Privacy statement

You need a privacy policy. This should be written in an easily comprehensible way according to the GDPR. A reference to the privacy policy of yve is not sufficient, because you yourself are responsible for the data processing carried out by you within the meaning of the GDPR.
 
 
A privacy policy must have the following minimum content:
- Information about the person responsible
- Purposes of processing
- Legal basis (s) of processing
- storage duration or criteria
- Legal rights of
- Use of yve as a processor
 
 
If the following services are used, the corresponding information is also required:
- Contact details of the data protection officer
- If the legitimate interest is stated under "Purpose of processing" (Article 6 (1) (1) (f)), the interests underlying the balance of interests must also be stated
- Additional recipients or categories of recipients of personal data
- Transfer of data to other EU countries
- Automated decision-making and profiling "