This Data Protection Policy applies to data processing by:
Controller: Zapevo Limited
Suite 602 Lemmi Centre, 50 Hoi Yuen Road, Kwun Tong Kowloon, Hong Hong
Phone: +852 5989 8324
The data protection officer of Zapevo Limited is contactable at the above address, Attn: Data Protection Department and via firstname.lastname@example.org.
When you visit the websites of Zapevo Limited , namely https://watchsignals.com, the browser you are using on your device automatically sends information to the server for our website. This information is temporarily stored in a log file. The following information is automatically collected and subsequently automatically deleted after a period of 20 weeks:
Buyers, private sellers and commercial merchants can create a user account on our platform. The mandatory data required to set up a user account must be entered under i), ii) and iii). This data is processedto identify you as our contract partnerto enter into, structure, execute and amend contracts with you governing the use of our platform and services offered thereupon
to assess the plausibility of the data entered
to contact you as necessary for with any questions, and
to assert any claims against you as necessary.
The data specified under points i), ii) and iii) are processed upon your placement of an inquiry for the purposes outlined above and are required for use of the platform in accordance with Article 6 para. 1 sentence 1 item b of the GDPR, and thus required for fulfilment of the contract and of pre-contractual actions.
You may have the option of providing voluntary information/data depending on the type of user account. We process voluntarily provided information/data in accordance with our legitimate interests in line with Article 6 para. 1 sentence 1 item f GDPR. This information/data is used to facilitate contact with you and ensure rapid clarification of any questions.
After deletion of your user account your data are automatically deleted to prevent further use unless, in accordance with Article 6 para. 1 sentence 1 item c GDPR, it must be stored for a longer period of time pursuant to retention and documentation requirements under tax or commercial code, or if you have consented to storage for a longer period of time in line with Article 6 para. 1 sentence 1 item a GDPR.
The following mandatory data must be entered to register as a user (buyer) and set up a user account:
To place sale offers as a private seller you must first have a user account (see i)). To place a sale offer on the platform you must enter the following data:
As a registered user you have the option to communicate with us or a merchant / private seller via an internal messaging tool provided on the website. To use the internal messaging tools, registration is required (see 2. b) ).When you use our internal messaging tool, we will automatically and manually scan and analyze your sent messages. This is done for the purposes of
detection of unlawful acts and violations of our Terms and Conditions, as well as
to improve communication and customer service.
We process data in accordance with our legitimate interests in line with Article 6 para. 1 sentence 1 item f GDPR. Data processing for the aforementioned purposes is a recognised legitimate interest in accordance with the GDPR.
You can manage your sent and received messages by yourself and delete them on request. In the event of an attempted fraud, an unlawful act or breach of the General Terms and Conditions, we may store the appropriate messages even after request for deletion on the bases of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 item f GDPR in order to assert or defend against claims or exercise legal rights.
We create a customer profile for your user account in order for you to use our platform as a registered user/merchant. We categorise your customer profile and supplement it with additional data so that you only receive information likely to be of interest to you. To do so we utilise this data:
To pursue and conclude sales contracts with merchants via our Trusted Checkout service you must first have a user account (see item 2.b)i) ). The following data must also be provided, without exception:
We use your e-mail address to send you our personalised regular newsletter if you have expressly consented thereto in accordance with Article 6 para. 1 sentence 1 item a GDPR. To receive the newsletter it suffices to provide your e-mail address.To receive more personalised newsletter content you can create a customer profile about you based on your collected personal data. This data relates to personal preferences such as product affinities observed on the basis of orders, interests, purchase decisions, preferred shopping time, etc. and is automatically processed and analysed so that relevant offers are predicted for you. Profiling may also be performed without consent on the basis of Article 6 para. 1 item f GDPR given a legitimate interest (see item 2.c) ).
We may also use your e-mail address without your express consent to send you information about similar products of our company if you are an existing customer and have not objected to the use of your e-mail address. Processing for purposes of marketing to existing customers is done on the basis of our legitimate interests in accordance with Article 6 para. 1 sentence 1 item f GDPR. Processing of your e-mail address for the purpose of direct marketing is a statutorily recognised interest under the GDPR.
In either case you can unsubscribe at any time, such as via link at the end of each newsletter. Alternatively, you can unsubscribe at any time by e-mail to email@example.com .
