Status: August 19, 2024
This Privacy Policy describes how your personal data is collected, used and shared when you use this website.
This Privacy Policy may be updated periodically and without notice to reflect changes in how we handle personal data. The current version will be published on our website, including the date of the last update. We recommend that you check the privacy policy occasionally to stay informed of the latest changes.
Finodo is operated by
(hereinafter referred to as “Finodo” or “we”)
as the controller responsible for the processing of your personal data within the meaning of the European Union's General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act (“BDSG”).
a. Visiting our website
We operate a website at https://www.finodo.com where you can find information about various (financial) products. In this section, we explain how we process your personal data when you visit our website.
The publication of our website requires the collection and storage of various data, including personal data within the meaning of Art. 4 (1) GDPR. This data is pseudonymized and stored in a structured manner in order to comply with our processes and legal requirements. The processing is based on our legitimate interest in accordance with Art. 6 (1) lit. f GDPR to ensure the security of our services. Details on retention periods, purposes, scope and legal bases are set out in the following sections of this privacy policy.
Aa. Hosting & Logfiles
When you visit our website, log files are automatically recorded by the web server. These contain personal data such as:
The data is stored temporarily, but not combined with other personal data. The processing is technically necessary and serves the security of our IT systems and the defense against attacks. This processing is carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. The log files are deleted or anonymized after 14 months at the latest to enable forensic investigations and to improve the security of our website.
All of the above data is stored in data centers that comply with current security standards. The data is hosted via Google Cloud, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Bb. Marketing and Tracking
In this section, we inform you about the marketing and analysis processes used on our website, which only take place with your express consent. You give this consent via the cookie consent banner that appears when you first visit our website.
Marketing and analysis tools are deactivated by default. You can allow all cookies via “All clear” or reject the use of cookies, and you can change your consent at any time by deleting the cookies via your browser. The processing is always based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Aaa. Google Tag Manager
Our website uses Google Tag Manager, a solution that allows us to manage so-called website tags via an interface. The Google Tag Manager itself does not collect any personal data. However, it triggers other tags, which in turn may collect data. Google Tag Manager itself does not access this data. The tags that we integrate on our website using Google Tag Manager are described in the following sections.
You can find more information about Google Tag Manager in Google's terms of use:www.google.com/intl/de/tagmanager/use-policy.html
Bbb. Google Ads
We use Google Ads Conversion to measure the success of our advertising measures. If you access our website via a Google ad, a Google cookie is stored on your device that collects information such as ad clicks and impressions without identifying you personally. These cookies expire after 30 days.
Google uses the cookie to recognize when you have clicked on an ad and have been redirected to our website. We only receive anonymized, statistical evaluations that help us to assess the effectiveness of our advertising. We do not collect any personal data ourselves. However, Google may link data to your account if you are logged in to Google
Our aim is to show you relevant advertising and to optimize our website.
Ccc. Facebook Pixel
We use Facebook's marketing functions on our website, which enable behavior-based advertising (“Facebook ads”) with the help of tracking pixels and cookies. This also serves to optimize our advertising campaigns.
Your browser automatically establishes a connection to the Facebook servers. Facebook thus receives information that you have visited our website or clicked on one of our ads. If you are logged in to Facebook, this visit can be assigned to your account. Even without a Facebook account, Facebook can collect data from your IP address and use it for its own or third-party advertising purposes.
Facebook can combine the information collected via the pixel with other data to create a user profile and display targeted advertising. The aim is to present you with interest-based advertising and to make our offer more attractive.
Facebook may transfer personal data to third countries. You can find more information on this in section 5 of our privacy policy.
You can find out how to deactivate behavioral advertising in your Facebook account here: www.facebook.com/help/568137493302217.
You can find more information on data processing by Facebook here: https://de-de.facebook.com/about/privacy.
Ddd. TikTok Pixel
We use the TikTok pixel on our website to share website events with TikTok. This allows us to measure website traffic, evaluate the performance of our advertising campaigns and optimize campaigns.
The pixel collects information such as:
TikTok may transfer personal data to third countries. You can find more information on this in section 5 of our privacy policy.
You can find out how to disable behavioral advertising in your TikTok account here:https://www.tiktok.com/privacy/ads-and-your-data/de
You can find more information on data processing by TikTok here: www.tiktok.com/legal/page/eea/privacy-policy/de.
Eee. Universal Event Tracking - Microsoft Advertising
Our website uses Microsoft Advertising (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) technologies to collect data and create pseudonymized user profiles. This service enables us to track the activities of users who have reached our website via Microsoft advertisements. When you click on an ad and visit our website, a cookie is placed on your device and a UET tag is embedded that stores information such as time spent on the site and areas visited.
Microsoft uses this data to identify successful campaigns and to optimize advertising measures in a targeted manner. It can also be used to create user groups and display targeted advertising. The cookies are stored for up to 1 year and 25 days.
You can object to the collection of data via this link: https://account.microsoft.com/privacy/ad-settings/.
Further information on data collection and data protection at Microsoft can be found here:
Fff. Snap
We use the “Audience Match” and “Conversion” technologies from Snap, Inc. (3000 31st Street, Santa Monica, CA, 90405 USA) for remarketing on our website. This allows us to optimize our advertising on Snapchat, display it in a targeted manner and measure the success of our campaigns. With your consent, we use cookies from Snap, which are stored on your device.
This technology allows us to track when and how visitors interact with our website. Snap can also use the collected data for its own or third-party advertising purposes and derive interests from it. We store the information for 13 months.
Snap may transfer personal data to third countries. You can find out more about this in section 5 of our privacy policy.
