Data protection
Data protection

Privacy Policy for the use of the How2ski Web-App

Welcome to How2ski, the Web-App of the Deutscher Skilehrerverband Service GmbH (hereinafter "DSLV", "we"). With the Web-App you always have the best exercises with you and make your ski lessons even more attractive, individual and effective. For more information about the Web-App, see https://skilehrerverband.de/dslv-app-how2ski/. The protection of your data is of particular concern to us. In this privacy policy, we inform you how we process your personal data ("data") in accordance with the EU General Data Protection Regulation ("GDPR") and other applicable data protection regulations when you use the Web-App.

1. Controller and Data Protection Officer

DSLV is the operator of the Web-App and is responsible for the processing of your data in accordance with Art. 4 No. 7 GDPR. If you have any questions about the processing of your data or would like to exercise your rights under section 7, you can reach us at the following contact:
Deutscher Skilehrerverband Service GmbH
At Kandahar 11
82491 Grainau,
Phone: +49 (0) 8821 / 73214 – 0
E-Mail: info@skilehrerverband.de

2. Data and purposes of processing

If you use the Web-App, we may process the following data from you. The exact scope of data processing depends on which functions and services of the Web-App you use. The listed data will beprocessed for the purposes stated in each case. a) Registration and login data We offer you various ways to register and log in to the Web-App. On the one hand, you can register and log in via your E-M ail address. We will send you a confirmation email to this address, as you can use it to complete your registration. Your E-Mail address will also serve as your username and contact address for subsequent logins if you have forgotten your password.

On the other hand, you can sign in with your Google account. For this purpose, we use Google OAuth, an authentication device of the Google Ireland Limited("Google"). In addition to your email address, we also receive your name, the URL of your public profile as well asyour photo, country, language and time zone from Google. The processing of your data by us is necessary to identify you and to log in to the Web-App.

We also process the registration and login data in order to provide your user account data.

b) User account data With your user account, you have the opportunity to mark favorite exercises and collections. You can also make user-specific settings, e.g. language settings. We store this information so that you can make better use of the Web-App in future registrations and find personal content more quickly.

c) Payment We offer you with PayPal and Sofort-Überweisung different payment methods for your How2ski subscription. For the payment execution, we process the payment data provided by you. We may receive further payment data. by the service providers Mollie B.V. ("Mollie"), PayPal Europe S.à.r.l. ("PayPal") and Klarna Bank AB("Klarna") .

According to the selected payment method, your payment data includes, for example the name, the billing address, IBAN and BIC or account number and bank code and the PayPal ID.

The legal basis for data processing is Article 6 (1) (.b) GDPR. The processing is necessary to operate the Web-App, provide the agreed functions and services and make payments.

4. Storage duration

The data described in Section 2 will be stored for as long as is necessary for the purposes set out in this Privacy Policy. Subject to your right to erasure in accordance with Section 7, the following storage periods apply:

  • Registration and login data will be deleted no later than six months after expiry of your subscription.
  • User account data will be deleted no later than six months after expiry of your subscription. Data stored on your Web-App will be deleted when the Web-App is uninstalled.
  • Payment data will be deleted no later than six months after expiry of your subscription.

If we are subject to a statutory retention obligation, your data will be stored by us for a correspondingly longer period of time. For example, there are statutory retention obligations of 6 or 10 years in accordance with the German Commercial Code (HGB) and the Tax Code (AO). In these cases, the data will not be deleted, but blocked for further processing.

5. Receiver

In order to provide you with the Web-App and its functions, we work together with selected and specialized service providers . To log in to your account, we use Google and, if necessary, transmit the data mentioned in Section 2 a). For payment processing, we use Mollie, PayPal and Klarna and, if necessary, transmit the data mentioned in Section 2 c). To host the Web-App, we use Amazon Web Services EMEA S.à.r.l. one.

Insofar as a service provider acts as our processor, he is obliged to process your data exclusively in accordance with instructions on behalf of us. In order to ensure the protection of your data, we have concluded an agreement with the service provider for order processing in accordance with Art. 28 GDPR.

Insofar as a service provider processes your data for its own purposes it is its own permanent controller. In this case, the processing of your data is governed by the data protection regulations of the service provider.

6. Transfer to third countries

A data transfer to third countries does not take place. Insofar as we transfer your data to the service providers mentioned in Section 5, the transfer takes place exclusively within the European Union or the European Economic Area.

7. Your data protection rights (rights of the data subject)

As part of the processing of your data, you are entitled to the following data protection rights under the legal requirements:

  • the right to obtain information about the processing of your data at any time (Art. 15 GDPR),
  • the right to rectification of incorrect data or completion of incomplete data (Art. 16 GDPR),
  • the right to have your data deleted or processing restricted (Art. 17, 18 GDPR),
  • the right to data portability (Art. 20GDPR). In order to exercise your data protection genuinely, you can contact the contact details given in section 1.

In addition, you have the right to complain to a competent data protection supervisory authority (Art. 77 para. 1 GDPR). A list of supervisory authorities and their contact details can be found here.

Version: 1.0 / Stand: 15. November 2021