This section of our website is designed to give you access to our Data Protection Declaration, that is intended to provide you with information on the collection and processing of personal data when using our website www.allpago.com.
Data Protection Declaration of ALLPAGO
1. General information on Data Privacy
1.1. This Data Protection Declaration is intended to provide you with information on the collection and processing of personal data when using our website www.allpago.com. Personal data means individual information on personal or factual circumstances being attributable to an identified or identifiable natural person.
1.2. The company being responsible according to Art. 4 Para. 7 GDPR (General Data Protection Regulation) is Allpago GmbH (hereinafter also referred to as “allpago” or “we”), Schumannstraße 5, 10117, Berlin, Germany. The Company Data Protection Officer of Allpago GmbH can be contacted at the above address, attn. Mr Brunno Silva, or at firstname.lastname@example.org.
2. Rights of Affected Persons
2.1. In accordance with Art. 15 GDPR, you have the right, upon request and free of charge, to receive information about the personal data that has been stored about you. In accordance with Art. 16, 17 and 18 of the GDPR, you also have the right to have incorrect data corrected and your personal data blocked, deleted or processed to a limited extent. Under the conditions laid down in Art. 20 of the GDPR, you are also entitled to receive the personal data concerning you that have been stored in a structured, common and machine-readable format and to transmit this data to another person responsible without any impediment by allpago. In addition, you have the right to withdraw your given consent. In according to Art. 21 Para. 1 GDPR you are also entitled to object to the processing of personal data relating to you, which is carried out on the basis of Art. 6 Para. 1 S. 1 lit. e) or f) GDPR, for reasons arising from your particular situation. You do not need any reason to object to data processing for the purpose of direct advertising. Allpago will fulfil your aforementioned claims, provided that the legal requirements for the assertion of the respective claims are satisfied.
2.2. Any requests for your personal data should be made to the address given in the imprint of our website www.allpago.com or the e-mail address or address specified under Section 1.2. of this data protection declaration.
2.3. You are also entitled to file a complaint with a data protection supervisory authority regarding our processing of your personal data.
3. Subject of this Data Protection Declaration
This Data Protection Declaration exclusively deals with the handling of personal data by allpago. In case our services are performed by subcontractors, you will find the information on the respective procedures below. In case you make use of services provided by third parties via the website, the data protection regulations of the respective third parties apply exclusively. allpago does not check the data protection regulations of third parties
4. Collection and Processing of Personal Data when using our website
We collect, store and process personal data in accordance with Art. 6 Para. 1 lit. b) GDPR for the entire handling of our services. Any and all personal data is processed exclusively in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
4.1. Access Data/ Server-Logfiles
In case our website is exclusively used for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server (server log files/access data). If you wish to view our website, we collect the following data on the basis of Art. 6 Para. 1 S. 1 lit. f) GDPR, which is technically necessary for us to display our website to you and to guarantee stability and security:
Name and content of the accessed website, IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), the amount of data transferred, access status/HTTP status code (referrer URL), browser type, your operating system and its interface, language and version of the browser software.
The hosting provider shall store logfile data for safety purposes (e.g. for clarifying cases of misuse or fraud) for the duration of max. 7 days and deleted after this period. Data which are necessary for evidentiary purposes are stored until the specific incident is clarified.
4.2. Communication with us
When contacting us by e-mail, telephone or contact form the data you provide (your e-mail address, if applicable your
first and last name, your address or your telephone number) will be stored by us in order to answer your question and
handle your concern. The legal basis is provided in Art. 6 Para. 1 S. 1 lit. a) and b) GDPR. Your personal data can be
stored in a customer relationship management system (“CRM system”) or similar systems.
We delete the data acquired in this context once no further storage is necessary or reduce the processing if further
retention is required by law.
access device (PC, Laptop, smartphone, etc.) when you are visiting our website. Cookies cannot run programs or transmit
viruses to your computer. The cookie stores certain information related to the access device. This does not mean that we
become aware of your identity directly. Cookies are used on the basis of Art. 6 Para. 1 S. 1 lit. f) GDPR.
We are using so-called session cookies to recognize, that you visited certain pages of our websites. Those cookies will be
deleted automatically at the time you leave our website. We also use temporary cookies to optimize the usability our
website and which are stored on your device during a certain period. In case you visit our website again to use our
services, you and the inputs or settings you made will be recognized automatically, so you do not have to repeat it.
the data for optimization of the usability of our website (more details in Sect. 10). Those cookies are deleted after a
You can enable or disable cookies via the settings in your browser. However, not all interactive features of our website
relevant section for the different services.
We use server capacities of host provider for the purpose of offering our services through our website (webhosting) on the
basis of Art. 6 Para. 1 S. 1 lit. b) GDPR. For that purpose, all your personal data we process via our website are
transmitted to this service providers on the basis of respective Data Processing Agreements obliging the host provider to
take the appropriate technical and organizational measures in in accordance with Art. 28 GDPR. We chose our host
provider carefully. We only work with providers, who have their servers in the EU or European Economic Community or, if
not so, an adequate level of data protection is guaranteed.
7. Newsletter and Publications
7.1. Our newsletter and publications provide information about us, our services and the markets where we offer such
services. If you would like to receive the newsletter, we need a valid e-mail address from you. For the registration for our
newsletter we use the so-called double opt-in procedure. This means that after your registration we will send you an email
to the specified e-mail address asking you to confirm that you would like to receive the newsletter. If you do not
confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In
addition, we store your IP addresses and the time of registration and confirmation. The purpose of this procedure is to be
able to prove your registration and, if necessary, to clarify a possible abuse of your personal data.
