Data protection

The following data protection declaration applies to the use of the website www.p24.eu, hereinafter referred to as “website” and “online offer”. P24 attaches great importance to data protection. The collection and processing of your personal data takes place in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). We process your personal data in order to be able to offer you this website and related services. Here we explain to you how and for what purpose your personal data is collected and used, as well as what rights you have in connection with the processing of your data. By using this website, you agree to the collection, use and transfer of your information in accordance with this privacy policy. If you wish to object to the collection, processing or use of your data by us in accordance with this data protection declaration as a whole or for individual measures, you can address your objection to the data protection officer of the person responsible.

1. General

1.1 Responsible person

The person responsible for the collection, processing and use of your personal data in accordance with Art. 26 GDPR is

P24 GmbH

Kapuzinerstr. 4, 94032 Passau

E-Mail: hallo@p24.eu

1.2 Data Protection Officer

You can reach our data protection officer at:

E-Mail: privacy@p24.eu

1.3 Terms used

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); A natural person is considered identifiable if he or she identifies directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. “Processing” means any operation or series of operations relating to personal data, carried out with or without the aid of automated procedures. The term is broad and encompasses virtually every way data is handled.

The “controller” is the natural or legal person, public authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data. “Restriction of processing” is the marking of stored personal data with the aim of restricting their future processing. “Profiling” is any type of automated processing of personal data, which consists in using these personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health , analyze or predict that natural person's personal preferences, interests, reliability, behavior, location or movements. “Pseudonymization” is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures that ensure that the Personal data is not assigned to an identified or identifiable natural person. “Deleting” personal data means both the final and therefore irrevocable, complete elimination of data (destruction) as well as the personal reference to it (anonymization). In any case, after the deletion process, a connection to specific people can no longer be established. “Processor” is a natural or legal person, public authority, institution or other body that processes personal data on behalf of the controller. “Recipient” means a natural or legal person, public authority, agency or other body to which personal data is disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients. “Third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor. “Consent” is any voluntary, informed and unambiguous expression of wishes given by the data subject for the specific case, in the form of a statement or other unambiguous confirmatory act, by which the data subject indicates that he or she consents to the processing of the personal data relating to him or her data is agreed.

2 Data processing

2.1 Types of data processed:

– names

- Birth date

– Address data (street, house number, zip code and city)

– Contact details (e.g. email, telephone numbers)

– Content data (e.g. text entries, conversation histories)

– Contract data (e.g. contract number, IBAN, BIC)

– Usage data (e.g. websites visited, interest in content, access times)

– Meta/communication data (e.g. mobile device information, IP addresses)

2.2 Categories of data subjects, visitors and users of the online offering

Below we refer to the affected persons collectively as “users”.

2.3 Purpose of processing

2.3.1 Registration process/conclusion of contract

To set up your eAccount, your personal data is required to fill out the online form when registering. As part of the application, you will be provided with the required mandatory information (title, first name, last name, street number, postal code, city, date of birth, mobile phone number, email) and processed on the basis of Art. 6 Para. 1 lit. b GDPR for the purposes of fulfilling the contract . As a registered user, you have the opportunity to change or revise your personal data at any time in the “Personal Data” section.

P24 collects, stores and processes your personal data on their computers in order to develop and improve all of our services to you, to communicate with you and to manage your eAccount. P24 only grants access to your personal data to those employees who need it to provide our services.

We will not share information except in the limited cases described below, where permitted by applicable law or where you have given us your express consent:

To Card Compact Ltd., 483 Green Lanes London N13 4BS United Kingdom for the use and management of card services To TOTAL Deutschland GmbH, TOUR TOTAL – Europacity, Jean-Monnet-Straße 2, 10557 Berlin for the use of the TOTAL Card (data protection declaration: https ://www.total.de/datenschutz)To anyone to whom we transfer or may transfer our rights and obligations in accordance with our General Terms and Conditions with you.

2.3.2 Website hosting

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offering.

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of this online offer in accordance with Article 6 Paragraph 1 lit. f GDPR in conjunction with Article 28 GDPR (conclusion of order processing contract).

2.3.3. Answering contact requests and communicating with users

If you contact us (e.g. via contact form, agent bot or email), we store your information (e.g. name, address, telephone number, email address, conversation history) to process your request and in the event that that follow-up questions arise in relation to a later contractual or business relationship in accordance with Article 6 Paragraph 1 Letter b GDPR. We only store and use other personal data if you consent to this or if this is legally permissible without special consent.

2.3.4 Cookies 

Some of the websites use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and that your browser saves.

Most of the cookies we use are so-called “session cookies”. They will be automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are necessary to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically error-free and optimized manner. If other cookies (e.g. cookies to analyze your surfing behavior) are stored, they will be treated separately in this data protection declaration.

