This Privacy Policy will inform you as to how we look after your personal data when:

You download a mobile application belonging to one of our partners (thereinafter together referred to as our “Partner App”) who, after obtaining your express opt-in consent to do so, may share some of your personal data with Schober.

For the purposes of this Privacy Policy, we refer to those individuals using a mobile application of Partner App as “End User(s)” or “you“.

This Privacy Policy also provides you with details about the personal information we collect from or about you, how we use your personal information and your rights to control personal information we hold about you.

ACCEPTANCE
Please read this Privacy Policy carefully – by using a Partner App, you confirm that you have read, understood and agree to this Privacy Policy in its entirety. If you do not agree to this Privacy Policy in its entirety, you must not use any relevant Partner App or use your data privacy choices given to you in the relevant Partner App to restrict your privacy consent(s).

Schober is a company registered in Leinfelden-Echterdingen, Germany, under registration number HRB 202526, and whose registered office is at Meisenweg 37, 70771 Leinfelden-Echterdingen.

 

Schober respects your privacy and is committed to protecting your personal data in accordance with the EU General Data Protection Regulation 2016/679 (“GDPR“) and other applicable German stipulations regarding processing of your data.

 

To this effect, we have appointed a data protection officer (“DPO“) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about how we collect, store and use your personal information, or if you have any other privacy-related questions, please contact our DPO by any of the following means:

• By e-mail at datenschutz@schober.de
• By post at our registered office’s address mentioned above.

Schober is a company specializing in collecting and refining data. We analyze data, some of which may be deemed personal data, derived from Partner App. We may also combine, connect, match and analyze such data with other data collected from open publicly accessible or third-party data sources.

Schober may only collect information about you from a Partner App which has obtained your prior and express consent for us to do so.

Your prior and express consent allows us to provide our clients or business partners with personalised ads profile, (on third party websites/apps) and personalised content, to gain insights about target groups, analyse your usage behaviour, compile and select segments with pseudonymized user data, match and combine offline data sources and offer third parties data matching services to personalize their advertising and the ability to identify similar users in their own user data sets.

 

A list of such third parties is provided at Appendix 1 for your information.

“Personal data“, or personal information, means any information about an individual from which that person can be identified, whether directly or indirectly. Data which has been anonymized or aggregated with the effect unidentifiable information to a person is not personal data.

 

Information related to End Users of Partners Apps:

If you use a Partner App, and only if you gave your prior express opt-in consent to do so, we will collect the information listed below about your device via our trusted Partner App which are responsible to obtain you prior express consent to do so.

• Data Identifiers:includes iOS® Identifier for Advertising (on iOS only) or Android™ Advertiser ID (on Android only)
• The IP addresse from which the mobile device accesses a Partner App
• Information about the approximate (or, if you expressly confirm, the exact) geographic location of the device when it accesses the relevant Partner App.

 

Information we never collect

Schober has via Partner Apps never access to information that can directly identify End Users such as your name, surname, non-hashed email address, or phone number.

 

In addition, we do not collect any sensitive personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

 

We do not and will not knowingly collect information from any unsupervised child under the age of 18. If you are under the age of 18, you may not use our Partner App unless you have the consent of, and are supervised by, a parent or guardian. Please refer to the relevant Partner App’s privacy policy for information about using a mobile application with a parent or guardian.

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

 

Information related to End Users of Partners Apps:

Purpose/Activity

1. Create a personalized ads profile including match and combine offline data sources
2. Select personalized ads

for direct marketing purposes.

Type of data

1. Data identifiers: mobile advertise identification, IP address
2. Geographic location linked to mobile advertiser identification

 

Lawful basis for processing including basis of legitimate interest

Opt-in Consent provided within our Partner App via our trusted partners’ CMP, enabling you to specifically opt-in to receiving targeted advertisement.

 

An important note on obtaining End Users Consent

We require that all our business partners based within the European Union or processing personal data of European Union citizens to get your express opt-in consent before they share your personal data with us or any third party for the purposes listed above.

 

Likewise, we do not use personal data belonging to End Users based within the European Union without having obtained appropriate contractual guarantees from our selected business partners that they have lawfully collected such personal data.

 

Opting out of receiving targeted advertising

We also require that our business partners send us up to date data. Therefore, if you have opted out of sharing your personal data with our partners at any time, we will be informed of such within a reasonable time and we will delete your data as a result.

 

Please contact the Partner App directly in case you are unable to find the mechanism for opting out.

 

Each End User can also opt-out of the data collection by Schober directly by contacting us. To do so, please send us an email at datenschutz@schober.de and submit your iOS® Identifier for Advertising (on iOS only), Android™ Advertiser ID (on Android only). Opting out will not stop advertising from the Partner App sent by other third party(ies), but Schober will no longer be able to collect data from you.

We may share your personal data with third parties as set out in the list below of selected external third parties for the purposes set out in the section Purpose/Activity above.

 

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

 

Many of our External Third Parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA (including to the United States) in connection with the above purposes.

 

Insofar as personal data is also processed outside the EU and EEA area in the above context, the following also applies:

 

For the United States of America, there is currently an EU Commission adequacy decision (within the meaning of Article 45 (3) GDPR), dated July^10th, 2023. In addition, Schober has concluded appropriate or adequate safeguards in the form of standard contractual clauses (within the meaning of 46 (2) (c) of the GDPR) with the respective data recipients for transfers to this country and has implemented additional technical measures to ensure an adequate level of data protection. You can request a copy of the clauses of the standard contractual clauses that are relevant to you via Schober’s data protection contact.

We have put in place appropriate security measures (such as data transfer encryption over HTTPS, account authentication and data rest encryption for our computer and databases storing personal information) to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

 

Details of retention periods for different aspects of your personal data are set out below:

• Data Identifiers and geographic location data are kept on our servers for a period of 24 monthsforthe necessary purpose of providing Schober’s clients with relevant marketing and analytics data.

In some circumstances you can ask us to delete your data: please see section 2 “Your legal rights” below for further information.

 

YOUR LEGAL RIGHTS

You have the following rights under data protection laws in relation to your personal data:

• the right to ask us to provide you with copies of personal information that we hold about you;
• the right to ask us to update, correct or erase any out-of-date or incorrect personal information that we hold about you free of charge;
• the right to request the transfer of your personal data to you or to a third party;
• the right to opt out of any marketing communications that we (or any third party to whom we have disclosed your personal information with your consent) may send you;
• The right to withdraw consent at any time where we are relying on consent to process your personal data.

 

If you wish to exercise any of the rights listed above, please contact Schober’s DPO by any of the following means:

• By e-mail at
  datenschutz@schober.de
  
• By mail at Schober Information Group Deutschland GmbH, Meisenweg 37, 70771 Leinfelden-Echterdingen

THIRD PARTIES

In the course of proving our Services, we may share your personal data or Aggregated Data with the following selected third parties:

• THIRD PARTY COMPANIESAND NETWORKS that require the data to select and serve relevant targeted ads to you and others, or use the data for analysis and matching purposes: With your express opt-in consent, we may sell End User data to trusted third party companies and networks so that they can, in turn, send you targeted mobile advertising based on the way you use your Partner App or other third-party mobile applications you have authorized us or our partners to collect relevant data from.

 

• DATA MANAGEMENT PLATFORMS: We may share End Users Data with data management platforms that are being used by advertising companies for data sourcing purposes. The End User data we may share may include any or all data outlined in this Privacy Policy, including some data which may be deemed personal data.

Schober thrives at being completely transparent with you. To this effect, please see our
list of the selected external third parties
we may share your data with for the purposes indicated in this Privacy Policy.