Insticube Website Privacy Policy

Privacy at INSTICUBE
At INSTICUBE („we“, „us“), we routinely process personal data about visitors („you“) of the INSTICUBE website www.insticube.com („Website“). We are aware of our responsibilities to handle your personal data with care, to keep it secure and comply with applicable privacy and data protection laws.

 

How this Policy Works
The purpose of this Policy is to provide a clear explanation of when, why and how we process information which may relate to you („personal data“).

 

We have designed this Policy to be as user friendly as possible. Click on a topic in the list below to find out more, or explore individual topics in more detail by following the various links. We have labelled sections of the Policy to make it easy for you to navigate to the information that may be most relevant to you.

 

Important
Do read this Policy with care. It provides important information about how we process personal data and explains your statutory rights. This Policy is not intended to override the terms of any policy or contract you have with us, nor rights you might have available under applicable data protection laws.

 

Contents
1. WHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?
2. WHAT PERSONAL DATA DO WE COLLECT?
3. WHEN DO WE COLLECT YOUR PERSONAL DATA AND WHAT DO WE USE YOUR PERSONAL DATA FOR?
4. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
5. INTERNATIONAL TRANSFERS
6. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
7. WHAT ARE YOUR RIGHTS?
8. COOKIES
9. CONTACT AND COMPLAINTS

 

1. Who is responsible for looking after your personal data?
INSTICUBE based in Germany with employees in Germany and the United Kingdom is the owner and operator of the technology platform INSTICUBE, an online database and research platform in which Asset Owners report on Asset Managers they employ. INSTICUBE interviews numerous Asset Owners as members on their perceptions and assessments of Asset Managers that they employ and includes this information on a platform.

 

INSTICUBE GmbH, Nymphenburger Str. 12 in 80335 Munich, is principally responsible for looking after your personal data (your Data Controller within the meaning of Article 4 (7) General Data Protection Regulation (EU) 2016/679 („GDPR“)). Data Controller means a natural or legal person (such as a company) which determines the means and purposes of processing of personal data.

 

You should be aware that although we are principally responsible for looking after your personal data, information may be shared and accessed by other companies. When accessing your personal data, all companies will comply with the standards set out in this Policy.

 

2. What personal data do we collect?
We may process the following personal data about you.

 

Each time the Website is used, so-called usage data is recorded in server log files – as is common on the internet. This usage data is sent automatically by your web browser. Said data consists of the following information:

 

• IP address (Internet Protocol address) of the computer or Public Proxy Address accessing the Website;
• internet address of the website from which the Website was requested (so-called referrer URL);
• name of the service provider via which access to the Website takes place;
• name of the accessed files or information;
• date, time and duration of access;
• volume of transmitted data;
• operating system and information regarding the web browser of the computer accessing the Website;
• http status code (e.g. “request successful” or “requested file not found”).

 

This is usually done by the use of so-called cookies. For more information on cookies, please see Section 8.

 

In addition, we may process personal data such as your name, your email address, etc. you provide to us such, e.g. if you contact us via email for making a request.

 

3. When do we collect your personal data and what do we use your personal data for?
We will collect information from you directly when you visit the Website.

 

We use your personal data for the following purposes:

 

• to operate the Website and to improve your experience with us;
• to create aggregated and anonymized non-personal data;
• for our internal business purposes, such as data analysis, audits, developing new products, enhancing the Website, improving our services, identifying usage trends, and determining the effectiveness of our promotional campaigns;
• for the purposes for which you specifically provided it including, without limitation, to enable us to respond to your inquiries and process and fulfill your requests;

 

We will make sure that we only process your personal data for the purposes set out in this Section 3 and where we are satisfied that our use of your personal data is necessary to support ‚legitimate interests‘ according to Article 6 (1) lit. f GDPR that we have as a business (for example, to improve our products, or to carry out analytics across our datasets), provided it is conducted at all times in a way that is proportionate, and that respects your privacy rights.

 

4. Who do we share your personal data with?
We work with a third party, to help manage our business and deliver services. This third party may from time to time need to have access to your personal data:

 

• Our analytics service provider Google who process personal data for its own purposes as a Data Controller. Please refer to our Cookie Policy in Section 8 in order to identify how you may prevent access to your personal data by analytics providers.

 

Furthermore, we disclose your personal data to third parties only if this is necessary in order to provide our service offering or is otherwise allowed by law, or if we have your consent to do so.

 

We occasionally rely on third-party companies, and external service providers with which we have contracts in place to perform the services, for example in the areas of technical infrastructure and service/maintenance. In cases like these, information is disclosed to these companies and/or individuals in order to enable them to engage in further processing. We select these external service providers carefully and review them regularly to ensure that your privacy remains protected. The service providers are permitted to use the data exclusively for the purposes stipulated by us.