2.3.5 Further integration of third-party services and content (plugins)

Within our online offering, we use content or service offerings from third-party providers based on our legitimate interests (i.e. interest in analysis, optimization and economic operation and in the interest of an attractive presentation of our online offering) in accordance with Art. 6 Para. 1 lit. f. GDPR to integrate their content and services, such as videos or posts. A corresponding integration always requires that the third party providers of this content perceive your IP address, as they cannot send the content to your browser without the IP address. The IP address is therefore required to display this content.

We strive to only use content whose respective providers only use your IP address to deliver the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on your device and may contain, among other things, technical information about your browser and operating system, referring websites, visiting time and other information about your use of our online offering, as well as being linked to such information from other sources.

2.3.5.1 Facebook

We use Facebook pages, Facebook groups and Facebook social plugins (“plugins”) from the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The pages, groups and plugins can represent interaction elements or content (e.g. videos, graphics or text posts) and can be recognized by one of the Facebook logos (white "f" on a blue tile, the terms "Like", "Like" or a “Thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. If you access a function of our online offering that contains such a plugin, your device establishes a direct connection with the Facebook servers. Usage profiles can be created for you from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge. By integrating the plugins, Facebook receives the information that you have accessed the corresponding page through our online offering. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you are not a member of Facebook, there is still the possibility that Facebook will find out and store your IP address. According to Facebook, only an anonymized IP address is stored in Europe.

We also use the so-called “Facebook pixel” on our website. This means that interest-based advertisements (“Facebook Ads”) can be shown to users of our website when they visit the social network Facebook or other websites that also use the procedure. The purpose of using the Facebook pixel is to only show the Facebook ads we place to those Facebook users who have shown an interest in our website. With the help of the Facebook pixel, we want to ensure that our Facebook ads correspond to the potential interest of the users and do not appear annoying. We can also use the Facebook pixel to track the effectiveness of Facebook ads for statistical purposes by seeing whether users were redirected to our website after clicking on a Facebook ad. The legal basis for the use of the Facebook pixel is Art. 6 Para. 1 lit. a GDPR and depends on your consent, which you can change at any time in your cookie settings.

The purpose and scope of data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users can be found in Facebook's data protection information. The joint processing of personal data takes place on the basis of an agreement on joint processing of personal data.

2.3.5.2 Vimeo 

Functions and content from the Vimeo service can be used within our online offering. Vimeo is operated by Vimeo, LLC, with headquarters at 555 West 18th Street, New York, New York 10011.

On some of our websites we use plugins from the provider Vimeo. If you access the websites on our website that contain such a plugin, a connection will be established to the Vimeo servers and the plugin will be displayed. This sends information to the Vimeo server about which of our websites you have visited. If you are logged in to Vimeo as a member, Vimeo assigns this information to your personal user account. When you use the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding Vimeo cookies.

Further information on data processing and information on data protection by Vimeo can be found at https://vimeo.com/privacy.

2.3.5.3 Twitter

Within our online offering, functions and content of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be used.

This includes a button that allows you to subscribe to our posts. If you are a member of the Twitter platform, Twitter can assign access to the above-mentioned content and functions to your profile.

You can find more information about how Twitter handles user data in Twitter's privacy policy. You can object to data collection here, Twitter data collection opt-out.

2.3.5.4 LinkedIn

Within our online offering, functions and content of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, can be used.

This includes a button that allows you to subscribe to our posts. If you are a member of the LinkedIn platform, LinkedIn can assign access to the above-mentioned content and functions to your profile.

You can find more information about how LinkedIn handles user data in LinkedIn's privacy policy. You can object to data collection here, LinkedIn data collection opt-out.

2.3.6 Zoho

Functions and content from the Zoho service can be used within our online offering.

If you contact us through the agent bot, we will save your information (e.g. name, address, telephone number, email address, conversation history) in order to process your request and in the event that follow-up questions arise in relation to a later contract or . Business relationship arises in accordance with Art. 6 Para. 1 lit. b GDPR.

For more information you can contact privacy@zohocorp.com.

2.3.7 Provision of the online offer, its functions and content

P24 collects information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us and register data about your computer or mobile device. We collect, store and use data about every access to our online offering (so-called server log files). The access data includes the name and URL of the file accessed, date and time as well as the country of origin of the access, amount of data transferred, notification of successful retrieval (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the previously visited page), IP address. Address and the requesting provider.

We use this log data without any association with your person or other profiling for statistical evaluations for the purposes of operation, security and optimization of our online offering, but also to anonymously record the number of visitors to our website (traffic) as well as the extent and type of Use of our website and services, also for billing purposes, to measure the number of clicks received from cooperation partners. This information allows us to provide personalized and location-based content, analyze traffic, troubleshoot and troubleshoot, and improve our services. We reserve the right to subsequently check the log data if there is reasonable suspicion of unlawful use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or is necessary for the provision of services or the billing of a service, e.g. B. if you use one of our offers. We also use IP addresses if we have a specific suspicion of a crime in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).

