since use of the registration function is voluntary and users themselves decide on the respective access options, there are no overriding conflicting rights of the data subjects apparent.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

5. Newsletter

Newsletter Data

If you would like to subscribe to the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. For newsletter handling, we use newsletter service providers, which are described below.

MailerLite

This website uses MailerLite for sending newsletters. The provider is MailerLite Limited, “MailerLite”, 38 Mount Street Upper, Dublin 2, D02PR89 Ireland (hereinafter “MailerLite”).

MailerLite is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of subscribing to the newsletter is stored on MailerLite's servers.

If you do not want MailerLite to analyze your data, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

With the help of MailerLite, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links were clicked, if any. In this way, we can determine, among other things, which links were clicked particularly often.

We can also identify whether certain previously defined actions were carried out after opening or clicking the newsletter (conversion rate). In this way, we can, for example, determine whether you made a purchase after clicking the newsletter.

MailerLite also enables us to segment newsletter recipients according to different categories (“clustering”). Newsletter recipients can, for example, be segmented by age, gender, or place of residence. In this way, newsletters can be better adapted to the respective target groups.

Detailed information about MailerLite's functions can be found at the following link: https://www.mailerlite.com/features.

MailerLite's privacy policy can be found at: https://www.mailerlite.com/legal/privacy-policy.

Data processing is carried out on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You may revoke this consent at any time with effect for the future.

The data you have stored with us for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or once the purpose no longer applies. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Data stored with us for other purposes remains unaffected by this.

After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and is not combined with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest.

6. Plugins and Tools

ChatGPT

We have integrated ChatGPT into this website. The provider is OpenAI, L.L.C., 3180 18th Street, San Francisco, CA 94110, USA (hereinafter ChatGPT).

ChatGPT enables us to provide AI-supported functions for the analysis of user input and to generate suggestions for optimizing filter criteria in the context of stock screening. For this purpose, we transmit user-entered content (e.g. search parameters, filter criteria, text input), communication data, usage data, and technical metadata (e.g. IP address, timestamps, device and browser information) to the provider.

The legal basis for the transfer is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in providing modern AI-supported analysis functions and improving our online offering. If the use of cookies or comparable technologies requires consent, processing is additionally carried out on the basis of Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG.

Processing of the transmitted content does not take place exclusively on our behalf. In accordance with its own privacy policy, the provider may also process the transmitted data for its own purposes, in particular for the further development and improvement of the AI models. In this respect, the provider is an independent controller under data protection law.

Further details can be found in the provider's privacy policy at https://openai.com/privacy.

The transfer of personal data to the USA takes place on the basis of the adequacy decision of the European Commission (EU-US Data Privacy Framework), provided that corresponding certification exists.

The entry of special categories of personal data within the meaning of Art. 9 GDPR is not intended.

Claude (Anthropic)

We have integrated Claude into this website. The provider is Anthropic PBC, 548 Market Street, PMB 90375, San Francisco, CA 94104, USA (hereinafter Claude).
Claude enables us to provide AI-supported functions for the analysis of user input and to generate substantive suggestions for optimizing filter criteria in the context of stock screening. For this purpose, we process user-entered content (e.g. search parameters, filter criteria, text input), communication data, usage data, and technical metadata (e.g. IP address, timestamps, device and browser information).
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in providing modern AI-supported analysis functions and the ongoing optimization of our online offering. If consent is required, processing is additionally carried out on the basis of Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG.

Further details can be found in the provider's privacy policy at https://www.anthropic.com/privacy.

The personal data collected is stored only as long as this is necessary to provide the AI function or as long as statutory retention obligations exist. The transfer of personal data to the USA takes place on the basis of the adequacy decision of the European Commission (EU-US Data Privacy Framework), provided that the provider is correspondingly certified. The entry of special categories of personal data within the meaning of Art. 9 GDPR is not intended.

YouTube with Enhanced Privacy Mode

This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of these pages on which YouTube is embedded, a connection is established to YouTube's servers. In this process, the YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize browsing on YouTube. Advertisements displayed in enhanced privacy mode are also not personalized. No cookies are set in enhanced privacy mode. Instead, however, so-called local storage elements are stored in the user's browser, which contain personal data similar to cookies and can be used for recognition. Details on enhanced privacy mode can be found here: https://support.google.com/youtube/answer/171780.

Further data processing operations may be triggered after activating a YouTube video, over which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.

Further information about data protection at YouTube can be found in its privacy policy at: https://policies.google.com/privacy?hl=de.

Supabase

We use Supabase to provide our database infrastructure and for user authentication. Provider: Supabase, Inc., 548 Market St, PMB 86778, San Francisco, CA 94104, USA Website: https://supabase.com. Supabase enables us to store, manage, and process user data within our web application. In addition, we use Supabase for secure authentication of user accounts.

Data concerned: Email addresses, names, hashed passwords, session and authentication tokens, login timestamps, IP addresses, and account-related metadata (e.g. creation and update timestamps). In addition, all content that users store within the application is processed (e.g. screener configurations, watchlists, portfolio data, profile details, and other free text entries).

Legal basis: Art. 6 para. 1 lit. b GDPR (contract fulfillment) and Art. 6 para. 1 lit. f GDPR (legitimate interest in a secure, high-performance, and scalable IT infrastructure).

Data transfer to third countries: A transfer of personal data to the USA cannot be ruled out. Protection is ensured by a data processing agreement (DPA) pursuant to Art. 28 GDPR and the European Commission's standard contractual clauses (SCCs) pursuant to Art. 46 GDPR.

Storage period: Data is stored as long as the user account exists or as long as this is necessary for contract fulfillment. After deletion of the account, the associated personal data is deleted unless statutory retention obligations exist.

We have concluded a data processing agreement with the provider pursuant to Art. 28 GDPR.

Resend

We use Resend for sending transactional emails (e.g. registration confirmations, password reset emails, account notifications). The provider is Plus Five Five, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA Website: https://resend.com

Processed data: Email address, where applicable first name, email content (e.g. confirmation codes, system information), and technical sending metadata (time, delivery status).

Legal basis: Art. 6 para. 1 lit. b GDPR (contract fulfillment or implementation of pre-contractual measures). Transfer to the USA may take place. Protection is ensured by a data processing agreement and the standard contractual clauses pursuant to Art. 46 GDPR.

Sending and log data is stored only as long as this is necessary to ensure delivery and traceability. We have concluded a data processing agreement with the provider pursuant to Art. 28 GDPR.

7. eCommerce and Payment Providers

Processing Customer and Contract Data

We collect, process, and use personal customer and contract data for the establishment, content design, and modification of our contractual relationships. We collect, process, and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to make use of the service or to bill for it. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

The collected customer data will be deleted after completion of the order or termination of the business relationship and expiry of any statutory retention periods that may exist. Statutory retention periods remain unaffected.

Payment Services

We integrate payment services from third-party companies on our website. If you make a purchase with us, your payment data (e.g. name, payment amount, bank details, credit card number) is processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective providers apply to these transactions. The use of the payment service providers is based on Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment process (Art. 6 para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consents may be revoked at any time with effect for the future.

We use the following payment services / payment service providers within the scope of this website:

Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

Further details can be found in Stripe's privacy policy at the following link: https://stripe.com/de/privacy.