Privacy Policy

Thank you for your interest in our company. Data protection is of the utmost importance to the management of 10xshareholders. The use of our websites is generally possible without providing personal data. However, if special services are used, the processing of personal data may be necessary. In such cases, we always obtain the consent of the data subject, unless there is a legal basis for the processing.

The processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR) and the country-specific data protection regulations of 10xshareholders.com. This privacy policy informs about the nature, scope, and purpose of the collected personal data and the rights of the data subjects.

10xshareholders.com has implemented technical and organizational measures to ensure comprehensive protection of the processed personal data. However, internet-based data transmissions can have security vulnerabilities. Therefore, data subjects can also use alternative communication channels to transmit personal data.

  1. Definitions

This privacy policy is based on the terms of the General Data Protection Regulation. For better understanding, we explain some terms:

a) Personal data: Information relating to an identified or identifiable natural person.

b) Data subject: Any identified or identifiable natural person whose data is processed.

c) Processing: Any operation related to personal data, e.g., collection, storage, use.

d) Restriction of processing: Marking of stored personal data to restrict its future processing.

e) Profiling: Automated processing of data to evaluate personal aspects of a natural person.

f) Pseudonymization: Processing of personal data in such a way that it can no longer be attributed to a specific person.

g) Controller: Natural or legal person who decides on the purposes and means of data processing.

h) Processor: Person or entity that processes personal data on behalf of the controller.

i) Recipient: Person or entity to whom personal data is disclosed.

j) Third party: Person or entity other than the data subject, the controller, and the processor.

k) Consent: Voluntary, informed, and unambiguous agreement to the processing of personal data.

  1. Controller

10xshareholders.com, info@10xshareholders.com

  1. Cookie Privacy Notice

Our website uses cookies to improve the user experience. Cookies are small text files stored on your computer by your web browser. They often contain a unique cookie ID, allowing websites and servers to identify your specific browser and distinguish it from others. This enables us to offer more user-friendly services on our site that would not be possible without the use of cookies. Cookies help optimize information on our website and provide personalized offers. However, you have the option to prevent cookies from being set by adjusting the settings in your web browser. Please note that this may restrict the use of our website.

  1. Collection of General Data and Information

Each time our website is accessed, general data and information are automatically collected and stored in server log files. This data includes, among other things, the type of browser, operating system, referrer, sub-pages accessed, date and time of access, IP address, and internet service provider. This information is necessary to ensure the functionality of our website, optimize content, and provide the necessary information to law enforcement agencies in case of attacks on our systems. However, no conclusions are drawn about individual persons, and the data serves solely for analysis to improve data protection and data security.

  1. Registration on our Website

Registration on our website requires the provision of personal data. This data is stored exclusively for internal purposes and may be passed on to processors as part of use. The stored IP address serves security and prevention of abuse. Registered users have the option to change or delete their personal data. Upon request, we will inform you at any time about the stored personal data. Protecting your data is important to us, and we are available to answer any further questions.

  1. Newsletter Subscription

Visitors to our website have the option to subscribe to our newsletter. The transmission of personal data during newsletter subscription arises from the information in the corresponding input mask. 10xshareholders.com regularly informs customers and business partners about company offers via newsletter. Receipt of the newsletter requires that the person concerned has a valid email address and has registered for delivery. A confirmation email is sent to the initially registered email address as part of the double opt-in process to verify the consent of the email address owner. During the newsletter registration, the IP address of the used computer system as well as the date and time of registration are stored. This data is collected to track possible misuse and serves the legal protection of the controller. The personal data collected during newsletter registration is used exclusively for newsletter dispatch. Subscribers may also be informed by email about operationally necessary information, such as changes to the newsletter offer or technical adjustments. The collected data is not passed on to third parties. The newsletter subscription can be canceled at any time by the data subject. The consent to the storage of personal data for newsletter dispatch can also be revoked at any time, for which a corresponding link is provided in each newsletter.

  1. Newsletter Tracking

The newsletters contain tracking pixels, miniature graphics in HTML format, which allow a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, 10xshareholders.com can recognize if and when an email was opened by a data subject and which links in the email were clicked. Such personal data collected via the tracking pixels in the newsletters is stored and evaluated by the controller to optimize newsletter dispatch and adapt the content of future newsletters even better to the interests of the data subject. This personal data is not passed on to third parties. Data subjects are at any time entitled to revoke the separate declaration of consent issued via the double opt-in process. After revocation, this personal data will be deleted by the controller. Unsubscribing from the newsletter is automatically interpreted as a revocation by the controller.

