Privacy Policy
The protection of your data is of particular concern to us and we naturally observe all data protection regulations applicable when using our app “Perfect Wiki” and more generally, use any of our services (the "Services", which include the App, www.perfectwiki.xyz website and www.perfectwikiforteams.com website). In the following, we inform you about the most important aspects so that you can be sure that your personal data will not be misused.
We process your data exclusively on the basis of the legal provisions of the General Data Protection Regulation (GDPR), in particular on the basis of Art. 6 Para. 1 lit. a (consent) and/or lit. b (necessary for the performance of the contract) of the GDPR.
Responsible entity
The responsible party pursuant to Article 4 (7) of the EU General Data Protection Regulation (GDPR) for all personal information collected and processed in connection with our services is IE Ilia Pirozhenko (Individual Entrepreneur) of Tbilisi, Georgia (hereinafter “we” or “us”).
If you have any questions about data collection, please contact us at ilia@perfectwiki.com. We will be happy to help you.
What is my data used for?
We store and use (process) the personal data you provide to us, such as name, email address, payment information, IP address, only for the purpose of,
- to respond to your enquiries
- to compile anonymous usage statistics,
- to manage the customer relationship,
- to carry out payment transactions
- and to detect, prevent and investigate attacks on our services.
Your information will never be shared with third parties for marketing or other promotional purposes without your prior consent.
What are the legal bases of processing?
The legal bases for processing are listed below and at least one of these must apply whenever we process personal data:
- Consent: the individual has given clear consent to process personal data for a specific purpose.
- Contract: the processing is necessary for a contract or because you have asked us to take specific steps before entering into a contract.
- Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).
- Vital interests: the processing is necessary to protect someone’s life.
- Public task: the processing is necessary for us to perform a task in the public interest or for official functions, and the task or function has a clear basis in law.
- Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.
What rights do I have with regard to my data?
When processing your personal data, the GDPR grants you as a web user certain rights:
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to information about this personal data and to the information listed in detail in Art. 15 GDPR.
Right to rectification and erasure (Art. 16 and 17 GDPR)
You have the right to request without undue delay the rectification of any inaccurate personal data concerning you and, where applicable, the completion of any incomplete personal data. You also have the right to request that personal data concerning you be deleted without delay if one of the reasons listed in detail in Article 17 of the GDPR applies, e.g. if the data is no longer required for the purposes pursued. 3.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing, for the duration of any review.
Right to data portability (Art. 20 GDPR)
In certain cases, detailed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transfer of this data to a third party.
Right to object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 para. 1 p. 1 lit. f GDPR (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
Right of appeal to a supervisory authority
Pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection regulations. The right to lodge a complaint may in particular be asserted before a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.
How secure is my data with you?
We ensure that both physical and digital security is high at all times. Personal data is only accessible to those whose work duties require such access. They must use an encrypted transmission with high security to access personal data. In addition, we have an authorisation concept that only gives access to data to those whose work tasks require it. This applies to passwords as well as electronic keys to access the services we use to manage our users. All computers with access are kept up to date and protected by anti-virus/malware software.
We also take precautions to protect your personal data from loss, destruction, falsification, manipulation and unauthorised access. Security measures are used that are continuously adapted in line with technical developments. The legal data protection regulations at international and national level are of course observed.
SSL encryption (https): In order to protect your data transmitted via our online offer, we use SSL encryption. You can recognise such encrypted connections by the prefix https:// in the address line of your browser.
Which service providers have access to my data?
When selecting service providers, we take great care to ensure that our high data security requirements are met. If a service provider is required in the course of data processing, e.g. for payment processing, customer management, e-mail processing and support, this is only done with processors who have been contractually obligated to comply with the legal requirements in accordance with Art. 28 of the GDPR. Should services require data storage at a US company, this will only take place if a level of data protection appropriate to the legal framework of the European Union (EU) exists or suitable or appropriate guarantees have been implemented (Art. 45-47, GDPR).
If you would like to know with which service provider your data is stored, please contact us. We will be happy to provide you with information.
How long is the data stored?
If you have purchased directly from us, we store your contact details and payment method in order to continue to provide you with services and answer questions. We will only retain your personal data for as long as we reasonably consider necessary to achieve the purposes set out previously and as permitted by applicable law. We store your personal data as long as legal retention obligations exist or the limitation periods of potential legal claims have not yet expired. We will be happy to provide you with more detailed information on the storage period upon request.
When we act as a processor of personal data, we follow the data retention provisions specified in the contract between us and the data controller.
