Skip to main content

DATA PROTECTION POLICY


We are committed to protecting your data and ensuring that it is used in accordance with applicable data protection regulations and this privacy policy. If you have any questions or concerns about this policy, please contact our customer service.

(1) Collection and Use of Personal Data

(1.1) Creating User Accounts

To create user accounts we collect personal data, including email address, responsibility (whether manager or employee), as well as first and last name. Email addresses are collected for the purpose of creating user accounts and sending course information, and issuing certificates. This data is under no circumstances shared with any third parties. The data is provided by your organization. Your organization is obligated to gather your consent to process your personal data. Such a consent may be part of your work contract or collected in additional agreements. Please contact your organization for more details. Additionally, we gather direct consent from each user once entering the training course.

(1.2) Data Usage

Our platform tracks the learning progress of individual users. The person who assigned the lesson, such a supervisors and the superusers has access to such data. Superusers, are users from within your organization. The learning progress data provides information on whether a lesson has successfully completed. This data is necessary to run the platform and issue relevant certificates.

(1.3) Cookies

These cookies may be used by our website:

Authentication cookies - used to authenticate users and maintain user sessions.

Security cookies - used to detect and prevent malicious activities.

Session cookies - used to store user preferences and keep track of user sessions.

Analytics cookies - used to collect information about how users interact with the platform to help improve the user experience.

YouTube-Marketing-Cookies - Used by YouTube to track views of embedded videos.

These cookies do not provide any information to third parties. We ask for explicit consent from users before using cookies. You can manage cookie preferences and withdraw consent at any time by adjusting their browser settings.

(1.4) Newsletter

If you sign up for our newsletter, we will collect your email address and store it in our database. We will use this data solely for sending you the requested information and will not pass it on to third parties. You can unsubscribe from the newsletter at any time, and we will delete your email address from our database.

(1.5) Data retention

Personal data will be deleted after membership unless otherwise requested by the Buyer. In such cases, data will be kept for up to 24 months. This may be in order to comply with regulatory retention periods for occupational safety trainings. This is recommended e.g. by “DGUV Information 211-005”.

(2) Your Rights

You have the right to access, correct, and delete personal data that we hold about you. You also have the right to object to the processing of your personal data or to restrict its use. Please contact our customer service to exercise these rights. Furthermore, if you believe that the processing of your personal data violates data protection laws or your data protection rights have been infringed in any way, you have the right to lodge a complaint with a data protection authority. For general information on jurisdiction and complain procedure please see our Terms of use: https://finishingx.de/tos

(3) Data Security

We take appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

(3.1) Technical measures include, but are not limited to:

Encryption: Personal data is encrypted during transmission and storage.

Access controls: Access to personal data is restricted to authorized personnel.

Regular updates and patches: We regularly update and patch our website to address any security vulnerabilities. Audit logging: We log all activities related to personal data, including access, modifications, and deletion, to detect and investigate any unauthorized access.

(3.2) Organizational measures, include but are not limited to:

Data protection policies: We have policies and procedures in place to ensure that personal data is processed lawfully, fairly, and transparently.

Staff training: Our employees receive training on data protection principles and practices.

Third-party service providers: We ensure that our third-party service providers adhere to the same data protection standards and procedures as our website.

Incident response plan: We have an incident response plan in place to handle any data breaches, which includes notifying affected individuals and relevant authorities.

(4) Changes to this Policy

We may update this privacy policy from time to time, and the latest version will be posted on our website. In such case, users will be notified via email.