 

We may be under legal or regulatory obligations to share your personal data with courts, regulators, law enforcement. If we were to sell part of our businesses we would need to transfer your personal data to the purchaser of such businesses.

 

5. International Transfers
As set out in Section 4 above, we may allow third parties, who may be located outside Europe, access to your personal data. We may also make other disclosures of your personal data overseas, for example if we receive a legal or regulatory request from a foreign law enforcement body.

 

You have the right to ask us for more information about the safeguards we have put in place as mentioned above. Contact us as set out in Section 9 if you would like further information.

 

We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests:

 

• transfers to Service Providers and other third parties will always be protected by contractual commitments and where appropriate further assurances, such as certification schemes, such as the EU – U.S. Privacy Shield for the protection of personal data transferred from within the EU to the United States of America;

 

• any requests for information we receive from law enforcement or regulators will be carefully checked before personal data is disclosed.

 

6. How long do we keep your personal data?
The log file information are only stored by us for a maximum of 28 days for security reasons (e.g. to identify hacking attempts) and are then deleted. Data whose further storage is required for evidential purposes is excluded from deletion until final clarification of the respective incident. In individual cases, log file information can be disclosed to investigative authorities.

 

Furthermore, log file information is solely stored and statistically analysed in an anonymous form, to continuously improve the Website, to adapt to the users’ interests and to detect or eliminate errors more quickly.

 

In some circumstances we may retain your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulator, tax or accounting requirements.

 

We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required we will ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.

 

7. What are your rights?
You have a number of rights in relation to your personal data.

 

You may request access to your data, correction of any mistakes in our files, erasure of records where no longer required, restriction on the processing of your data, objection to the processing of your data, data portability and information in relation to the basis for international transfers. You may also exercise a right to complain to your Supervisory Authority. More information about each of these rights can be found by clicking on the relevant link or by referring to the table set out further below.

 

To exercise your rights you may contact us as by sending an email to dataprotection@insticube.com set out in Section 11. Please note the following if you do wish to exercise these rights:

Right

What this means

Access

You can ask us to:
• confirm whether we are processing your personal data;
• give you a copy of that data;
• provide you with other information about your personal data such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, and where we got your data from, to the extent that information has not already been provided to you in this Policy.

Rectification

You can ask us to rectify inaccurate personal data.
We may seek to verify the accuracy of the data before rectifying it.

Erasure

You can ask us to erase your personal data, but only where:
• it is no longer needed for the purposes for which it was collected; or
• you have withdrawn your consent (where the data processing was based on consent); or
• following a successful right to object (see ‚Objection‘ below); or
• it has been processed unlawfully; or
• to comply with a legal obligation to which (…) is subject.
We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary:
• for compliance with a legal obligation; or
• for the establishment, exercise or defence of legal claims;
There are certain other circumstances in which we are not required to comply with your erasure request, although these two are the most likely circumstances in which we would deny that request

Restriction

You can ask us to restrict (i.e. keep but not use) your personal data, but only where:
• its accuracy is contested (see Rectification), to allow us to verify its accuracy; or
• the processing is unlawful, but you do not want it erased; or
• it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
• you have exercised the right to object, and verification of overriding grounds is pending.
We can continue to use your personal data following a request for restriction, where:
• we have your consent; or
• to establish, exercise or defend legal claims; or
• to protect the rights of another natural or legal person.

Portability

You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‚ported‘ directly to another Data Controller, but in each case only where:
• the processing is based on your consent or on the performance of a contract with you; and
• the processing is carried out by automated means.

Objection

You can object to any processing of your personal data which has our ‚legitimate interests‘ as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.
Once you have objected, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

International Transfers

You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Economic Area.
We may redact data transfer agreements or related documents (i.e. obscure certain information contained within these documents) for reasons of commercial sensitivity.

Supervisory Authority

You have a right to lodge a complaint with your local supervisory authority about our processing of your personal data.
We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

8. Cookies

 

• What are cookies?
To offer you a full range of functions when you visit the Website, recognize your preferences, and make the use of the Website more comfortable and convenient, we use „cookies“. Cookies are small files that are stored on your device using your Internet browser.

 

• Your options
By using the Website, you agree to the use of cookies and to cookies being stored on your computer. You can also view the Website without cookies, of course. If you do not wish cookies to be stored on your computer, you can deactivate the relevant option in your browser’s system settings. You can delete stored cookies in your browser’s system settings at any time. If you do not accept any cookies, however, this may restrict the functionality of our offerings.