How do I give my consent to process my personal data?
When you open an account, or when you register with our service for the first time, you will be asked to accept our terms and conditions and to confirm that you have read this privacy policy. This is necessary in order to allow the correct processing of personal data and to ensure the protection necessary for the processing. If you do not accept these terms and conditions and confirm that you have read this privacy policy, you will unfortunately not be able to use the service in question.
If we act as a processor of personal data, what applies?
As a large part of our users' personal data is processed and stored as part of our services as a result of contracts entered into through their data controller, we are considered a personal data processor. If this is the case, a personal data processor contract must be concluded. We must, when processing personal data in the capacity of a personal data processor, comply with applicable law and the limitations and conditions on processing set out in the processing contract.
Are cookies stored on my system?
In order to provide you with the best possible service, we use cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. The primary purpose of a cookie is to store information about a user during or after their visit within an online service. Stored information may include, for example, language settings on a web site, login status, a shopping cart or where a video was watched. The term cookies also includes other technologies that perform the same functions as cookies (e.g. where user details are stored using pseudonymous online identifiers, also known as "user IDs"). Our cookie policy explains the cookies we use and if you would like to learn more about cookies in general, please visit www.allaboutcookies.org
Business services
We process data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners") in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g. to answer enquiries.
We process this data to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organisation. Within the framework of applicable law, we only disclose the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the persons concerned (e.g. to participating telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors,or tax authorities). Contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the framework of this privacy policy.
We inform the contractual partners which data is required for the aforementioned purposes before or in the course of data collection, e.g. in online forms, by means of special labelling (e.g. colours) or symbols (e.g. asterisks or similar), or in person.
We delete the data after the expiry of legal warranty and comparable obligations, i.e. generally after 6 years, unless the data is stored in a customer account, e.g. as long as it must be kept for legal archiving reasons. We delete data disclosed to us by the contractual partner within the scope of an order in accordance with the specifications of the order, generally after the end of the order.
Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms apply in the relationship between the users and the providers.
Customer account
Contractual partners can create an account within our online offer (e.g. customer or user account, "customer account" for short). If registration of a customer account is required, contractual partners will be informed of this and of the information required for registration. The customer accounts are not public and cannot be indexed by search engines. Within the scope of registration and subsequent logins and uses of the customer account, we store the IP addresses of the customers together with the access times in order to be able to prove the registration and to prevent any misuse of the customer account.
If customers have terminated their customer account, the data relating to the customer account will be deleted, unless their retention is required for legal reasons. It is the responsibility of customers to back up their data upon termination of their customer account.
Offer of software and platform services
We process the data of our users, registered users and any test users (hereinafter uniformly referred to as "users") in order to be able to provide our contractual services to them as well as on the basis of legitimate interests in order to be able to guarantee the security of our offer and to develop it further. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information in order to be able to hold any consultations.
Types of data processed
- inventory data (e.g. names, addresses),
- payment data (e.g. bank details, invoices, payment history),
- contact data (e.g. e-mail, telephone numbers),
- contract data (e.g. subject matter of contract, term, customer category),
- usage data (e.g. web sites visited, interest in content, access times),
- meta/communication data (e.g. device information, IP addresses).
Purposes of processing
- provision of contractual services and customer service,
- contact requests and communication,
- office and organisational procedures,
- administration and response to requests,
- security measures.
Legal basis
- Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR),
- Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR),
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).
Payment service provider
In the context of contractual and other legal relationships, due to legal obligations or otherwise on the basis of our legitimate interests, we offer data subjects efficient and secure payment options and use other payment service provider (FastSpring a service offered by Bright Market, LLC of 801 Garden St., Santa Barbara, CA 93101) in addition to banks and credit institutions for this purpose (collectively "FastSpring").
The data processed by the FastSpring includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, checksums, as well as the contract, total and recipient-related details. The information is required to carry out the transactions. However, the data entered is only processed by FastSpring and stored with them. I.e. we do not receive any account or credit card related information, but only information with confirmation or negative information of the payment. Under certain circumstances, the data may be transmitted by FastSpring to credit agencies. The purpose of this transmission is to check identity and creditworthiness. The terms and conditions and privacy policies of FastSpring apply to payment transactions. We also refer to these for further information and assertion of revocation, information and other data subject rights.
Types of data processed
- inventory data (e.g. names, addresses),
- payment data (e.g. bank details, invoices, payment history),
- contract data (e.g. subject matter of contract, term, customer category),
- usage data (e.g. web sites visited, interest in content, access times),
- meta/communication data (e.g. device information, IP addresses).