7.2. The only information for sending the newsletter is your e-mail address. After your confirmation we will save
your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 Para. 1 S. 1 lit. a) GDPR.
7.3. We use the MailChimp component for sending our newsletters on the basis of Art. 6 Para. 1 S. 1 lit. f) GDPR.
MailChimp is a service provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA.
If you subscribe to our newsletter, your e-mail address will be transmitted to a server of The Rocket Science Group in the
USA and stored there as long until you decide to unsubscribe as explained in Section 6.4.
According to the Commission implementing Decision (EU) 2016/1250 of 12.07.2016, the transfer of data from an EU
controller or order processor to organizations in the US who have committed themselves to adhere to the framework
principles of the EU-US Privacy Shield, including the additional principles, by way of self-certification with the US
Department of Commerce, is permitted. MailChimp is subject to these principles through self-certification by the US
Department of Commerce. Further information about data protection at MailChimp can be found here:
7.4. At the bottom of each newsletter you will find a link to unsubscribe at any time. You can also unsubscribe from
the newsletter at any time by sending a message to the e-mail address or address given in the imprint of our website
www.allpago.com or under Section 1.2. If the newsletter is cancelled, the personal data stored for the purpose of
providing the newsletter will be deleted, unless there is a legal obligation to keep it in safekeeping.
8. Safe Data Transmission
Your personal data is transmitted securely by encryption. This applies to the order and also to the customer login. We use
the TLS encrypted channel using SSL. No one can guarantee absolute protection. However, we secure our website and
other systems through technical and organizational measures.
9. Duration of Storage and Routine Deletion
9.1. We process and store personal data only during the period necessary to realize the purpose of processing or
during the period of time and to the extent provided for in laws or regulations applicable to the controller.
9.2. If the storage purpose ceases to apply or a legally prescribed storage period expires, the personal data will be
blocked or deleted as a matter of routine and in accordance with the statutory provisions.
10. Integration of Services of Third Parties
10.1. Use of Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc, Google Ireland Ltd, Gordon House, Barrow
analyze how users use the site. The information generated by the cookie about your use of this website is generally
transmitted to and stored by Google on servers in the United States.
The Commission Decision (EU) 2016/1250 of 12.07.2016 allows the transfer of data from an EU controller or processor of
orders to organizations in the US that have committed themselves to adhere to the framework principles of the EU-US
Data Protection Shield, including the additional principles, by way of self-certification with the US Department of
Commerce. Google is subject to these principles through self-certification with the U.S. Department of Commerce.
However, if IP anonymization is activated on our website, Google will reduce your IP address beforehand within Member
States of the European Union or in other states party to the Agreement on the European Economic Area. Only in
exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP
anonymization is active on this website. On behalf of allpago, Google will use this information to evaluate your use of the
website, to compile reports on website activity and to provide other services relating to website and Internet use in
comparison with allpago. Legal basis for the use of Google Analytics is Art. 6 Para. 1 S. 1 lit. f) GDPR.
The IP address transmitted by your browser in the context of Google Analytics will not be merged with other Google data.
do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the
data generated by the cookie and relating to your use of the website (including your IP address) and from processing this
data by Google by downloading and installing the browser plug-in available under the following link:
You can find further information on the data use by Google here:
http://www.google.com/analytics/terms/de.html (User Terms and Conditions)
http://www.google.com/intl/de/analytics/learn/privacy.html (Overview regarding Data Protection)
http://www.google.de/intl/de/policies/privacy (Data Protection Declaration)
10.2. Use of Mailchimp
This website uses the online marketing platform Mailchimp operated by The Rocket Science Group LLC, a company
headquartered in the State of Georgia in the United States. Its use is to allow Allpago to maintain its mailing list and send
campaigns to subscribers. The legal basis for the use of Mailchimp is Art. 6 Par. 1 S. 1 lit. f) GDPR.
Mailchimp and their partners may use various technologies to collect and store information when you interact with
Allpago’s email campaign, and this may include using cookies and similar tracking technologies, such as pixels and web
beacons. For example, Mailchimp uses web beacons in the emails they send on Allpago’s behalf. When you receive and
engage with a Allpago’s campaign, web beacons track certain behavior such as whether the email sent through the
MailChimp platform was delivered and opened and whether links within the email were clicked. They also allow
Mailchimp to collect information such as your IP address, browser, and other similar details. Mailchimp use this
information to measure the performance of our campaigns, and to provide analytics information and enhance the
effectiveness of their services.
Information of the third party provider Mailchimp on data protection is available at
10.3. Use of Zendesk
This website uses the customer support platform Zendesk, a company based in 1019 Market Street, San Francisco, CA
94103, United States with European Representative office in 1 Grand Parade Dublin 6 DO06R9X8 Ireland. Its use is to
allow Allpago to communicate and monitor communication initiated through the website. The legal basis for the use of
Mailchimp is Art. 6 Par. 1 S. 1 lit. f) GDPR.
purposes. These technologies may provide them with personal information, information about devices and networks you
utilize to access Allpago’s website, and other information regarding your interactions with the website. For detailed
Information of the third party provider Zendesk on data protection is available at