Mercku Privacy Policy

Last revised October 19, 2020

 

The purpose of this Privacy Policy is to provide simple, clear and complete information to natural persons ("you", "your", "yours") on the processing of personal data concerning you and made possible by the use of the mobile application provided by MERCKU.

In the event where you would be using MERCKU’s mobile app via the services of your Internet Service Provider, please refer to its Privacy Policy for more information regarding your data.

Before communicating us your personal data and giving us your consent if applicable, we recommend that you read this Privacy Policy carefully.

 

1.  MERCKU’S COMMITMENT TO PROTECTING END USERS’ PRIVACY AND PERSONAL DATA

In order to best meet your expectations and offer you an optimal user experience, MERCKU collects your personal data by various means in the context of the use of our mobile application and products. You must be assured of the confidentiality of the information you exchange with us. MERCKU undertakes to you not to breach your privacy and ensure that the collection and storage of your personal data is transparent and secure.

 

2.  PROTECTION OF PERSONAL DATA: THE PRINCIPLES

MERCKU ensures that the fundamental principles of data protection are respected for each processing operation:

Legitimacy: data will only be collected for specific, explicit and legitimate purposes. The processing will not involve sensitive data (racial or ethnic origins, political, philosophical or religious opinions, trade union membership, health, sexual life, offences, convictions or security measures).

Relevance and Accuracy: we ensure that the data collected are adequate, relevant and not excessive in relation to the purposes for which they are collected, and that they are accurate, complete and, where necessary, kept up to date.

Transparency: at the time of collection of your personal data, you will be informed of any information relating to the collection and processing of data concerning you, including the purpose of the collection.

Limitation of retention: personal data will be kept for a period not exceeding the time necessary for the purposes for which it is collected and processed.

Consent: your consent will be required prior to any collection of personal data for purposes that will be specified to you at the time of collection.

Access, rectification, opposition: at any time, you have the possibility to access, request rectification or deletion of your personal data. You may also object to the use of your personal data. To exercise these rights, please refer to article 11 of the Policy.

Confidentiality & Security: MERCKU undertakes to process your personal data in such a way as to guarantee the confidentiality and security of your personal data by implementing appropriate technical and organizational measures.

 

3.  SCOPE

This Privacy Policy covers processing operations carried out in the context of:

  • The creation of your account and your authentication on the mobile application.
  • Management of troubleshooting, app crash log and customer service.

When you are using the mobile application independently from your Internet Service Provider, for all of these Processing operations MERCKU is the entity that determines the means and the purposes and thus acts as Data Controller within the meaning of the applicable regulations on personal data and in particular EU Regulation 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data (hereinafter “GDPR”).

In the event where you would be using MERCKU’s mobile app via the services of your Internet Service Provider, the latest acts as Data Controller and MERCKU as its Data Processor within the meaning of the applicable regulations on personal data. Please refer to your ISP’s Privacy Policy for more information regarding your data.

 

4.   PERSONAL DATA COLLECTED

Depending on the type of our relationship with you, we may request information about you, such as:

  • Identification data (Name; Username; Third party login account…);
  • Contact details (mobile phone number; email address…);
  • Connection and navigation data (Mobile terminal alias; IP address; MAC address; Connection information…);
  • Information provided by you in the context of a contact request and, if applicable, the content of the message, as well as any information communicated subsequently during your exchanges with the customer service.

 

5.   TIME OF COLLECTION

Depending on the purposes for which your personal data will be processed, the collection may take place at various times including:

  • When you register to the mobile application.
  • When you get in touch with MERCKU’s customer service.

 

6.   PURPOSES AND LEGAL BASIS OF PROCESSING

MERCKU collects and processes your data for the purposes of: 

  • processing to your registration on the mobile application, on the basis of the consent you express by ticking the checkbox before sending us your information;
  • improving our products, in particular through a better perception of your wishes and needs, on the basis of our legitimate interest in responding to market demand;
  • to secure and improve your use of the MERCKU mobile application (location permission, data security…) on the basis of our legitimate interests and/or your consent if applicable;
  • ensuring the best possible response to any malfunction you may encounter using our product and application, on the basis of the execution the contract binding us;
  • responding to all your requests made to the customer service, on the basis of the consent expressed by submitting your contact request.

 

7.   RECIPIENTS OF YOUR PERSONAL DATA 

Internally, to the authorized departments responsible for accessing and processing your data are:

  • The development team;
  • The customer service team.

Externally, your data may be transferred to:

  • technical service providers chosen for their expertise and reliability who act on our behalf and according to our instructions (IT subcontractor, host of our servers, etc.);
  • local authorities in the context of a legal obligation or at the request of an administrative authority authorized to make this type of request.

We never share your personal data with other companies for marketing purposes without your consent.

 

8.   INTERNATIONAL DATA TRANSFER

In the context of service contracts concluded by MERCKU, the recipients of your personal data may be located abroad, including outside the European Economic Area (EEA) in countries where the data protection legislation differs from that applicable within the EEA.

Any transfer of data outside the EEA is subject to appropriate contractual clauses and other safeguards in accordance with applicable data protection regulations.

 

9.   SECURITY

MERCKU is committed to protecting your personal data against any loss, destruction, alteration, unauthorized access or disclosure.

To this end, MERCKU implements the appropriate technical and organizational measures, given the nature of the data and the risks involved in processing it, to preserve the security and confidentiality of your personal data.

These measures may notably include practices such as limited access to personal data by MERCKU employees, contractual guarantees in the event of recourse to an external service provider, the performance of privacy impact studies, regular reviews of practices and procedures on MERCKU’s information systems, physical and/or logical security measures (secure access, authentication process, backup copies, antivirus software, firewalls, etc.).


 

10.   DATA RETENTION

In accordance with data protection regulations, your personal data will be retained only for the period required for the purpose for which the data have been collected and processed.

Since the retention needs may vary according to the particular purpose, the personal data retention period may also vary. The criteria used to determine the retention period are, in particular, the following:

  • the existence of a legal obligation to retain the data for a certain period of time;
  • an administrative interest in retaining your personal data;
  • the existence of a contract between you and MERCKU;
  • the time limits of the applicable legal provisions.

These retention periods may vary depending on the country you are based.

 

11.   YOUR RIGHTS REGARDING YOUR PERSONAL DATA

In accordance with the regulations in force, you have the right to access and rectify your personal data as well as, insofar as applicable, the right to request its deletion, the right to oppose the processing of your data for a legitimate reason and to obtain its limitation or portability.

When you exercise your rights, your personal data will be processed for the purposes of handling your request (surname, first name, nature of the request, response given). These data are kept for a period of one year or six years, depending on the right exercised, with the exception of the copy of the identity card, which will always be kept for one year.

You may exercise these rights or ask any question relating to the management of your personal data by MERCKU by contacting:

By e-mail to the following address: support@mercku.com

By mail to the following address:  Akazienstr. 3A, 10823 Berlin, Germany

Where there is reasonable doubt as to the identity of the applicant, proof of identity may be requested where appropriate.

You also have the right to refer any complaint relating to the way in which MERCKU collects and processes your data to your Data Protection Authority.

 

12.   PROTECTION OF CHILDREN'S PERSONAL DATA

MERCKU does not collect children’s personal data for the realization of its purpose.

 

13.   UPDATE

This Policy may change from time to time. We will keep you informed of these changes but we also invite you to consult it regularly.