 

• Categories of cookies
We use cookies for different purposes and with different functions. We distinguish in this regard according to whether the cookie is absolutely necessary in technical terms (technical necessity), how long it is stored and used (storage duration), and whether it has been stored by the Website itself or by third parties, and which provider has placed the cookie on your computer (cookie provider).

• Technical necessity
Cookies that are absolutely necessary in technical terms:
We use certain cookies because they are absolutely necessary in order for the website and its functions to work properly. These cookies are automatically placed on your computer when you access the website or a certain function, unless you have set your browser to reject cookies.

 

Cookies that are not absolutely necessary in technical terms:
By contrast, cookies that are not absolutely necessary are placed on your computer to do things like improve the convenience and performance of the Website or save certain settings that you have made. We also use cookies that are not absolutely necessary in technical terms to determine information [on the] frequency of use of certain areas of the Website so that we can gear it toward your needs and requirements on a more targeted basis in the future. We do not store any cookies that are not absolutely necessary in technical terms unless and until you have confirmed, by clicking the relevant field, that you have taken note of our cookie notice and will continue to use the Website.

 

• Storage duration
Session cookies:
Most cookies are only needed for the duration of your current Website visit or your session, and they are erased or become invalid as soon as you leave the Website or your current session expires (termed “session cookies”). Session cookies are used, for example, to retain certain information, such as your INSTICUBE login or shopping cart, during your session.

 

Permanent cookies:
Only in isolated cases are cookies stored for a longer period. This is done, for example, to recognize you when you access our site again at a later time and to be able to access saved settings. This allows you to do things like access our pages faster or with greater convenience, or it eliminates the need for you to set certain options, such as your chosen language, over again. Permanent cookies are automatically deleted after a predefined period when you visit the page or domain from which the cookie was placed on your computer.

 

Flow cookies:
These cookies are used for communication among various internal INSTICUBE servers. They are placed on your computer at the start of a user interaction and deleted after the end of the interaction. Flow cookies are given a unique identification number during the interaction, but this number does not permit any conclusions to be drawn regarding the actual customer or user.

 

• Cookie providers
Provider cookies:
Cookies are typically placed by the operator of the Website, which is commissioned by us, itself when a person visits the Website.

 

Third-party cookies:
Third-party cookies, by contrast, are stored and used by other bodies or websites, for example by providers of Web analytics tools. For further information on Web analytics tools and measurement of reach, please see the rest of this cookie policy. External providers may also use cookies to display advertising or to integrate content from social networks, such as social plugins.

 

• Used Cookies
Specifically, the following cookies may be stored when you visit the Website:

Cookie name
REMEMBERME

Cookie type
Functionality

Storage period
1 year

Cookie provider
INSTICUBE (data.insticube.com)

Cookie purpose
This cookie is placed when a visitor checks the “remember me” option when logging in. It means we keep the session cookie for a longer period and the visitor does not have to login every time he or she visits the Website.

Cookie name
PHPSESSID

Cookie type
Functionality

Storage period
While browser open

Cookie provider
INSTICUBE (data.insticube.com)

Cookie purpose
This cookie is placed for every user to control login information.

Cookie name
_ga

Cookie type
Analytics

Storage period
2 years

Cookie provider
Google Analytics (analytics.google.com)

Cookie purpose
This cookie stores the unique, randomly generated string Client ID for Google Analytics

Cookie name
_gid

Cookie type
Analytics

Storage period
24 hours

Cookie provider
Google Analytics (analytics.google.com)

Cookie purpose
This cookie stores the unique, randomly generated string Client ID for Google Analytics

Cookie name
_gat_UA-106162483-1

Cookie type
Analytics

Storage period
1 minute

Cookie provider
Google Analytics (analytics.google.com)

Cookie purpose
This cookie is used to throttle the request rate.

• Use of cookies for Web analytics and reach measurement
We use Google Analytics, a Web analytics service of Google Inc. (“Google”). Google Analytics uses cookies to identify the frequency of use of certain areas of the Website and to identify preferences. The information regarding your use of this website that is generated by the cookie (including your truncated IP address) is transferred to a Google server in the United States and stored there. Google will use this information to analyze your use of the website, compile reports on website activity for us, and perform further services associated with website use and Internet use. Google may also transmit this information to third parties where required by law or to the extent that third parties process these data on behalf of Google.

 

You can deactivate Google Analytics using a browser add-on if you do not wish the website analysis to take place. You can download the add-on here: http://tools.google.com/dlpage/gaoptout?hl=de.

