Privacy & Cookies Policy
As of July 25, 2020, updated: June 30, 2022
Here we inform you about data processing as part of the entire service on MOCHNI and its applications.
The responsible body for data processing on this website is:
Antonia Böhlke, Mansteinstraße 29, 20253 Hamburg, Germany
How is your personal data processed?
General for the purposes of data processing.
Consent to Processing
MOCHNI is authorized to archive stored information that MOCHNI needs for the purpose of preserving evidence, accounting or other purposes on a storage medium that is independent of MOCHNI.
We essentially process data in order to fulfill our contractual obligations towards our users. The processing of the data is a prerequisite for us to be able to propose sustainable brands and information to you in our Trusted Brand directory. In deviation from this, we process your data to safeguard our legitimate interests, taking into account your interests. And of course, in some cases we are legally obliged to process data (e.g. to release data to investigative authorities). In all other cases, we obtain separate consent from you for data processing.
MOCHNI operates an online magazine and database (directory of trusted brands) in the form of a website under the domain mochni.com that connects online users looking for sustainable brands or transparent information about them, as well as inspiring educational content focused on sustainability and well-being. MOCHNI provides online users with, among other things, transparent information of the trusted brands collected through the application form. In order to be included in the directory as a brand, the brand must fill out an application for (digital questionnare) and provide information. This information is essential for a functioning directory of Trusted Brands and publicly sharing the Trusted Brand ID.
2. Information you share with us.
This is data that we receive directly from you, for example:
– Full name
– Full name of CEO
– Portrait photo of CEO
– Company name
– Company address
– Company EU VAT ID
– Contact details (e.g. email address)
– Full name
– Full name of CEO
– Company name
– Company address
– Company EU VAT ID
– email address
Visibility in the Trusted Brand ID:
The following information is always and unrestrictedly visible to visitors of the website:
– Full name of CEO
– Portrait photo of CEO
We delete this data when your profile is deleted.
The legal basis for this processing of personal data is Art. 6 I b) EU GDPR
We will use the email address that you have given for sending the invoice. We also use the email address with your consent to send you regular newsletters and advertisements for your own similar products and services, MOCHNI news or surveys for the purpose of our own market research, unless you have objected to such use.
You can unsubscribe from the newsletter at any time by email using the link provided at the end of each newsletter.
We will completely delete the email address (s) at the latest when your user account is deleted.
The legal bases for this processing of personal data are Art. 6 I f) (regarding newsletters) and Art. 6 I b) EU GDPR.
We collect and use your invoice data for invoicing. Your invoice data will be saved for the billing.
– company name, name, address, email address, EU VAT ID
Billing data can never be viewed by other users.
We store this data until your profile is deleted or beyond until the data are no longer subject to tax, commercial law or other legal storage obligations.
The legal basis for this processing of personal data is Art. 6 I b) EU GDPR.
Our website uses so-called “cookies”. Cookies are small text files and do no damage to your device. They are either stored temporarily on your device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.
In some cases, third-party cookies can also be stored on your device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions you require (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) on the basis of Art. 6 para. 1 lit. f GDPR saved, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the relevant cookies takes place exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR); the consent can be revoked at any time.
Insofar as third-party cookies are used or for analysis purposes, we will inform you of this separately in the context of this data protection declaration and, if necessary, ask for your consent.
Data as part of the exchange with our customer service
If you contact us by email, phone or fax, your request, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected. Copies of ID documents that we receive from you for verification will only be saved by us for the fulfillment of this purpose and will usually be deleted after 30 days at the latest.
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. GDPR) or on your consent (Art. 6 Para. 1 lit. was queried.
3. Who receives personal data?
Here you can find out who we pass on data to, what purpose this serves and how you can individually set your privacy at MOCHNI. We only pass on your personal data to third parties if this is necessary to fulfill our business purposes, e.g. if we make your profile accessible to another user, you have given your consent (e.g. to use an external application), we are legally, legally or officially obliged to do so.
Your billing data and other necessary data for the settlement of billing and, if applicable, collection to service providers such as get sorted or collection service provider, or collected directly from them, and processed there. Your billing data will be saved to enable billing when the usage relationship is automatically extended.
