Go back

Data protection

This website is an offer of PAIR Finance GmbH, Berlin, (hereinafter: “PAIR Finance” or “we”, “us”, etc.).

We value your trust, respect your privacy and take great care to protect your data and its confidentiality.

With this data protection information, we would like to inform you in accordance with Art. 13 and Art. 14 of the European Data Protection Regulation (hereinafter: DSGVO) – Regulation (EU) 2016/679 – how and which personal data we generally within the scope of our services and

A.) generally within the scope of our services and

in addition thereto

B.) in the context of the use of our website,

C.) through the use of cookies when visiting our website,

D.) in the context of a business relationship on our service platform, and

E.) in the context of customer service calls

collect and process data.

In addition, you will find our

F.) Data protection information in relation to our application procedures pursuant to Art. 13 DSGVO.

Detailed data protection information regarding our legal services provided by the respective PAIR Finance company to consumers and, if applicable, other persons involved in the respective matter for debt collection pursuant to Art. 13 or Art. 14 of the GDPR can be found here.

Terminology:

The terms used in the context of this data protection declaration, such as “controller”, “personal data” or “processing”, among others, have the meaning defined in Art. 4 of the GDPR.

“Controller” within the meaning of the GDPR is the person who decides on the purposes and means of data processing.

“Personal data” are basically all information about personal or factual circumstances of an identified or identifiable natural person, such as name, telephone number or address. It is all characteristics or information with which an identification of a person can be made possible.

The “processing” of personal data is any operation related to personal data, such as collection, storage, use, communication or erasure of personal data.

Any processing must be carried out for a predetermined or compatible purpose and on the basis of a legal basis. In the following, you will find out, among other things, for which purposes and on the basis of which legal basis the data processing takes place at our company.

A. General data protection information pursuant to Art. 13 and 14 DSGVO

I. Name and address of the responsible person

PAIR Finance GmbH
Hardenbergstraße 32
10623 Berlin
Deutschland

Tel.: +49 (0) 30 340 602 950
E-Mail: info@pairfinance.de
Website: www.pairfinance.com

PAIR Finance GmbH is represented by the managing director Stephan Stricker.

II. Contact details of our data protection officer

For all questions and concerns regarding data protection, the data protection team of PAIR Finance is available to you by e-mail at datenschutz@pairfinance.de. In addition, it is also possible to contact the data protection officer by post at the address given in the imprint (keyword: “data protection officer”).

III. purposes and legal basis for our data processing activities

  • We process personal data for the purpose of providing our contractual or pre-contractual services and obligations with (potential) contractual partners and clients (and the contact persons there), including data processing that serves the purpose of debt collection in accordance with the contract from persons about whom we have been informed by our clients that they owe a payment, as well as debt management. If third parties (e.g. from the legal profession or debt counseling) contact us on behalf of persons about whom we have been informed by our clients that they have not paid a debt, we will also process the personal data of the third parties for the aforementioned purposes. These are then considered to be data subjects themselves. You can find more detailed data protection information relating to debt collection and debt management by us below under our data protection information relating to our legal services.
    The legal basis for the aforementioned data processing is Article 6 (1) (b) and (f) DSGVO or Section 24 (1) No. 2 BDSG. The data processing is necessary for the performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures taken at the request of the data subject, or it is necessary for the protection of our legitimate interests of the controller or a third party, or specifically for the assertion, exercise or defense of civil claims.
  • We also process personal data in the form of technical information about the terminal device used and information about the use of the online payment page for the purpose of adapting the presentation of the content for the respective (data subject) using the online payment page and for the purpose of enabling the respective user-friendly and secure repayment of a claim processed by us. More detailed data protection information regarding the use of the online payment page can be found under our data protection information regarding our legal service. The legal basis for the data processing is the consent of the respective person pursuant to Art. 6 (1) (a) and Art. 7 DSGVO.
  • We process personal data for the purpose of enabling the visit of our website and to ensure the permanent functionality, availability and security of our systems, i.e. for the proper optimization of our website. You can find more information below under point B.).
    The legal basis for this data processing is Art. 6 (1) (f) DSGVO.
  • If a person contacts us (e.g. via online contact form, email, telephone or via social media), we process the personal data provided for the purpose of contacting the inquiring person and being able to respond to their inquiry. Further information regarding data processing via our online contact form can be found below under point B.). The legal basis for the data processing is Art. 6 (1) (b) and (f) DSGVO.
  • We process personal data for the purpose of (further) developing new or existing products in an appropriately secured environment, if the data is still processed for another purpose.
    The legal basis for the data processing is Art. 6 para. 1 letter f DSGVO.
  • We process personal data for the purpose of the employment relationship, insofar as it is necessary for the decision on hiring or, after the employment relationship has been established, for its implementation. Further information can be found below under point E.).
    The legal basis for data processing is Section 26 of the BDSG.
  • Finally, we process personal data for the purpose of fulfilling legal obligations, in particular for the fulfillment of legal retention obligations (e.g. from the AO or the HGB).
    The legal basis for this data processing is Art. 6 para. 1 letter c) DSGVO.