You can use a form provided on the website to contact us with questions or contact a merchant or private seller. If you wish ask your question to a merchant or private seller, we forward your contact inquiry to them. For the use of the contact form, the following data is required, without exception:
We only disclose your personal data to third parties if:
you have expressly consented thereto in accordance with Article 6 para. 1 p. 1 item a GDPR
there is a legal disclosure obligation pursuant to Article 6 para. 1 sentence 1 item c GDPR
disclosure is required pursuant to Article 6 para. 1 sentence 1 item f GDPR in order to assert or defend against claims or exercise legal rights and there are no grounds to assume that you have a prevailing legitimate interest in non-disclosure of your data.
If you are registered as a merchant and publish offers on the platform, registered and unregistered users can view your provider data on the platform (as per item 2.b) iii)). You can restrict the visibility of your data during registration so that your address is not displayed, and thereafter in your profile settings.The publication of the merchant data is required to fulfil and execute the contract between Zapevo Limited and the merchant as part of use of the platform in accordance with Article 6 para. 1 sentence 1 item b GDPR.
We utilise ‘cookies’ and ‘pixels’ or ‘tracking pixels’ on our website to record statistics on website usage and evaluate these for the purpose of optimising our offering (see item b).). These enable us to automatically recognise you have previously visited our website when you revisit it.
Your data are processed using cookies and pixels for the purposes specified above on the basis of our legitimate interests and those of third parties, in line with Article 6 para. 1 sentence 1 item f GDPR, according to which these interests qualify as legitimate.
Cookies are small files automatically created by your browser which are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device and do not contain viruses, Trojans or other malicious software.Cookies store data about the specific device used for the respective website visit. This does not mean that we are able to directly discern your identity.
Cookies are in part utilised to enable us to enhance our offer for you. For example, we utilise what are known as ‘session cookies’ to recognise that you have already visited individual pages of our website, or have already logged in to your user account. These cookies are automatically deleted when you leave our website.
We also use temporary cookies which are stored on your device for a specific period of time in order to improve the user experience. When you revisit our site to utilise our services, these automatically register that you have visited before and the entries and settings you have made so that you do not have to re-configure these.
Most browsers are configured by default to accept cookies. You can configure your browser so that cookies are not stored on your computer, or so you receive notification before each new cookie is created. Disabling cookies can however mean that you are unable to utilise some features of our website.
Tracking pixels or just ‘pixels’ are small 1×1-pixel GIF files that can be hidden in graphics, e-mails, etc. when visiting a website. Pixels do not harm your device and do not contain viruses, Trojans or other malware.Pixels send your IP address, the referrer URL of the website visited, the time the pixel was viewed, the browser used, and previously set cookie information to a web server. This enables us measure reach and conduct other statistical analyses for the purpose of optimising our platform and offerings.
Most browsers automatically accept pixels. You can use certain tools and browser add-ons to block the use of pixels on our webpages (like the AdBlock add-on for the Firefox browser).
We utilise the tracking tools outlined below on the basis of Article 6 para. 1 sentence 1 item f GDPR. We deploy these tracking tools to optimise our website design on an ongoing basis to better meet user needs. In addition we use tracking tools to record website usage statistics which we analyse in order to optimise our offering for you. These interests qualify as legitimate under the provision cited above.The data processing purposes and data types are as per the respective tracking tools.
We utilise Google conversion tracking to record website usage statistics and analyse these for the purpose of optimising our offerings. Google Adwords places a cookie on your computer (see item 5) when you navigate to our website via a Google ad. Google is subject to the EU-US Privacy Shield, which guarantees an appropriate level of data privacy.These cookies expire after 30 days and are not used for personal identification. If a user visits certain pages of the website of the Adwords customer and the cookie has not yet expired, Google and the customer can observe that the user clicked on the ad and was redirected to this page.
Every Adwords customer receives a different cookie. Cookies thus cannot be tracked via the websites of Adwords customers. Information obtained via conversion cookie is used to prepare conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers receive information on the total number of users who have clicked on their ad and were redirected to a page bearing a conversion tracking tag. They do not however receive any information with which the user can be personally identified.
We utilise the targeting tools outlined below on the basis of Article 6 para. 1 sentence 1 item f GDPR. Targeting tools are used to ensure that all advertising displayed on your devices is based on your actual or predicted interests. These interests qualify as legitimate under the provision cited above.See the sections on the respective tracking tools regarding their data processing purposes and data types.
