top of page

DATA PROTECTION

Privacy Policy

We (“we,” “us,” “our”) take the protection of the data of users (“users” or “you”) of our website and/or mobile app (the “Website” or the “Mobile App”) very seriously and are committed to protecting the information that users provide to us in connection with the use of our website and/or mobile app (collectively: “digital assets”). We are also committed to using and protecting your data in accordance with applicable law.

This privacy policy explains our practices regarding the collection, use, and disclosure of your information through your use of our digital assets (the “Services”) when you access the Services via your devices.

Please read the privacy policy carefully and ensure that you fully understand our practices in relation to your data before using our Services. If you have read this policy and fully understand it but do not agree with our practices, you must discontinue use of our digital assets and Services. By using our Services, you acknowledge the terms of this Privacy Policy, and your continued use of the Services constitutes your acceptance of this Privacy Policy and any amendments thereto.

This Privacy Policy covers:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • Who we share the data with

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we treat minors

  • Updates or changes to the Privacy Policy

What data do we collect?

We may collect the following types of data:

  • Non-identified and non-identifiable information which you provide during the registration process or that is collected through your use of our Services ("Non-Personal Data"). This data does not enable us to identify the individual from whom it was collected. Non-Personal Data we collect mainly consists of technical and aggregated usage information.

  • Individually identifiable information, i.e., information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”). Personal Data we collect through our Services may include details such as names, email addresses, addresses, phone numbers, IP addresses, and more. If we combine Personal Data with Non-Personal Data, we will treat the combined information as Personal Data as long as it remains combined.

How do we collect data?

We collect data in the following main ways:

  • We collect data through your use of our Services. When you visit our digital assets and use the Services, we may collect, record, and store such usage, sessions, and related information.

  • We collect data you provide directly to us, such as when you contact us directly via any communication channel (e.g., an email with a comment or feedback).

  • We may collect data from third-party sources as described below.

  • We collect data that you provide when you log in to our Services via a third-party provider like Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

  • To provide and operate our Services

  • To develop, customize, and improve our Services

  • To respond to your feedback, requests, and support needs

  • To analyze usage patterns and service demands

  • For internal, statistical, and research purposes

  • To enhance data security and fraud prevention capabilities

  • To investigate violations, enforce our terms and policies, and comply with legal or regulatory requirements

  • To send updates, news, promotional materials, and other information related to our Services. You may choose to unsubscribe from promotional emails by clicking the unsubscribe link in these emails.

Who do we share your data with?

We may share your data with our service providers to operate our Services (e.g., data storage via third-party hosting services, technical support, etc.).

We may also disclose your data in the following cases:


(i) to investigate, detect, prevent, or address unlawful activities or other wrongdoing;
(ii) to establish or exercise our legal rights;
(iii) to protect our rights, property, or personal safety, and that of our users or the public;
(iv) in the case of a change in control of our business or affiliated companies (via merger, acquisition, or purchase of all or substantially all assets, etc.);
(v) to collect, store, and/or manage your data via authorized third-party providers (e.g., cloud service providers) as reasonably necessary for business purposes;
(vi) to work with third parties to improve your user experience.

Please note: we may share, transmit, or otherwise use Non-Personal Data at our own discretion.

Cookies and similar technologies

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services (“Tracking Technologies”). These technologies may allow third parties to collect your data automatically to enhance your navigation experience, optimize the performance of our digital assets, provide a customized user experience, and for security and fraud prevention purposes.

To learn more, please read our Cookie Policy.

We will not share your email address or other Personal Data with advertising companies or ad networks without your consent.

We may serve personalized advertisements through our Services and digital assets (including websites and applications that use our Services), including ads based on your recent browsing behavior. To deliver these ads, we may use cookies, JavaScript, web beacons (including clear GIFs), HTML5 local storage, and other technologies. We may also use third parties such as ad networks, advertisers, sponsors, and/or traffic measurement services who may use these technologies to measure ad effectiveness and personalize advertising content. These third-party cookies and technologies are governed by their own privacy policies, not ours.

Where do we store the data?

Non-Personal Data:
Our businesses and trusted partners and service providers are located worldwide. For the purposes explained in this Privacy Policy, we store and process all Non-Personal Data collected in various jurisdictions.

Personal Data:
Personal Data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and other jurisdictions as necessary for the proper provision of our Services and/or required by law.

How long do we retain the data?

We retain the collected data as long as necessary to provide our Services, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements.