 

This add-on stores “opt-out” information on your device that serves to match up your deactivation of Google Analytics. Please note that this kind of “opt out” only leads to the deactivation of Google Analytics for the device and browser from which the opt out was activated. In addition, you may need to reactivate it if you delete cookies from your device.

 

9. Contact and complaints
The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our Data Protection Officer. The Data Protection Officer can be contacted in the following ways:

 

dataprotection@insticube.com

 

INSTICUBE GmbH
Data Protection Officer
Nymphenburger Str. 12
80335 Munich
Germany

 

If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. You also have a right to lodge a complaint with your national data protection supervisory authority at any time.

 

This Privacy Policy is dated 25.05. 2018

This Privacy Policy applies to the use of the website “www.insticube.com” (hereinafter „Website“) made available by

 

INSTICUBE GmbH (hereinafter „INSTICUBE“, „us“ or „we“)

Theresienhoehe 13
80339 Munich
Germany
Telephone: +49 89 7699008-0
Email: info@insticube.com

 

The protection of your personal data is of great importance to us and therefore, we take all technical and organisational measures necessary to ensure data protection. In this respect, the purpose of this Privacy Policy is to inform you of the nature, extent and purpose of the collection of personal data as well as of how said data is used and processed.

 

Responsible party in terms of the German Data Protection Act (Bundesdatenschutzgesetz, BDSG) for the processing of data by the Website is INSTICUBE. All data collected, processed and stored in connection with the Website will be hosted on severs within the European Economic Area (EEA).

 

1. Personal Data
Personal data refers to „any information concerning the personal or material circumstances of an identified or identifiable individual (the data subject)“ (Sec. 3 para. 1 BDSG). This includes, for example, information such as name, postal mailing address, email address, phone number, IP address, and information on Website usage. We collect, process and use your personal data exclusively in accordance with the provisions of this Privacy Policy and applicable data protection regulations of the Federal Republic of Germany, in particular the BDSG and the Telemedia Act (Telemediengesetz, TMG).

 

The types of personal information that we will collect may include some or all of the following personal data depending on how you decide to use the Website: Information on your use of the Website, such as the location from which you access data from the Website as well as other connection data and sources that you retrieve. This is usually done by the use of so-called cookies. For more information on cookies, please see below.

 

2. Processing of Personal Data
We process your personal data for the following purposes:

  • for the purposes for which you specifically provided it including, without limitation, to enable us to respond to your inquiries and process and fulfill your requests;
  • to operate the Website and to improve your experience with us, including by presenting products or offers tailored to you;
  • to create aggregated and anonymized non-personal data;
  • for our internal business purposes, such as data analysis, audits, developing new products, enhancing the Website, improving our Services, identifying usage trends, and determining the effectiveness of our promotional campaigns;

 

3. Sharing Personal Data
We will not share your personal data with third parties except as set out in this Privacy Policy, unless you have agreed to the data transfer or we are entitled to transfer the data on the basis of legal regulations.
For example, we may share your personal data with our strategic partner and shareholders:

  • IPE International Publishers Limited, 1 Kentish Buildings, 125 Borough High Street, London, SE1 1NP, United Kingdom;
  • AssetMetrix GmbH, Theresienhoehe 13, 80339 Munich, Germany.

 

They use your personal data for the following purposes:

  • Updating existing address and mailing lists in order to improve communication with specific information to whom it may concern and be of actual relevance;
  • Analyze market trends and market potentials.

 

4. Automatically collected usage data
Each time the Website is used, so-called usage data is recorded in server log files – as is common on the internet. This usage data is sent automatically by your web browser. Said data consists of the following information:

  • IP address (Internet Protocol address) of the computer or Public Proxy Address accessing the Website;
  • internet address of the website from which the Website was requested (so-called referrer URL);
  • name of the service provider via which access to the Website takes place;
  • name of the accessed files or information;
  • date, time and duration of access;
  • volume of transmitted data;
  • operating system and information regarding the web browser of the computer accessing the Website;
  • http status code (e.g. „request successful“ or „requested file not found“).

 

The aforementioned types of log file information are only stored by us for a maximum of 28 days for security reasons (e.g. to identify hacking attempts) and are then deleted. Data whose further storage is required for evidential purposes is excluded from deletion until final clarification of the respective incident. In individual cases, log file information can be disclosed to investigative authorities.
Furthermore, log file information is solely stored and statistically analysed in an anonymous form, to continuously improve the Website, to adapt to the users’ interests and to detect or eliminate errors more quickly.

 

5. Cookies, Targeting and Other Technologies
We may also collect information about your computer and/or mobile device, such as the operating system and browser type used. We use this information to manage and administer the Website. We share this information in a fully anonymous form with our business associates. This information consists of statistical data about users’ activity on the Website.

