Privacy Policy

This Privacy Policy informs users about the type, scope, and purpose of the processing of personal data within the Cardynex platform and website.

Effective: 01.01.2025 GDPR Compliant
Policy Sections
1

General Information

The protection of personal data is of the highest priority for Cardynex.

This Privacy Policy informs users about the type, scope, and purpose of the processing of personal data within the Cardynex platform and website.

Cardynex is a service of

2

Data Controller

Contact Information

, Germany

3

Types of Data Collected

In the context of using Cardynex, the following personal data may be processed in particular:

Personal Information

  • First and last name
  • Número de teléfono
  • Correo electrónico
  • Billing data

Technical Data

  • Dirección IP
  • Location data
  • Booking data
  • Payment information

Content Data

  • Content and files that users upload
  • Reviews and comments
4

Purposes of Processing

Processing is carried out particularly for:

  • Provision of the platform
  • Management of user accounts
  • Execution of bookings and orders
  • Payment processing
  • Communication with users
  • Improvement of the platform
  • Ensuring IT security
  • Contract fulfillment according to Art. 6 para. 1 lit. b GDPR
5

Payment Providers

Stripe

External payment service providers such as Stripe or PayPal may be used for payment processing.

PayPal

Personal data may be transmitted to these providers.

6

User Content

Users can publish and upload content, reviews, comments, images, videos, or files.

Users are solely responsible for the legality of their content.

Cardynex reserves the right to remove illegal content.

7

Hosting and Server Location

The platform is operated on GDPR-compliant servers within the European Union or with GDPR-compliant hosting service providers.

8

Cookies and Tracking

We use different types of cookies:

Type Purpose
Essential Technically necessary cookies for the provision of the platform
Analytics/Marketing Additional analysis or marketing tools are used exclusively based on explicit consent
9

Data Subject Rights

Users have the right to:

Access according to Art. 15 GDPR

Request information about your personal data

Rectification according to Art. 16 GDPR

Correct inaccurate personal data

Deletion according to Art. 17 GDPR

Request deletion of your personal data

Restriction of processing

Limit processing in certain cases

Data portability

Receive your data in a machine-readable format

Objection to processing

Object to the processing of your data

Requests can be addressed at any time to the following address:
10

Data Security

® implements enterprise-grade security measures:

Encryption

Technical and organizational security measures to protect personal data

Access Controls

Ensuring data confidentiality and integrity

Monitoring

Regular security updates and monitoring

11

Changes to this Privacy Policy

Cardynex reserves the right to adapt this Privacy Policy in the event of legal or technical changes.