1. Contact details of the controller and Data Protection Officer 

The controller pursuant to the EU General Data Protection Regulation ("GDPR") for the processing of your personal data is: 

deltaDAO AG 
Katharinenstraße 30a 
20457 Hamburg 
Germany 
E-mail: contact@delta-dao.com 

If you have any questions about the protection of your personal data at deltaDAO, please contact our Data Protection Officer: 

Data Protection Officer 
deltaDAO AG 
Katharinenstraße 30a 
20457 Hamburg 
Germany 
E-mail: privacy@delta-dao.com 

2. What's personal data?

Personal data is any information that can be (directly or indirectly) related to you. deltaDAO processes the following personal data.

• IT information: Your IT information (IP address, usage data, location data, browser data, cookie data) is processed when visiting our website.

• E-mail address: Your e-mail address is processed when you subscribe to our newsletter. Moreover, if you contact deltaDAO via e-mail, we process your e-mail address and any personal data you decide to provide in your message (such as your name).

For detailed information about the processing operations, lawfulness, purposes, and how your personal data serves to reach these purposes, please take a look at the chapter "Processing operations according to Article 13 GDPR".

3. Recipients and cross-border data transfer

Mailchimp 
We use Mailchimp (The Rocket Science Group LLC d/b/a Mailchimp located at 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA) for sending and subscribing to our newsletter. 

There is no adequacy decision for the USA from the European Commission. Our cooperation with Mailchimp is based on a Data Processing Agreement (DPA) including Standard Contractual Clauses (SCC). You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com. 

• Here you can find Mailchimp’s current DPA including SCC ↗. 

• Here you can find Mailchimp’s privacy policy ↗. 
  

Microsoft Corporation 
When you contact us via e-mail, our (mail) service provider Microsoft Corporation (located at 1 Microsoft Way, Redmond, Washington 98052-8300, USA) supports us in processing your personal data so we can communicate with you. 

There is no adequacy decision for the USA from the European Commission. However, Microsoft is EU-US DPF (EU‐US Data Privacy Framework) certified. The EU‐US DPF is an adequacy decision of the European Commission, limited to certified entities. Moreover, we have restricted storage on the EEA and signed SCC with our provider. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com. 

• Here you can find Microsoft's current DPA including SCC ↗. 

• Here you can find Microsoft's privacy policy ↗.

4. Processing operations according to Article 13 GDPR 

We process your personal data for the following purposes.

4.1 Providing our newsletter landing page and ensuring its security

Your IT information (IP address, usage data, location data, browser data, cookie data) is collected, used, and stored for providing our landing page and to maintain its security. Our landing page is hosted externally by our service provider Mailchimp who acts as a processor for us (see also chapter 3). 

Purpose: 
Collecting and using your IP address is necessary for providing our landing page because it is a technical requirement for ensuring communication between your device and our landing page. Your IT information is also processed for an error-free presentation and for security, fraud-prevention, abuse-prevention, and troubleshooting purposes. 

Legal basis: 
The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR. 

Legitimate interest: 
Our legitimate interest is to provide our landing page to you and to enable security, a technically error-free presentation, and the optimization of the landing page. 

Retention period: 
Mailchimp retains your personal data for as long as needed to provide their services. 

4.2 Sending our newsletter

If you subscribe to our newsletter and give us your consent, we collect, use, and store the e-mail address you provide to us in the subscription form. Our service provider Mailchimp receives your personal data and acts as a processor for us (see also chapter 3). 

Purpose: 
We collect, use, and store your e-mail address, so we can send our newsletter to you. 

Legal basis: 
The legal basis for this processing is your consent pursuant to Art. 6(1)(a) GDPR.
You have the right to withdraw your consent at any time (see also chapter 8.1). 

Retention period: 
Your personal data will be processed for as long as you have given your consent. Apart from this, it will be deleted after the contract between us and Mailchimp has ended, unless legal requirements make further storage necessary. 

4.3 Contact via e-mail

If you contact us via e-mail, deltaDAO collects, uses, and stores your e-mail address, and any other information you provide us in your message, such as your name. When you send us an e-mail, our (mail) service provider Microsoft Corporation (see also chapter 3) supports us in processing your personal data so we can communicate with you. 

Purpose: 
We collect, use and store this personal data to respond to your inquiries. 

Legal basis: 
The legal basis for this processing is our legitimate interest, according to Art. 6(1)(f) GDPR. 

Legitimate interests: 
Our legitimate interest is to answer your inquiries. 

Retention period: 
deltaDAO deletes your personal data as soon as we no longer require them for processing your inquiry, except deltaDAO is obliged to comply with legal retention periods or in case of legal disputes. se this space to add more details about your site, a customer quote, or to talk about important news.

5. Automated decision making including profiling according to Article 13(2)(f) GDPR

Automated decision making including profiling does not take place. 

6. Cookies and web storage

A cookie is a small file that stores Internet settings. Your web browser downloads it on the first visit to a website. The next time you open this website with the same device, the cookie and the information stored in it are either sent back to the website that created it (first-party cookie) or sent to another website it belongs to (third-party cookie). This enables the website to detect that you have opened it previously with this browser and, in some cases, to vary the displayed content. 

Our landing page uses essential cookies. These cookies are strictly necessary to provide you with our Mailchimp landing page.

7. External links

Our landing page contains links to external websites that are beyond the control and responsibility of deltaDAO.

8. Your rights

If you want to make use of your rights described below, do not hesitate to contact us.

8.1 Right to withdraw consent (Art. 7(3) GDPR)

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8.2 Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether deltaDAO processes personal data about you. If we are processing personal data about you, you have the right to access these personal data and to gain the information defined in Art. 15 GDPR.

8.3 Right to rectification (Art. 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data about you. Additionally, you have the right that incomplete personal data about you are completed.

8.4 Right to erasure (Art. 17 GDPR)

You have the right to obtain without undue delay the erasure of personal data about you, where the defined legal grounds in Art. 17 GDPR apply. 

8.5 Right to restriction (Art. 18 GDPR)

Moreover, you have the right to obtain the restriction of processing your personal data where the defined legal grounds in Art. 18 GDPR apply.

8.6 Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit those data to another controller without hindrance, where the defined legal grounds in Art. 20 GDPR apply. You can make use of your right to data portability by contacting us.

8.7 Right to object (Art. 21 GDPR)

On grounds relating to your particular situation, you have the right to object to the processing of your personal data where we based the processing on legitimate interests (Art. 6(1)(f) GDPR). If you object, deltaDAO will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, overriding your rights, freedoms, and interests, or if the processing is required to establish, exercise, or defend legal claims.

8.8 Right to lodge a complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data by deltaDAO to infringe the GDPR. You can lodge a complaint in particular 

• in the Member State of your habitual residence, 

• in the Member State of your place of work, and 

• in the place of the alleged infringement.

9. Questions

For any requests regarding our privacy policy, please send us an e-mail to privacy@delta-dao.com. 

10. Changes to the Privacy Policy

We adjust this policy from time to time, by publishing a new version on our landing page. You can find the date of the current version at the beginning of this policy. The latest version of this policy applies to the processing of your personal data.