Privacy policy App

With our app you can design and order photo books with your smartphone. We want to offer you maximum data protection and transparency. We and our production partners along the entire production chain handle your photos and personal data carefully and professionally at all times. The storage period of your data is limited to an absolute minimum, a "secret" use or passing on of your data for other than contractual purposes is excluded.

In the following, we would like to inform you about what data is involved, how it is processed and what rights you are entitled to. If you have any questions, you can contact our data protection officer at any time at:

datenschutz@pappzarapp.de

Many thanks for your trust!

pappzarapp Ojala & Dürmeyer Print Media GbR
℅ SPACE M, Motzstraße 5
10777 Berlin, Germany

Telephone: 015678-740350
E-mail: datenschutz@pappzarapp.de

When you download the App, information is transmitted to the App Store of your choice, in particular the user name, the e-mail address, the customer number of your account, the time of the download or the individual device identification number can be processed. We have no influence on this data processing. The operator of the respective App Store is responsible.

When using our App, certain data is collected to enable the usability of the functions provided and to guarantee the security and stability of the app, Art. 6 para. 1 sentence 1 lit. f DS-GVO. This includes the IP address, the device type, the time of access and the operating system used.

To be able to process and send your order, a customer account will be created for you. For this purpose, it is necessary to enter certain personal contact data, such as name, address and e-mail address. The legal basis for this is Art. 6 para. 1 S. 1 lit. b DS-GVO. All customer data will be deleted at the latest after the expiry of existing warranty obligations, except for data that we are required to retain by law (e.g. according to AO or HGB).

This legal obligation to retain data in accordance with Art. 6 para. 1 S. 1 lit. c DS-GVO applies in particular to order and payment data. Processing for other purposes is excluded. You can of course have your customer account deactivated by us at any time or correct entries yourself.

Your access to the customer account is always via an encrypted connection.

To be able to design your cardboard book with our app, it is necessary that you give the app access to your photo files. Of course, any access without your knowledge and approval is excluded.

To use our book templates and the configurator, an internet connection is required. For this purpose, the app needs the authorisation for internet access.

After you have designed your cardboard book, the selected image files including the configured product templates will be transferred via an encrypted connection.

To ensure the highest level of data security, the generated print data and all customer data are stored on an encrypted server here in Berlin:

• Pinguin Druck GmbH, 10405 Berlin

For the presentation of our application (product images, templates) as well as the creation of the print template, we use cloud service providers who comply with the strict requirements of the European data protection law. This is secured by corresponding contracts for order processing. The data processing takes place exclusively within the European Union:

• Amazon AWS, Availibility Zone Frankfurt am Main
• Microsoft Azure, Availibility Zone Niederlande

Both cloud service providers are certified according to the ISO/IEC 27001:2013 security standard. All connections between the app and the servers are encrypted with TLS 1.3.

The usage data (server log files) are stored separately from all other personal data provided for 7 days and then deleted.

To ensure maximum data protection, the transmitted image files are also automatically deleted after 7 days.

The prepared print data are stored for 5 months in order to comply with our legal warranty obligations in the event of a complaint, Art. 6 Para. 1 S. 1 lit. b DS-GVO. Afterwards they will also be deleted.

Only on your device in the app we store the contents of the shopping basket for 30 days. Afterwards, this will also be deleted.

As several printers work together to print your paperback, it is necessary to pass on personal data to third parties. The commissioned companies are carefully selected and are bound to data secrecy. Through appropriate contracts for order processing, we ensure that your data is deleted immediately after service provision. Processing of your data for other than contractual purposes is excluded.

• Dürmeyer Print Media GmbH, 20539 Hamburg

As part of the payment process, certain personal customer data collected during the ordering process will be transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg.

The data in question are as follows: First and last name, address, e-mail address and data related to the order, such as the contents of the shopping basket and the invoice amount. This transmission is necessary to process your order with the payment method you have chosen, in particular to confirm your identity and to ensure rapid payment processing, Art. 6 para. 1 lit. b DS-GVO.

Depending on the method of payment selected via PayPal (e.g. invoice or direct debit), PayPal may transfer personal data to credit agencies in order to carry out identity or credit checks.

You can find further information in PayPal's privacy policy at: https://www.paypal.com/de/webapps/mpp/ua/privacy-f....