Personal data is processed here on the basis of our legitimate interests in the efficient and secure provision of this online offer and due to legal obligations in accordance with Article 6 Paragraph 1 Letters c and f of the GDPR.

2.3.8 Access measurement

This website uses Google Analytics, a web analysis service provided by Google Ireland

Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). Google

Analytics uses so-called “cookies”, i.e. text files that are stored on your computer and that enable your use of the website to be analyzed. On behalf of the operator of this website, Google will use the above information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

The purposes of data processing are to evaluate the use of the website and to compile reports on activities on the website. Further related services will then be provided based on the use of the website and the Internet.

As part of the Google Analytics reach analysis, the following data is processed based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offering) in accordance with Article 6 Paragraph 1 Letter f of the GDPR:

Name and URL of the retrieved file, date and time as well as country of origin of the retrieval, amount of data transferred, notification of successful retrieval (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting party Provider as well as the number of visits and how long you spend on the website.

Your IP address will be anonymized immediately after it is stored by Google.

Pseudonymous user profiles can be created from the processed data. The cookies have a storage period of one week. The information generated by the cookie about your use of this website is only stored on our server and is not passed on to third parties.

You can prevent the storage of cookies by setting your browser software accordingly. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: Browser Add On to deactivate Google Analytics.

In addition to or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by changing your cookie consent. An opt-out cookie is installed on your device. This will prevent Google Analytics from collecting information for this website and this browser in the future as long as the cookie remains installed in your browser.

The logs with your data will be deleted no later than 1 year after the last visit to the website. Until then, the evaluation of the collected data is necessary for effective control of the optimization and simplification of the online offering.

The website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

2.3.9 Google Analytics Remarketing 

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google Ads and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you on one device (e.g. cell phone) depending on your previous usage and surfing behavior can also be displayed on another of your devices (e.g. tablet or PC). If you have given your consent, Google will link your web and app browser history with your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google account. To support this feature, Google Analytics collects Google-authenticated user IDs, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device advertising. You can permanently opt out of cross-device remarketing/targeting by deactivating personalized advertising in your Google Account; To do this, follow this link https://www.google.com/settings/ads/onweb.

The summary of the data collected in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 Para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merger), the collection of data is based on Art. 6 Para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes. Further information and the data protection regulations can be found in Google's data protection declaration at https://www.google.com/policies/technologies/ads.

2.3.10 Google AdWords and Google Conversion Tracking

This website uses Google Ads. Ads is an online advertising program from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). As part of Google Ads, we use so-called conversion tracking. If you click on an ad placed by Google, a cookie is set for conversion tracking. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. The cookies cannot be tracked across Ads customers' websites. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users.

If you do not want to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics. The storage of “conversion cookies” is based on Art. 6 Para. 1 lit. a GDPR and depends on your consent, which you can change at any time in your cookie settings. You can find more information about Google Ads and Google Conversion Tracking in Google's data protection regulations https://www.google.de/policies/privacy.

3 storage period

Unless specifically stated, we only store your personal data for as long as is necessary to fulfill the purposes pursued in accordance with Art. 6 GDPR. Your data will also be deleted if the data is no longer required to fulfill contractual or legal retention obligations in accordance with Art . In addition, we store your personal data to assert, exercise or defend legal claims in accordance with Article 17 Paragraph 3 Letter e of the GDPR.

If personal data may no longer be processed for the original purpose but there are still retention obligations, the data will be archived from the productive processing or storage locations, completely deleted from the productive level and access to these will be restricted. After all retention obligations have been fulfilled, retention rights have lapsed and all deletion periods have expired, the relevant data will be routinely deleted.

4 Your rights as a person affected by data processing

You have various rights regarding your personal data under applicable laws. If you would like to assert these rights, please send your request by email or post to the data protection officer of the person responsible, clearly identifying yourself (see section 1.2). As a data subject, you have the following rights:

4.1 Right to information

According to Articles 12 and 14 GDPR, you have the right to receive confirmation from us at any time as to whether we are processing personal data concerning you. If this is the case, you have the right to receive free information from us about the personal data stored about you as well as a copy of this data.

4.2 Right to rectification

According to Art. 16 GDPR, you have the right to immediately request that we correct incorrect personal data concerning you. Taking into account the purposes of processing, you have the right to request the completion of incomplete personal data.

4.3 Right to deletion (“right to be forgotten”)

According to Art. 17 GDPR, you have the right to demand that personal data concerning you be deleted immediately, which obliges us to delete it immediately unless this is contrary to legal or contractual retention obligations. In this case, further processing of your data will be restricted.