Data transfers to third countries take place, but only in compliance with the legally regulated admissibility requirements.
In particular, we make certain data available to other users or third parties worldwide to fulfill our contract with you. Neither an adequacy decision in accordance with Art. 45 EU-DSVGO nor suitable guarantees in accordance with Art. 46 EU-DSVGO are required for this. If the transmission of the data to a third country does not serve to fulfill our contract with you, we have no consent from you, the transmission is not required to assert, exercise or defend legal claims and no other exemption applies, we will only transfer your data to a third country if there is an adequacy decision in accordance with Art. 45 EU-DSVGO or suitable guarantees in accordance with Art. 46 EU-DSVGO.
Copies of the EU standard data protection clauses are available on the website of the European Commission. https://ec.europa.eu/info/law/law-topic/data-protection_en
- Government agencies and courts
- Technical service providers
- Hosting service provider
- Email delivery service provider
- Email marketing service provider
- CRM service provider
- Software developer
- Provider of usage analysis tools
We use Google Analytics in conjunction with IP anonymization. You guarantee that Google will use your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the United States. There may be exceptional cases in which Google transmits the full IP address to a server in the USA and shortens it there. On our behalf, Google will use this information to improve your use of the website to create reports on website activities and to provide us with other services related to website and internet use. It does not find any combination of the data transmitted by Google Analytics IP address with other data held by Google.
The setting of cookies by your web browser is preventable. However, some functions of our website may be restricted by this. You may also opt out of receiving information about your website usage, including your IP address, including your IP address subsequent processing by Google. This is possible by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set which prevents the collection of your data on future visits to our website: Disable Google Analytics.
To fully comply with legal data protection requirements, we have concluded an order processing agreement with Google.
Demographic features on Google Analytics
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
What rights can you exercise?
Here you can get detailed information about your rights:
– Your right to object
– Your right to information
– Your right to cancellation
– other rights
You have the right to object at any time to the processing of personal data relating to you, which is carried out in accordance with Article 6 (1) (f) EU GDPR. Please send an email to firstname.lastname@example.org for your objection.
Right to object to data collection in special cases and direct advertising (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS FOR YOUR SPECIAL SITUATION; THIS IS ALSO APPLICABLE TO PROFILING BASED ON THESE PROVISIONS. THE RELEVANT LEGAL BASIS ON WHICH PROCESSING IS BASED IS TAKEN FROM THIS PRIVACY STATEMENT. IF YOU SUBJECT, WE WILL NO LESS PROCESS YOUR PERSONAL DATA, UNLESS WE CAN PROVIDE OBLIGATORY PROTECTED REASONS FOR PROCESSING THAT PROVIDES YOUR INTERESTS, RIGHTS AND DISCLAIMER OF IMPRESSION. OPPOSITION ACCORDING TO ARTICLE 21 (1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED TO OPERATE DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AGAINST THE PROCESSING AT ANY TIME
SUBJECT PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS IS ALSO APPLICABLE TO PROFILING, AS FAR AS IT IS CONNECTED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBLIGATION UNDER ART. 21 (2) GDPR).
Direct Mail / Newsletter
You can unsubscribe from the newsletter at any time by email using the link provided at the end of the respective newsletter or send an email to email@example.com for your objection.
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, the data subject has the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only take place if it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this page uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, the right to correct or delete this data. You can contact us at any time by sending an email to firstname.lastname@example.org.
Right to restriction of processing
You have the right to request that the processing of your personal data be restricted. You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
If you contest the accuracy of your personal data stored with us, we usually need time to check this. For the duration of the check, you have the right to request that the processing of your personal data be restricted. If the processing of your personal data happened / happens unlawfully, you can request the restriction of the data processing instead of the deletion.
If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of being deleted. If you have filed an objection in accordance with Art. 21 Para. 1 GDPR, you and our interests must be weighed up. As long as it is not clear whose interests outweigh the rights, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be obtained with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest the European Union or a Member State.
Last updated June 30, 2022.