IV. Possible recipients of personal data

1. service providers

We transmit personal data to service providers carefully selected, commissioned and controlled by us within the framework of a contract processing relationship pursuant to Art. 28 DSGVO. They are also bound by our instructions and have suitable technical and organizational measures within the meaning of Art. 32 DSGVO to protect the rights of data subjects.

The operation of our online and service offerings requires hosting and infrastructure services, for which we use appropriate service providers.

Within the scope of our commissioned services, we also transmit personal data to service providers, for example, for the query of geographic, address or creditworthiness data as well as for the initiation of a communication, in particular mail providers, for the dispatch of letters, message services as well as for ticket and support solutions.

2. other possible recipients

In the context of debt collection, we also transfer personal data to our customers and, if necessary, to recipients of the following categories, insofar as this is necessary in the individual case and for the respective purpose: assignees, credit agencies, authorized persons, third-party debtors, external consultants, courts, bailiffs, associations, (judicial) administrative authorities.

V. Categories of data we may process

We may process data – depending on the purpose and the person/company from whom we process data – of the following categories:

  • Master/Personal Data
  • contact data
  • contract data
  • Payment/receivables data (incl. supporting documents)
  • Bank details
  • communication data
  • Valuation data
  • IP addresses/device data
  • Login data
  • Technical usage data
  • In individual cases, if required by law: data of special categories

VI. Origin of the data

The data may originate

  • from our contractual partners/clients who have commissioned us with the respective collection of receivables from the persons against whom we are asserting the claim
  • from the persons concerned themselves or from the authorized persons representing them
  • service providers, including credit agencies and address service providers
  • from third-party debtors
  • from courts
  • from bailiffs
  • from publicly accessible sources
  • from associations
  • from (judicial) administrative authorities.

VII. Transfer of personal data to third countries (outside the EEA area)

If we transfer data to service providers who cannot completely exclude the possibility that data will be processed outside the European Economic Area (EEA), this will be done in accordance with the legal requirements. For example, we only transfer data to service providers in countries with a recognized level of data protection for which the EU Commission has taken so-called adequacy decisions, or to those that are subject to a sufficient contractual obligation through so-called standard data protection clauses of the EU Commission or binding internal data protection regulations (Art. 44 to Art. 49 DSGVO).

 VIII. storage period

Our data processing generally takes place in the European Economic Area (EEA). If we transfer data to service providers who process data outside the European Economic Area (EEA) or if the processing takes place using third-party services outside the EEA, this is done in accordance with the legal requirements.

For example, we only transfer data to service providers in countries with a recognized level of data protection or which are subject to a sufficient contractual obligation through so-called standard data protection clauses of the EU Commission or binding internal data protection regulations (Art. 44 to 49 GDPR).

In the event of payment of the outstanding claim or termination of the debt collection procedure for other reasons, we will check after expiry of the individually applicable limitation period, regularly after approx. 3 years, whether we still need your data for further legal prosecution and whether deletion conflicts with statutory retention obligations.

For example, there are obligations to retain data in accordance with Section 147 of the German Fiscal Code (AO) and Section 257 of the German Commercial Code (HGB). These laws are also applicable to your matter, as we, as a company based in Germany, are subject to German tax and commercial law. The retention period based on these legal obligations is generally six or ten years.