If we have made personal data public and we are obliged to delete it, we will take appropriate measures, including technical ones, taking into account the available technology and the implementation costs, to protect those responsible for data processing who process the personal data in accordance with Article 19 GDPR to inform you that you have requested them to delete all personal data or any copies or replications of such personal data.

4.4 Right to restrict processing

According to Art. 18 GDPR, you have the right to request that we restrict the processing of your personal data. For example, you can ask us to only process the personal data that is absolutely necessary to provide our services.

4.5 Right to data portability

According to Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another person responsible without hindrance from us to transfer.

4.6 Right to object

According to Art. 21 GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which is carried out on the basis of Art. 6 Para. 1 lit. e or f GDPR . We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend our legal claims.

4.7 Right to revoke data protection consent

According to Article 6 Paragraph 1 Sentence 1 Letter a GDPR, you have the right to revoke your previously given consent to data processing without giving reasons. Unless the legality of the processing within the meaning of Art. 6 Para. 1 Sentence 1 GDPR justifies further data processing, your personal data must then be deleted immediately. Otherwise, the processing of your personal data must be temporarily restricted (blocked).

4.8 Right to complain to a supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement, if you believe that the processing of personal data concerning you is unlawful. Responsible for P24:

Bavarian State Office for Data Protection Supervision (BayLDA)

Promenade 18

91522 Ansbach

poststelle@lda.bayern.de

5 Data Security

We care about the security of your personal data within the framework of applicable data protection laws and technical possibilities. We implement the following technical, physical and organizational measures to maintain the security of your personal data from accidental or unlawful destruction or accidental loss, alteration, unauthorized use, alteration, disclosure or access and from all other unlawful forms of processing. Your personal data is transmitted to us in encrypted form. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is hardly possible. When personal information is accessed by authorized personnel, access is only possible via an encrypted connection. When accessing the data in a database, the IP number of the person accessing the data must also be pre-authorized to gain access. All access to personal data is blocked by default. Access to personal information is limited to individually authorized personnel. Our security and data protection officer grants authorizations and keeps a log of the authorizations granted. Thanks to our role and authorization concept, authorized employees are only granted the minimum access that they absolutely need for their tasks. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. System performance and availability is monitored by both internal and external monitoring services. Databases are continuously backed up to allow recovery at any point in time within a 35 day retention period. Backups are stored in file storage in the same geographic location as the database. To secure your data, we continue to develop technical and organizational security measures in line with the state of the art.

We also do not guarantee that our offering will be available at specific times; Malfunctions, interruptions or failures cannot be ruled out.

In the event that your data is compromised, we will email you and the relevant regulators within 72 hours about the extent of the breach, the data affected, any impact on the service and the plan of action to secure the data and limit it possible adverse effects on the persons affected. “Personal Data Security Breach” means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access of Personal Data transmitted, stored or otherwise in connection with the provision of the Service are processed.

6 Automated decision making

There is no automated decision-making based on the personal data collected.

7 Transfer of data to third parties, data transfer to non-EU/EEA countries

In principle, we only use your personal data within our company. In addition, your personal data will only be passed on if you have given your consent in accordance with Article 6 Paragraph 1 Sentence 1 lit b GDPR is necessary, we are subject to a legal obligation in accordance with Art. 6 Paragraph 1 Sentence 1 Letter f GDPR is necessary unless your interests or fundamental rights and freedoms that require the protection of personal data outweigh this. If and to the extent that we involve third parties in the context of fulfilling contracts, they will only receive personal data to the extent that the transmission is absolutely necessary for the corresponding service. In the event that we outsource certain parts of data processing (“order processing”), we contractually obligate our processors to only use personal data in accordance with the requirements of data protection laws and this data protection declaration and to ensure the protection of the rights of the data subject. There is currently no data transfer to institutions or persons outside the EU/EEA and outside of the cases mentioned in this declaration. Furthermore, it is only permitted under the special conditions set out in Article 44 ff. GDPR. In particular, GDPR adequate protection is then ensured through appropriate measures, such as standard contractual clauses of the EU Commission within the meaning of Art. 46 Para. 2 lit. d GDPR.

8 Data Protection Officer

If you have any questions about our data protection or this data protection declaration and would like to exercise your rights, please contact our data protection officer (see point 1.2 for contact details).

9 Changes to the privacy policy

P24 reserves the right to change the data protection declaration in order to adapt it to changed legal situations or changes to the service and data processing. However, this only applies with regard to declarations on data processing. If consent from the users is required or components of the data protection declaration contain regulations of the contractual relationship with the users, the changes will only be made with the consent of the users. Users are asked to regularly inform themselves about the content of the data protection declaration. You can save and print this data protection declaration at any time.