 

The Website uses cookies. Cookies are small text files that are placed on your computer or mobile device by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide web services and functionalities for the users. For example, they enable us to improve your experience on the Website and offer you a better and more customized service. Cookies enable the Website to remember your actions and preferences (such as language, font size and other display preferences) so that you do not have to re-enter them each time you use the Website.

 

Cookies may be either „persistent“ cookies or „session“ cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

 

We use the following types of cookies:

  • Strictly Necessary Cookies: These cookies are essential in order to carry out a request initiated by you, for example by remembering information provided by you as you browse the site and by managing your logged-in status during the session. You cannot opt out of these cookies as the Website cannot function properly without them;
  • Functionality Cookies: These cookies allow us to remember your preferences. For example, cookies save you the trouble of typing in your login data every time you access the site.

Cookie name

REMEMBERME

Cookie type

Functionality

Storage period

1 year

Cookie purpose

INSTICUBE (data.insticube.com)

Cookie provider

This cookie is placed when a visitor checks the “remember me” option when logging in. It means we keep the session cookie for a longer period and the visitor does not have to login every time he or she visits the Website.

Changing the Browser Setting
If you do not wish to use the cookie technologies described here, you can set your browser to not accept cookies. Please note that in this case, you may only be able to use the Website in a restricted way or not at all.

 

6. Google Analytics
We use Google Analytics, a third-party web analysis service provided by Google Inc. („Google“). Google Analytics uses „performance cookies“ to analyse how you use the Website. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The Website uses Google Analytics with the expansion ‚_anonymizeIp()‘; therefore, only abbreviated IP addresses will be further processed, so that a direct connection to the individual user is eliminated. Your IP address will be shortened beforehand by Google (i.e. the last octet of the IP address will be anonymized) within member states of the European Union or in other signatory states of the Treaty on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google Server in the USA and shortened there. Google will use this information on behalf of the website operator for the purpose of evaluating your use of the Website, compiling reports on website activity, and providing other services to website operators relating to website activity and internet usage. Google will not associate the IP address transmitted under Google Analytics by your browser with other data held by Google. You may prevent the use of Google Analytics by disabling cookies in the browser’s set up screen. You may prevent the storage of cookies by selecting the appropriate settings on your browser software; however, we must advise you that in this case, you might not be able to use all functions of the Website to the full extent. You may prevent Google from recording the data generated by the cookie and pertaining to your use of the Website (including your IP address), or from processing these data by downloading and installing the following browser plug-in available through Google at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

 

Google’s Privacy Notice is located at http://www.google.com/analytics/learn/privacy.html. An opt-out cookie will be set on the computer which prevents the future collection of your data when using the Website: Disable Google Analytics.

 

7. Data Security
Unfortunately, the transmission of information over the internet is not completely secure. Although we do everything in our power to protect your personal data, we cannot warrant the security of the data transmitted via the Website. Any of your data transfer will be at your own risk. No one can guarantee absolute protection. However, we will protect the Website and other systems from the loss, destruction, access, alteration or dissemination of your data by unauthorized persons through technical and organisational measures.

 

8. Links to other websites
The Website, from time to time, may contain links to and from third party websites. If you follow a link to one of these websites, please note that these websites are subject to their own privacy regulations and we cannot assume any responsibility or guarantee for third-party data protection conditions. Please make sure that you are aware of the applicable privacy policy before sending personal data to these websites.

 

9. Amendments to the Privacy Policy
We reserve the right to change this Privacy Policy at any time with effect for the future. A current version is available on the Website. Please check the Website regularly for information on the applicable Privacy Policy.

 

This Privacy Policy is dated: 06.10.2017

 

10. Information
You have the right to be informed about your personal data stored, its origin and recipients as well as the purpose of storage at any time. Upon request, you will immediately receive information about the stored data free of charge pursuant to applicable law. Furthermore, you can also contact us free of charge regarding any questions about the collection, processing or use of your personal data and its correction, blocking, deletion or revoking previously given consent. We point out that you are entitled to false data being corrected or deletion of personal data insofar as there are no legal obligations to retain said data.

 

Please send your request by mail, phone or email to:

 

INSTICUBE GmbH
Theresienhoehe 13
80339 Munich
Germany
Telephone: +49 89 7699008-0
Email: info@insticube.com

 

If you choose to contact us via email, we must point out that the confidentiality of the transmitted information is not guaranteed. In principle, email contents can be exposed to electronic spying by unauthorized third parties during transmission. Therefore, we encourage you to send confidential information solely by mail.