IX. Rights of the data subject

If the respective legal requirements are met, every data subject within the meaning of the GDPR has the following rights:

  • Right to information about the data stored about you (Art. 15 DSGVO)
  • Right to correction of incorrect data (Art. 16 DSGVO)
  • Right to erasure (Art. 17 DSGVO) or
  • Right to restriction of processing (Art. 18 DSGVO)
  • Right to data portability (Art. 20 DSGVO).

  • RIGHT OF OBJECTION (Art. 21 DSGVO): To the extent that we process personal data on the basis of legitimate interests pursuant to Art. 6(1)(f) DSGVO, any data subject has the right to object to the processing of your data pursuant to Art. 21 DSGVO and to provide us with reasons based on their particular situation which they consider to override your legitimate interests. If your interests are not overridden or if the processing serves the assertion, exercise or defense of legal claims, we may continue the data processing even after the objection. If it is a matter of an objection to data processing for direct marketing purposes, there is a general right to object, which will also be implemented by us without giving reasons.
  • RIGHT TO REVOKE CONSENT GIVEN (Art. 7(3) DSGVO): Every data subject has the right to revoke consent given to us at any time. This has the consequence that we no longer continue the data processing based on this consent for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

In order to assert the rights described here, you can contact us at any time and not bound to any specific form at the contact details mentioned in section I. or section II. above.

Finally, as a data subject, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.

The supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information. The address is: Berliner Beauftragte für den Datenschutz und die Informationsfreiheit, Alt-Moabit 59-61, 10555 Berlin, Germany.

X. Necessity of the provision of personal data

In the case of the provision of our contractual or pre-contractual services and obligations with (potential) contractual partners/clients, we require some personal data from them in order to process the (potential) order properly and in accordance with the law and to be able to start and perform our contractual service.

Furthermore, in order to fulfill the respective contract with our respective clients, we require personal data about the persons against whom we are to carry out debt collection in accordance with the contract. Without this data, we cannot fulfill our contractual obligation to perform vis-à-vis our clients.

Otherwise, there are no legal or contractual obligations to provide us with personal data.

B. Supplementary data protection information relating to our website in accordance with Art. 13 DSGVO

In addition to the general data protection information under A., the following applies with regard to the use of our website.

I. General information on calling up the website

a. Description and scope of data processing

When you visit our website, we automatically record certain access data, e.g.

  • Date and time of access,
  • if applicable, name and website of the requested file, at least method and Uniform Resource Identifier (URI) for each request – i.e. request type (e.g. GET, POST) – as well as the path without protocol and domain,
  • website that initiated the request (referrer),
  • access status (HTTP status code),
  • the web browser used when calling up the website (user agent header),
  • the operating system used when calling up the website, if it is transmitted as part of the user agent, and
  • the IP address of the requesting device.

b. Purposes and legal basis of data processing

The processing of this data serves the purpose of enabling the visit of our website and ensuring the permanent functionality, availability and security of our systems. The legal basis for this data processing is Art. 6 (1) (f) DSGVO, based on our legitimate interest in the proper optimization of our website.

c. Duration of data storage

The data will be deleted 3 months after your website access.

II. Use of our contact forms

a. Description and scope of data processing

We provide contact forms on our website. Messages (e.g. inquiries regarding a potential order) can be sent to us via these forms.

In order to be able to check the request and contact the sender, it is necessary to provide some personal information, without which we cannot reply.

The data entered in the respective contact form will not be stored within our website.

b. Purposes and legal basis of data processing

Depending on the request or subject of the inquiry as well as the person sending the inquiry, the data entered in one of our contact forms is processed

  • for the purpose of clarifying the request based on the consent of the person sending the request in accordance with Art. 6 Para. 1 Letter a), Art. 7 DSGVO or
  • for the purpose of contract processing or for the implementation of pre-contractual measures and based on Art. 6 para. 1 letter b) DSGVO.

c. Duration of data storage

The data provided in the respective contact form will be processed until the consent is revoked or until the purpose has been achieved. After the purpose has been achieved, they are deleted, unless there are legal retention obligations that we have to comply with. At the latest after expiry of these retention obligations, the data will be deleted – after ten years at the latest.