We utilise Google Remarketing Tags, which are a service of Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereinafter “Google”). Google utilises ‘cookies’ (see item 5), which are text files stored on your computer allowing analysis of your website usage. The information generated by the cookie about your use of this website (including your IP address) is sent to a Google server in the US and stored there. Google is subject to the EU-US Privacy Shield, which guarantees an appropriate level of data privacy.Google then removes the last three digits of the IP address, rendering definite cross-referencing of the IP address impossible. Google will use this information to evaluate your use of the website, compile reports on website activity for website operators and provide other website and internet usage-related services.
Please be advised however that you may not be able to utilise all functionalities of this website in such case. By using this site, you consent to Google processing data gathered about you in the manner and for the purpose outlined above. Further information about Google policies can be found here.
Cookies are used on our website to collect and evaluate data for the purpose of optimising advertising (see item 5). For this we use targeting technologies of Google Inc. (Double Click, Double Click Exchange Buyer, Double Click Bid Manager). These technologies enable us to serve advertising to you in targeted fashion based around your interests. The cookies are used, for example, to record information about which of our products you are interested in. Using this information we can market offers to you on our website or third-party websites which are oriented around your specific interests as predicted based on your historical user behaviour. Data collected and evaluated pertaining to your user behaviour exclusively on a pseudonymous basis so that it is not possible for us to identify you. In particular, this data is not merged with personal data about you.Google is subject to the EU-US Privacy Shield, which guarantees an appropriate level of data privacy
The cookie is automatically deleted after 30 days
You can also configure setting for the display of interest-based advertising via the Google Ads Settings Manager.
We utilise Facebook Website Custom Audiences, a service of Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland). This Facebook marketing service allows us to display personalised and interest-based advertising on Facebook for particular groups of pseudonymised visitors to our website who use Facebook.A Facebook custom audience pixel is integrated on our website. This is a Java Script code which stores non-personal data about your usage the website. This data includes your IP address, the browser you are using, and the referring and destination pages. This data is transmitted to Facebook servers in the United States. Facebook is subject to the EU-US Privacy Shield, which guarantees an appropriate level of data privacy
In an automated process there it is checked whether you have a Facebook cookie stored. The Facebook cookie automatically determines whether you belong to the target group relevant for us. If you belong to the target group, we then show you relevant ads of ours on Facebook. In this process, you are not personally identified, either by us or by Facebook.
You can opt out of use of the Custom Audiences service on the Facebook website. After logging in to your Facebook account, go to the Facebook ads settings.
We utilise social plug-ins of the social media networks Facebook, Twitter, Google+ and Instagram to promote our company on our website on the basis of Article 6 para. 1 sentence 1 item f GDPR. This promotional purpose is a legitimate interest within the meaning of the GDPR. The respective providers are responsible for ensuring operation in conformance with data protection laws.
The social media buttons are integrated with a self-developed solution. This solution prevents you from connecting to a social media network just by opening a web page with a social media button on it without pressing the button, i.e. data are not sent to the social media network unless you hit the button.
Our platform uses social media plug-ins of Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) to personalise the experience through usage of “LIKE” and “SHARE” buttons. These are a Facebook offering.When you visit a page of our website featuring such a plug-in and you activate that plug-in yourself, your browser establishes a direct connection to Facebook servers. The plug-in content is sent by Facebook directly to your browser and integrated into the page.
When a plug-in is integrated, Facebook receives the data the browser you used to access the page of our website in question even if you do not have a Facebook account or are currently not logged in to Facebook. This data (including your IP address) is transmitted by your browser directly to a Facebook server in the US and stored there.
If you are logged into Facebook, Facebook can directly reference your visit to our website your Facebook account. If you interact with a plug-in such as by pressing a “LIKE” or “SHARE” button, the corresponding information data is also transmitted directly to a Facebook server and stored. This data is posted on Facebook and displayed to your Facebook friends.
Facebook can use this data for the purposes of advertising, market research and structuring Facebook pages in line with user needs. This involves Facebook creating user, interest and relationship profiles, for example to evaluate your use of our website in relation to advertisements displayed on Facebook, to inform other Facebook users of your activities on our website and to provide other services related to use of Facebook.
If you do not want Facebook to reference information about you from our website to your Facebook account, you must log out of Facebook before visiting our website.
Please see the Facebook data privacy notices for information regarding the purpose and scope of data collection, further processing and use of data by Facebook, your data privacy rights and data privacy configuration settings.