Purposes of processing
- provision of contractual services and customer service.
Legal basis
- Contract performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR),
- Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
Provision of the online offer and web hosting
In order to provide our online offer securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services.
The data processed in the course of providing the hosting service may include all information relating to the users of our online service that is generated in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or web sites.
Collection of access data and log files
We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the web sites and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.
The server log files may be used, on the one hand, for security purposes, e.g. to avoid overloading the servers (especially in the event of abusive attacks, so-called DDoS attacks) and, on the other hand, to ensure the utilisation of the servers and their stability.
Types of data processed
- Content data (e.g. entries in online forms),
- usage data (e.g. web sites visited, interest in content, access times),
- meta/communication data (e.g. device information, IP addresses).
Purposes of processing
- Provision of our online offer and user-friendliness.
Legal basis
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
Contacting us
When contacting us, the information provided by the person making the request is processed to the extent necessary to respond to the contact requests and any measures requested.
The response to contact enquiries in the context of contractual or pre-contractual relationships is carried out to fulfil our contractual obligations or to respond to (pre)contractual enquiries and otherwise on the basis of the legitimate interests in responding to the enquiries.
Types of data processed
- inventory data (e.g. names, addresses),
- contact data (e.g. e-mail, telephone numbers),
- content data (e.g. entries in online forms),
- payment data (e.g. bank details, invoices, payment history),
- contract data (e.g. subject matter of contract, term, customer category),
- meta/communication data (e.g. device information, IP addresses).
Purposes of processing
- contact requests and communication,
- managing and responding to requests,
- feedback,
- surveys and questionnaires.
Legal basis
- Consent (Art. 6 para. 1 p. 1 lit. a. GDPR).
Electronic notifications
We send notifications, e-mails and other electronic notifications only with the consent of the recipients or with a legal permission. If the contents of a notification are specifically described in the course of registration, they are decisive for the consent of the users. In addition, our notifications contain information about our services and us.
In order to subscribe to our notifications, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name, for the purpose of personal address in the notification, or further details, if these are necessary for the purposes of the notification.
The registration for our notification is always carried out in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other people's e-mail addresses. The registrations for the notification are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored with the dispatch service provider are also logged.
We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them in order to be able to prove consent previously given. The processing of this data will be limited to the purpose of a possible defence against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time. In the case of obligations to permanently observe objections, we reserve the right to store the e-mail address in a block list (so-called "block list") for this purpose alone.
The logging of the registration process takes place on the basis of our legitimate interests for the purpose of proving its proper course. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure sending system.
Notes on legal basis: The notification is sent on the basis of the recipients' consent. The registration process is recorded on the basis of our legitimate interests to prove that it has been carried out in accordance with the law.
The notifications contain a so-called "tracking pixel", i.e. a pixel-sized file that is retrieved from our server or, if we use a dispatch service provider, from their server when the notification is opened. Within the scope of this retrieval, technical information such as information on the browser and your system, as well as your IP address and the time of the retrieval, are initially collected.
This information is used for the technical improvement of our notification on the basis of the technical data or the target groups and their reading behaviour on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times. This analysis also includes determining whether the notifications are opened, when they are opened and which links are clicked. This information is assigned to the individual notification recipients and stored in their profiles until they are deleted. The analyses help us to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The measurement of opening rates and click rates as well as the storage of the measurement results in the users' profiles and their further processing are based on the users' consent.
Types of data processed
- inventory data (e.g. names, addresses),
- contact data (e.g. e-mail, telephone numbers),
- meta/communication data (e.g. device information, IP addresses),
- usage data (e.g. web sites visited, interest in content, access times).
Purposes of processing
- direct marketing (e.g. by email or post).
Legal basis
- Consent (Art. 6 para. 1 p. 1 lit. a. GDPR).
Online marketing
We process personal data for online marketing purposes, which may include, but are not limited to, marketing advertising space or displaying promotional and other content (collectively, "Content") based on users' potential interests and measuring its effectiveness.
For these purposes, so-called user profiles are created and stored in a file (so-called "cookie") or similar procedures are used, by means of which the information about the user relevant to the presentation of the aforementioned content is stored. This information may include, for example, content viewed, web sites visited, online networks used, but also communication partners and technical information such as the browser used, the computer system used and information on usage times. If users have consented to the collection of their location data, this may also be processed.