C. Supplementary data protection information relating to the use of cookies and usage analysis

In addition to the general data protection information under A., the following applies with regard to the use of cookies and usage analysis.

I. Use of own cookies

a. Description and scope of data processing

When you visit our website, various cookies are set.

In the technical sense, the term “cookies” refers to small text files that are stored in the memory of your web browser and contain information that allows web servers to recognize you on subsequent visits. Cookies cannot run programs or deliver viruses to your computer.

We use our own cookies to note that information placed on our website has been displayed to you so that it will not be displayed again the next time you visit the website.

If you do not accept cookies or prevent cookies from being stored (see c. below for how to do this), you may not be able to take full advantage of all the features of our website.

b. Purpose and legal basis of data processing

The purpose of using our own cookies is to make the use of our services as time-saving and user-friendly as possible. The processing of the respective cookies is based on our legitimate interests to enable a comfortable and individual use of our website. In this respect, the legal basis is Art. 6 para. 1 letter f) DSGVO.

c. Duration of data storage

Cookies are stored on your computer and transmitted from it to our website. Therefore, you as a user also have full control over the use of cookies:

By changing the settings in the Internet browser you use, the transmission of cookies can be disabled or restricted.

Cookies that have already been stored can be deleted at any time. This can also be done automatically by setting you in your browser used.

II. use of Google Tag Manager and Google Analytics for usage analysis

a. Description and scope of data processing

We also use various services on our website to better understand the use of our website and to learn which content is particularly relevant to our users and via which type of terminal devices it was visited. This allows us to optimize our content and adapt the page design to the actual browser types and end devices used.

On the one hand, our website uses the Google Tag Manager, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The Tag Manager is used to manage the tools for usage data analysis and other services, so-called website tags.

A tag is an element that is stored in the source code of our website, for example, to record specified usages and interactions.

The Google Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The Tag Manager provides for the triggering of other tags, which in turn may collect data and which are further explained here under C. or below. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with the Google Tag Manager. You can also read more detailed information about the Tag Manager in Google’s information on the Tag Manager.

Our website also uses the web analytics service Google Analytics, which is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The access data is compiled by Google on our behalf into pseudonymous usage profiles and may be transferred to a Google server in a third country. Before this, your IP address is anonymized. Neither we nor Google can therefore determine which usage profiles belong to a particular user. Based on the data collected by Google, we can thus neither identify you nor determine how you use our website.

Google will use the information obtained through the cookies on our behalf to evaluate the use of our website, compile reports on website activity and provide us with other services related to website and internet usage.

You can also find more information on this in Google’s privacy policy on Google Analytics.

b. Purposes and legal basis of data processing

The legal basis for the described data processing is Art. 6 (1) (a), Art. 7 DSGVO, i.e. your consent to the use of the (unnecessary) cookies.

In the event that, exceptionally, personal data is transferred to a third country in the process, we have agreed with Google that the EU standard contractual clauses for the processing of personal data apply. Google has thus undertaken to guarantee the European data protection principles and the local level of data protection also in the context of data processing taking place in a third country.

c. Duration of data storage

Google Analytics uses cookies with a validity of 14 months to record your access data when you visit our website.

You can object to web analytics by Google at any time. You have several options to do this:

(1) You can set your browser to block cookies from Google Analytics. (If you use Chrome as your browser, you can find out more from Google about deleting, activating and managing cookies here).

(2) You can customize your advertising preferences with Google.

(3) You can install the deactivation plug-in provided by Google at the following link in your browser (this variant does not work on mobile devices): Browser plugin.

As an alternative to the browser plug-in or for browsers in mobile devices, you can click this link to stop being tracked by Google Analytics on our site in the future (this decision only applies to your current browser and this website). To do this, a cookie will be stored on your device, which means that you will have to click this link again if you delete your cookies. If cookies have been disabled, this may mean that not all offers on this website are available to you.

For more information about Google Analytics, please see Google’s privacy policy.