Plug-ins of the news and social networking firm Twitter International Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland, hereinafter “Twitter”) are integrated into our web pages. Twitter plug-ins (Tweet button) bear the Twitter logo, making them identifiable on our website. An overview of Tweet buttons can be found here.When you visit a page of our website featuring such a plug-in and you activate that plug-in yourself, a direct connection is established between your browser and a Twitter server. Twitter then receives the information that you have visited our page, and your IP address. You can link content from our webpages with your Twitter account by clicking on the Twitter “Tweet” button while logged into your Twitter account. This enables Twitter to cross-reference your visit to our webpages to your user account. Please note that as website provider we have no knowledge of the content of the data transmitted or regarding its use by Twitter.
You should log out of your Twitter account first if you do not want Twitter to be able to cross-reference your visit to our webpages to your Twitter user account.
Our website uses plug-ins of Google Plus, social media network operated by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). The plug-ins are recognisable on buttons, for example, by the characters “+1” appearing on a white or coloured background. An overview of Google plug-ins and their appearance can be found here.When you visit a page of our website featuring such a plug-in and you activate that plug-in yourself, your browser establishes a direct connection to Google servers. The plug-in content is sent by Google directly to your browser and integrated into the page. When a plug-in is integrated, Google receives the data the browser you used to access the page of our website in question even if you do not have a Google Plus profile or are currently not logged in to Google Plus. This data (including your IP address) is transmitted by your browser directly to a Google server in the US and stored there. If you are logged in to Google Plus, Google can directly reference your visit to our website to your Google Plus profile.
If you interact with a plug-in such as by pressing a “+1” button, the corresponding information data is also transmitted directly to a Google server and stored. This data is also published on Google Plus and displayed to your contacts there.
Please see the Google data privacy notices for information regarding the purpose and scope of data collection, further processing and use of data by Google, your data privacy rights and data privacy configuration settings.
If you do not want Google to be able to directly reference data collected about your visit to our website to Google Plus, you must log out of Google Plus before visiting our website. You can use browser add-ons such as NoScript (https://noscript.net/) to completely block the loading of Google plug-ins.
Our website utilises Instagram social plug-ins (“plug-ins”) operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).The plug-ins bear an Instagram logo, such as the “Instagram camera”.
When you visit a page of our website featuring such a plug-in and you activate that plug-in yourself, your browser establishes a direct connection to Instagram servers. The plug-in content is sent by Instagram directly to your browser and integrated into the page. When a plug-in is integrated, Instagram receives the data the browser you used to access the page of our website in question even if you do not have an Instagram profile or are currently not logged in to Instagram.
This data (including your IP address) is transmitted by your browser directly to an Instagram server in the US and stored there. If you are logged into Instagram, Instagram can directly reference your visit to our website your Instagram account. If you interact with a plug-in such as by pressing an Instagram button, the corresponding information data is also transmitted directly to an Instagram server and stored.
This data is also published on your Instagram account and displayed to your contacts there.
If you do not want Instagram to directly reference information about you from our website to your Instagram account, you must log out of Instagram before visiting our website.
If your personal data are processed on the basis of on legitimate interests in accordance with Article 6 para. 1 sentence 1 item f GDPR, you have the right to file an objection against the processing of your personal data pursuant to Article 21 GDPR given reasons for doing so which pertain to your special circumstances or the objection pertains to direct advertising. In the latter case you enjoy a general right to file objection which we will act upon without your having to outline any special circumstances.To exercise your right to file objection it suffices to send a corresponding e-mail to firstname.lastname@example.org.
We utilise the widely used TLS (Transport Layer Security) method for our website in combination with the highest level of encryption supported by your browser. TLS is a secure and proven standard utilised in online banking, for example. A secure TLS connection is indicated among other things by the letter ‘s’ appended on the ‘http’ (i.e. https://..) in the address bar of your browser, and by a lock icon appearing at the bottom of your browser.We furthermore implement appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction and unauthorised access by third parties. The security measures we implement are continuously upgraded to remain in line with technological progress.
If you register with us as a user, you can only access your user account after entering your personal password. You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share your computer with others.
We take company-internal data protection very seriously as well. We bind our staff and commissioned service provider firms to uphold confidentiality and comply with data protection regulations.
This Data Protection Policy is the latest, valid version, last updated in December 2018.Changes to our website and offers marketed via the website and changes in legal or regulatory requirements may necessitate updating of this Data Protection Policy. You can view and print out the latest updated version of this Data Protection Policy at any time on the websites