Information on deactivating this setting in your Snap account can be found here: https://support.snapchat.com/de-DE/a/advertising-preferences. Further details on data processing by Snap can be found at: https://snap.com/de-DE/privacy/privacy-policy
Ggg. Google Analytics
We use Google Analytics to create pseudonymous user profiles and to optimize our websites. Google Analytics places targeting cookies on your end device to recognize returning visitors and analyze usage frequencies. The following data is collected:
The IP addresses are partially masked to prevent them from being assigned. We also use Google Analytics for cross-device analysis to find out which channel you used to reach us, if you agree.
On our website, you have the option of applying for certain products, comparing them and creating a customer area. The processing of your data to apply for a product, to compare personalized credit offers on www.finodo.com and to provide a customer area is carried out in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR. We store your personal data for these purposes.
We also process your data in order to personalize your application process and your customer area with products that are suitable for you. When collecting and processing data, we limit ourselves to the data that is relevant for our product partners in order to offer you the most reliable and personalized application process possible.
If you decide to apply for a product, you will see the respective recipient in the input form area before your data is transmitted. The data is then transmitted for the purpose of performing the contractual service. The processing of your data by the product partner is governed by the partner's privacy policy, which is displayed to you before the data is transmitted.
The following categories of data are collected or processed as part of the application process or creation of a customer area:
Depending on the product you request, not all of these data categories may be requested.
Your data processed to apply for a product or create a customer area will generally be stored until you object to our further use of your personal data or further processing can no longer be based on a legal basis.
We will inform you about our services and offers by email, SMS or WhatsApp. This will only take place with your express consent, which can be revoked at any time. The processing and sending of advertising communication is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR in conjunction with Art. 95 GDPR. We also send advertising on the basis of Section 7 (3) UWG. You have the right to object to advertising contact at any time in accordance with Art. 21 Para. 2 GDPR and Section 7 Para. 3 No. 4 UWG. To do so, you can use the unsubscribe link in our email advertising or object informally via the respective means of communication through which you were contacted
If you have given your consent, we may also use your personal data to send you offers compiled for you (Art. 6 para. 1 sentence 1 lit. a GDPR - consent). You can withdraw your consent at any time with effect for the futur
Aa. E-mail dispatch
We use the services of AWeber (AWeber Systems, Inc., 1100 Manor Dr., Chalfont, PA 18914, United States) and Postmark (AC PM, LLC, 1 N Dearborn Street, Suite 500, Chicago, IL 60602, United States) to send e-mails. These providers organize and analyse the sending of emails to determine whether an email arrives in your mailbox, whether an email has been opened and whether any links are clicked.
AWeber and Postmark use so-called “web beacons” - small, invisible graphics that are automatically loaded by the web server when the email is opened. This registers that the e-mail has been displayed and read.
The processing of this data is used for effective communication and optimization of our newsletter marketing. It also helps us to improve the relevance of our content. The legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Options to object You can prevent the analysis of emails sent to you by deactivating the reloading of external content in your email program. See the instructions for your email program. If you no longer wish to receive emails from us, you can use the “unsubscribe” link at the end of each email to exercise your right to object. Alternatively, you can also send us an email to data@finodo.com to be removed from the mailing list.
Possibilities of objection
You can prevent the analysis of emails sent to you by deactivating the reloading of external content in your email program. See the instructions for your e-mail program. If you no longer wish to receive emails from us, you can use the “unsubscribe” link at the end of each email to exercise your right to object. Alternatively, you can also send us an email to data@finodo.com to be removed from the mailing list.
Some of our service providers may transfer your personal data to countries outside the European Economic Area (EEA), such as the United States or the United Kingdom.
We ensure that your rights under the GDPR remain protected even in the event of such a transfer. This is done through appropriate measures such as the use of standard data protection clauses (Art. 46 para. 2 lit. c GDPR) or binding corporate rules (Art. 47 GDPR).
Some countries have also received an “adequacy decision” from the EU Commission, which confirms that they offer an adequate level of protection for your data. You can find the current countries with such decisions here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.
Here we provide an overview of which service providers may transfer personal data to third countries and which transfer mechanisms are used. Details on the processing activities of these service providers can be found in the previous sections.
Dienstleister, die bei der Übermittlung personenbezogener Daten in Drittländer auf Standardvertragsklauseln gemäß Art. 46 Abs. 2 lit. c DSGVO setzen:
| Service Provider | Purpose of Processing | Recipient Country |
|---|---|---|
| Google Cloud | Data Hosting | United States |
| Google Analytics | Website Usage | United States |
| AWeber | Email Sending | United States |
| Postmark | Email Sending | United States |
| Snap | Marketing Performance Analysis, Advertising | United States |
| Microsoft Advertising | Marketing Performance Analysis, Advertising | United States |
| Facebook, Instagram | Marketing Performance Analysis, Advertising | United States |
| Google Ads, Youtube | Marketing Performance Analysis, Advertising | United States |
| TikTok | Marketing Performance Analysis, Advertising | United Kingdom |
As a data subject, you can exercise the following rights if the respective legal requirements are met:
To exercise your right, you can send us an email to data@finodo.com. In order to be able to process your request and identify you, we would like to point out that we will process your personal data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR.
Furthermore, you have the right to lodge a complaint with a supervisory authority, Art. 77 GDPR i.V.m. § 19 BDSG.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR.
We will no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. You have the option of exercising your right to object in connection with the use of information society services - notwithstanding Directive 2002/58/EC - by means of automated procedures using technical specifications
You can object to the processing of your personal data at any time, e.g. via our contact form as described in point 4 of the data protection information