Mercku Privacy Policy
Last revised October 19, 2020
The purpose of this Privacy Policy is to provide simple, clear and complete information to natural persons ("you", "your", "yours") on the processing of personal data concerning you and made possible by the use of the mobile application provided by MERCKU.
In the event where you would be using MERCKU’s mobile app via the services of your Internet Service Provider, please refer to its Privacy Policy for more information regarding your data.
Before communicating us your personal data and giving us your consent if applicable, we recommend that you read this Privacy Policy carefully.
In order to best meet your expectations and offer you an optimal user experience, MERCKU collects your personal data by various means in the context of the use of our mobile application and products. You must be assured of the confidentiality of the information you exchange with us. MERCKU undertakes to you not to breach your privacy and ensure that the collection and storage of your personal data is transparent and secure.
MERCKU ensures that the fundamental principles of data protection are respected for each processing operation:
Legitimacy: data will only be collected for specific, explicit and legitimate purposes. The processing will not involve sensitive data (racial or ethnic origins, political, philosophical or religious opinions, trade union membership, health, sexual life, offences, convictions or security measures).
Relevance and Accuracy: we ensure that the data collected are adequate, relevant and not excessive in relation to the purposes for which they are collected, and that they are accurate, complete and, where necessary, kept up to date.
Transparency: at the time of collection of your personal data, you will be informed of any information relating to the collection and processing of data concerning you, including the purpose of the collection.
Limitation of retention: personal data will be kept for a period not exceeding the time necessary for the purposes for which it is collected and processed.
Consent: your consent will be required prior to any collection of personal data for purposes that will be specified to you at the time of collection.
Access, rectification, opposition: at any time, you have the possibility to access, request rectification or deletion of your personal data. You may also object to the use of your personal data. To exercise these rights, please refer to article 11 of the Policy.
Confidentiality & Security: MERCKU undertakes to process your personal data in such a way as to guarantee the confidentiality and security of your personal data by implementing appropriate technical and organizational measures.
This Privacy Policy covers processing operations carried out in the context of:
When you are using the mobile application independently from your Internet Service Provider, for all of these Processing operations MERCKU is the entity that determines the means and the purposes and thus acts as Data Controller within the meaning of the applicable regulations on personal data and in particular EU Regulation 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (hereinafter “GDPR”).
In the event where you would be using MERCKU’s mobile app via the services of your Internet Service Provider, the latest acts as Data Controller and MERCKU as its Data Processor within the meaning of the applicable regulations on personal data. Please refer to your ISP’s Privacy Policy for more information regarding your data.
Depending on the type of our relationship with you, we may request information about you, such as:
Depending on the purposes for which your personal data will be processed, the collection may take place at various times including:
MERCKU collects and processes your data for the purposes of:
Internally, to the authorized departments responsible for accessing and processing your data are:
Externally, your data may be transferred to:
We never share your personal data with other companies for marketing purposes without your consent.
In the context of service contracts concluded by MERCKU, the recipients of your personal data may be located abroad, including outside the European Economic Area (EEA) in countries where the data protection legislation differs from that applicable within the EEA.
Any transfer of data outside the EEA is subject to appropriate contractual clauses and other safeguards in accordance with applicable data protection regulations.
MERCKU is committed to protecting your personal data against any loss, destruction, alteration, unauthorized access or disclosure.
To this end, MERCKU implements the appropriate technical and organizational measures, given the nature of the data and the risks involved in processing it, to preserve the security and confidentiality of your personal data.
These measures may notably include practices such as limited access to personal data by MERCKU employees, contractual guarantees in the event of recourse to an external service provider, the performance of privacy impact studies, regular reviews of practices and procedures on MERCKU’s information systems, physical and/or logical security measures (secure access, authentication process, backup copies, antivirus software, firewalls, etc.).
In accordance with data protection regulations, your personal data will be retained only for the period required for the purpose for which the data have been collected and processed.
Since the retention needs may vary according to the particular purpose, the personal data retention period may also vary. The criteria used to determine the retention period are, in particular, the following:
These retention periods may vary depending on the country you are based.
In accordance with the regulations in force, you have the right to access and rectify your personal data as well as, insofar as applicable, the right to request its deletion, the right to oppose the processing of your data for a legitimate reason and to obtain its limitation or portability.
When you exercise your rights, your personal data will be processed for the purposes of handling your request (surname, first name, nature of the request, response given). These data are kept for a period of one year or six years, depending on the right exercised, with the exception of the copy of the identity card, which will always be kept for one year.
You may exercise these rights or ask any question relating to the management of your personal data by MERCKU by contacting:
By e-mail to the following address: support@mercku.com
By mail to the following address: Akazienstr. 3A, 10823 Berlin, Germany
Where there is reasonable doubt as to the identity of the applicant, proof of identity may be requested where appropriate.
You also have the right to refer any complaint relating to the way in which MERCKU collects and processes your data to your Data Protection Authority.
MERCKU does not collect children’s personal data for the realization of its purpose.
This Policy may change from time to time. We will keep you informed of these changes but we also invite you to consult it regularly.