The IP addresses of users are also stored. However, we use available IP masking procedures (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored within the scope of the online marketing process, but pseudonyms. This means that we as well as the providers of the online marketing procedures do not know the actual identity of the users, but only the information stored in their profiles.
The information in the profiles is usually stored in the cookies or by means of similar procedures. These cookies can generally also be read later on other web sites that use the same online marketing procedure and analysed for the purpose of displaying content as well as supplemented with further data and stored on the server of the online marketing procedure provider.
Exceptionally, clear data can be assigned to the profiles. This is the case if, for example, the users are members of a social network whose online marketing procedure we use and the network links the users' profiles with the aforementioned data. We ask you to note that users may enter into additional agreements with the providers, e.g. by giving their consent as part of the registration process.
In principle, we only receive access to summarised information about the success of our advertisements. However, within the framework of so-called conversion measurements, we can check which of our online marketing procedures have led to a so-called conversion, i.e., for example, to a conclusion of a contract with us. The conversion measurement is used solely to analyse the success of our marketing measures.
Unless otherwise stated, we ask you to assume that cookies used will be stored for a period of two years.
Notes on legal basis: If we ask users for their consent to use third-party providers, the legal basis for processing data is consent. Otherwise, users' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient-friendly services). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.
Facebook Pixel and target group formation (Custom Audiences)
With the help of the Facebook Pixel (or comparable functions, for the transmission of event data or contact information by means of interfaces in apps), it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those users on Facebook and within the services of partners cooperating with Facebook (so-called "Audience Network" https://www.facebook.com/audiencenetwork/ ) who have also shown an interest in our online offer or who have certain characteristics (e.g. interest in certain topics or products that are evident from the web sites visited) that we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. Furthermore, with the help of the Facebook Pixel, we can track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our web site after clicking on a Facebook ad (so-called "conversion measurement").
Bing Ads
This platform uses Bing Ads, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA - Bing Ads Conversion Tracking. When you click on one of our ads on Bing or on selected platforms of the Bing advertising network, a temporary cookie is stored on your computer. If you now reach a conversion page on our site, it is recorded - recognizable to Microsoft Bing and us - that you have previously clicked on the ad. This is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an ad, i.e. complete an order process. If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally deactivates the automatic setting of cookies. The use of Bing Ads is based on our legitimate interest. The platform operator has a legitimate interest in analyzing user behavior in order to optimize both its platform and its advertising.
Google Analytics
In order to tailor our web site to your needs, we create pseudonymous user profiles with the help of Google Analytics. Google Analytics uses cookies that are stored on your terminal device and can be read by us. In this way, we are able to recognize returning visitors and count them as such. The data processing is based on your consent pursuant to your consent if you have given your consent via our banners.
The information generated by the cookie about your use of this platform is usually transmitted to a Google server in the USA and stored there. However, as we have activated IP anonymization on this web site, your IP address will be shortened by Google beforehand. Only in exceptional cases will the full IP address be transferred to a Google server and shortened there. Where we use providers in unsafe third countries and you consent, the transfer to a third country will be based on Article 49(1)(a) of the GDPR.
We have also concluded a contract with Google Inc. in accordance with Article 28 of the GDPR and standard data protection clauses. Accordingly, Google will use all information strictly for the purpose of evaluating the use of our platform for us and compiling reports on platform activity.
Plugins and embedded functions and content
We integrate functional and content elements into our online offer that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These can be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").
The integration always requires that the third-party providers of this content process the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is thus required for the presentation of these contents or functions. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to analyse information such as visitor traffic on the pages of this web site. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring web sites, time of visit and other information about the use of our services, as well as being linked to such information from other sources.
Notes on legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, users' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient-friendly services). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.
Types of data processed
- Usage data (e.g. web sites visited, interest in content, access times),
- meta/communication data (e.g. device information, IP addresses),
- contact data (e.g. e-mail, telephone numbers),
- content data (e.g. entries in online forms).
Purposes of processing
- Provision of our online offer and user-friendliness,
- profiles with user-related information (creation of user profiles).
Legal basis
- Legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
Who can I contact with questions or complaints?
If you have any questions or complaints, please contact us. We will be happy to help you.
You have the right to lodge a complaint with the competent data protection supervisory authority if you believe that the processing of your personal data is unlawful.
Changes to this privacy policy
We reserve the right to change this privacy policy at any time, so please check it regularly. Changes and clarifications will take effect immediately after they are posted on the website. If we make material changes to this policy, we will notify you here. If our business is acquired by or merged with another company, your information may be shared with the new owners.