III. links to other websites and online offers

a. Description and scope of data processing

Our website may contain links to the websites and online offers of other providers not affiliated with us. When you activate these links, we naturally no longer have any influence on what data is collected by the respective providers and what data is collected by them. Since the collection and processing of data by third parties is beyond our control, we cannot accept any responsibility for this.

Detailed information on data collection and use can be found in the privacy policy of the respective provider.

We also present ourselves as a company within social networks and other online platforms in order to communicate with current and future contractual partners/clients and interested parties as well as potential applicants and to inform them about our services.

b. Purposes and legal basis of data processing

The processing of personal data that takes place in this context is based on our legitimate interests in effective information and communication pursuant to Art. 6 (1) (f) DSGVO. If the data subjects are asked by the respective providers of the platforms for consent to the aforementioned data processing, the legal basis of the processing is Art. 6 (1) (a), Art. 7 DSGVO.

c. Duration of the storage of the data

For a detailed description of the respective processing and the options to object, please refer to the linked information of the providers:

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland): Personal Data Sharing Agreement, Privacy Policy.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland): Privacy policy.

Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA): Privacy policy.

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany): Privacy policy.

D. Supplementary data protection notices relating to processing of data of our (potential) contractual partners in accordance with Art. 13 DSGVO.

In addition to the general data protection notices under A., the following applies with regard to processing operations of data of our (potential) contractual partners.

I. Description and scope of data processing

We regularly collect data, some of it personal, from our contractual partners in the course of our cooperation and communication with them for the purpose of providing our contractual or pre-contractual services and obligations. This includes – as explained in the general data protection information under A. – master data (e.g. names), contact data (e.g. e-mail address and telephone numbers) as well as contractual data (e.g. contract contents, contractual communication, names of contact persons) and, if applicable, payment data (e.g. bank details, payment history).

If you are our contractual partner, you will receive access to our service platform. In order to use the service platform, you must provide your name, an e-mail address and a password. Within the scope of using the platform, we collect login data for the purpose of security checks as well as technical usage data for the purpose of displaying the content.

2. purposes and legal basis of data processing

The data processed here, the type, scope, purpose and necessity of the processing are determined by the underlying contractual relationship. The data processing serves the fulfillment of the contract or, before that, the implementation of pre-contractual measures. The legal basis for the data processing is Art. 6 para. 1 letter b) DSGVO.

3 Duration of data storage

We store personal data until the named purposes have been fully achieved (see general data protection information under A./ Item III.). When the purposes have been fully achieved (i.e. at the latest after expiry of the statutory retention periods), we delete the data.

E.) in regards to customer service calls

In addition to the general data protection notices under A., the following applies with regard to processing activities in customer service calls.

1. Description and scope of data processing

Once consent has been given, we record customer service calls and then automatically convert them into text using artificial intelligence. This means that a transcript can be created for each customer service call in parallel, i.e. the call can be reproduced in text form.

Consent to the recording and transcription of the telephone call is given at the beginning of the call by pressing the corresponding button.

The data processing includes the personal data that is disclosed during the respective telephone call. This regularly includes – as explained in the general data protection information under A.) – master data (e.g. names), contact data (e.g. email address and telephone numbers) and contract data (e.g. contract content, contractual communication, names of contact persons) or our reference number.

Transcription is carried out using AWS Connect and Amazon Transcribe on European servers. Amazon Transcribe is a model-based service for automatic speech recognition. The personal data processed is not used by Amazon to train its AI models. You can find more information about Amazon Transcribe in the privacy policy of Amazon.

We have taken special security precautions for this process, so-called technical and organisational measures (TOM for short).

2. Purposes and legal basis of data processing

The data processed, the type and scope of processing are determined by the content of the conversation itself. The purpose pursued is to ensure and improve customer service.

Recording and transcription only take place after consent has been given at the beginning of the telephone call. Consent can be revoked at any time. The legal basis for data processing is Art. 6 (1) (a) GDPR.

3. Duration of data storage

We store the recording and the associated transcript for three months. After that, the recording and transcript will be irrevocably deleted.

F.) Data protection information in relation to our application procedures pursuant to Art. 13 GDPR.

Our data protection notices regarding data processing when you apply for a job with us can be found here.

Trustpilot
Trustpilot
© 2024 PAIR Finance GmbH