We may correct, complete, or delete inaccurate or incomplete data at our sole discretion at any time.

How do we protect the data?

The hosting service for our digital assets provides us with the online platform to offer our Services. Your data may be stored via our hosting provider’s data storage, databases, and general applications. They store your data on secure servers behind a firewall and provide secure HTTPS access to most areas of their services.

All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard) as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure secure handling of credit card information by our store and service providers.

Despite the measures taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of any data you upload, post, or otherwise share with us or others.

Therefore, we encourage you to set strong passwords and avoid sharing sensitive information that could cause you significant harm if disclosed. Since email and instant messaging are not recognized as secure forms of communication, we also ask that you do not share any confidential information through these means.

How do we treat minors?

The Services are not intended for users under the legal age of majority. We do not knowingly collect data from children. If you are not of legal age, you should not download or use the Services nor provide us with any information.

We reserve the right to request proof of age at any time to verify that minors are not using our Services. If we become aware that a minor is using our Services, we may prohibit and block such users from accessing our Services and delete any data stored about them. If you believe a minor has shared data with us, please contact us as explained below.

We will only use your Personal Data for the purposes set out in this Privacy Policy if we are satisfied that:

  • the use of your Personal Data is necessary to perform or enter into a contract (e.g., to provide you with the Services or customer support);

  • the use of your Personal Data is required to comply with legal or regulatory obligations;

  • the use of your Personal Data is necessary to support our legitimate business interests (provided that such use is always proportionate and respects your privacy rights).

EU Resident Rights

If you reside in the EU, you may:

  • request confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data along with certain additional information;

  • receive Personal Data you provided to us in a structured, commonly used, and machine-readable format;

  • request rectification of your Personal Data held by us;

  • request deletion of your Personal Data;

  • object to the processing of your Personal Data by us;

  • request the restriction of the processing of your Personal Data;

  • lodge a complaint with a supervisory authority.

Please note that these rights are not absolute and may be subject to our legitimate interests and regulatory requirements. If you have general questions about the Personal Data we collect and how we use it, please contact us below.

In the course of providing the Services, we may transfer data cross-border to affiliated entities or other third parties and from your jurisdiction to other countries worldwide. By using the Services, you consent to the transfer of your data outside the EEA.

If you reside in the EEA, your Personal Data will only be transferred outside the EEA where we are satisfied that adequate or comparable levels of data protection are in place. We will take appropriate steps to ensure that we have suitable contractual agreements in place with our third parties to ensure appropriate safeguards are in place, minimizing the risk of unauthorized use, modification, deletion, loss, or theft of your Personal Data, and ensuring that such third parties act in compliance with applicable laws.

California Consumer Privacy Act (CCPA) Rights

If you are a California resident using the Services, you may be entitled under the California Consumer Privacy Act (CCPA) to request access to and deletion of your data.

To exercise your right to access or delete your data, please contact us as indicated below.

We do not sell users’ Personal Data for the purposes and intentions of the CCPA.

If you are a California resident under the age of 18, you may request the removal of any content or information you posted by emailing us at the address provided in the “Contact” section below. Please label your request as “California Removal Request.” Include a description of the content you wish to remove and sufficient information for us to locate the material. We may not respond to requests that are not properly labeled or submitted or that lack sufficient information. Please note: your request does not ensure complete or comprehensive removal of the content. For example, content may be reposted by other users or third parties.

Updates or Changes to the Privacy Policy

We reserve the right to revise this Privacy Policy at our sole discretion from time to time; the version posted on the website will always be current (see "Effective Date"). We encourage you to review this Privacy Policy regularly for changes. In case of material changes, we will post a notice on our website. Continued use of the Services after changes have been posted will constitute your acknowledgment and consent to the amended Privacy Policy and your agreement to be bound by its terms.

Contact

If you have general questions about the Services or the information we collect and use about you, please contact us at:

Name: Natsuko Hara
Address: Kirchenweg 6, 85774 Unterföhring
Email: webmaster@changeadvisory.de

Disclaimer

The information herein does not constitute legal advice, and you should not rely on it alone. Specific requirements regarding legal terms and policies may vary by state and/or jurisdiction. As stated in our Terms of Use, you are responsible for ensuring that your Services are lawful under applicable laws and that you comply with them.

To ensure full compliance with your legal obligations, we strongly recommend consulting with a legal professional to better understand which requirements specifically apply to you.

bottom of page