  1. Contact Option via the Website

The website allows for quick contact via email. The transmitted personal data is automatically stored and not passed on to third parties.

  1. Comment Function in the Blog on the Website

10xshareholders offers users the opportunity to leave individual comments on specific blog posts on the website of the data controller. A blog is a portal usually accessible to the public on a website where one or more individuals, referred to as bloggers or web bloggers, can post articles or express thoughts in blog posts. Typically, third parties can comment on these blog posts. When an individual leaves a comment on the blog published on this website, details such as the time of comment submission and the chosen username (pseudonym) are stored and published, in addition to the comments left by that individual. Furthermore, the IP address assigned by the internet service provider (ISP) of the individual is also logged. This logging of the IP address is for security reasons and in the event the individual violates the rights of third parties or posts unlawful content. The storage of this personal data is in the interest of the data controller to potentially exculpate themselves in the event of a legal violation. No disclosure of this collected personal data to third parties occurs unless legally required or for the defense of the data controller.

  1. Subscription to Comments in the Blog on the Website

Comments made on 10xshareholders.com’s blog can generally be subscribed to by third parties. In particular, there’s an option for a commentator to subscribe to subsequent comments on a specific blog post. If an individual opts to subscribe to comments, an automatic confirmation email is sent by the data controller to confirm the subscription through the double opt-in process. The subscription to comments can be terminated at any time.

  1. Routine Deletion and Blocking of Personal Data

The data controller processes and retains the individual’s data solely for the time required to fulfill the storage objective or as mandated by European regulations or other relevant laws to which the controller is bound. Should the storage objective cease or if a set storage duration by the European regulator or another authority lapses, personal data is systematically blocked or erased, adhering to legal stipulations.

10xshareholders consistently updates its patrons and associates about company offerings through a newsletter. For newsletter access, an individual must possess a valid email and enlist for dispatch. Upon initial sign-up, a legal confirmation email, part of the double opt-in method, is dispatched to validate newsletter consent. During enlistment, we log the computer’s IP, date, and time to detect potential misuse, ensuring the controller’s legal protection. The gathered personal details are solely utilized for newsletter dissemination. Recipients can receive email alerts on modifications or technical shifts. No data is shared externally, and cancellations are permissible anytime. The data storage agreement can be rescinded anytime, facilitated by a dedicated link in each newsletter.

  1. Rights of the Data Subject

a) Right to Confirmation Every data subject has the right to request confirmation from the data controller regarding whether their personal data is being processed. If desired, the data subject can contact an employee of the data controller at any time to exercise this right to confirmation.

b) Right to Information Every data subject has the right to obtain free information about the personal data stored concerning them. The data controller provides details about the purposes of processing, categories of personal data, recipients, intended storage duration, and other relevant aspects. If the data subject wishes to exercise this right, they can contact an employee of the data controller at any time.

c) Right to Rectification The data subject can demand the immediate correction of their inaccurate personal data. Completing incomplete data is also possible. If necessary, the data subject can contact an employee of the data controller to exercise this right.

d) Right to Erasure (Right to be Forgotten) The data subject can request the data controller to erase their personal data without delay under certain conditions. These conditions include no longer necessary purposes, withdrawal of consent, or unlawful processing. To exercise this right, the data subject can contact an employee of the data controller.

e) Right to Restriction of Processing Under specific conditions, such as disputing data accuracy, the data subject can request the restriction of the processing of their personal data. If needed, the data subject can contact an employee of the data controller to exercise this right.

f) Right to Data Portability The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller. This applies when processing is based on consent or a contract and automated means are used. To exercise this right, the data subject can contact an employee of 10xshareholders.

g) Right to Object Any person whose personal data is processed has the right, based on specific grounds related to their particular situation, to object to the processing of their personal data, including profiling based on Article 6(1)(e) or (f) of the General Data Protection Regulation (GDPR). If there is an objection to processing by 10xshareholders.com, the personal data will not be processed unless there are compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims. If 10xshareholders.com processes personal data for direct marketing, the data subject has the right to object at any time. If the data subject objects to processing for direct marketing, the personal data will no longer be processed for this purpose. Additionally, the data subject has the right to object, on grounds relating to their particular situation, to the processing of their personal data for scientific or historical research purposes or statistical purposes unless the processing is necessary for the performance of a task carried out in the public interest. The data subject can address their objection directly to any employee of 10xshareholders or another employee. Alternatively, the data subject can exercise their right to object concerning the use of information society services, regardless of Directive 2002/58/EC, using automated processes that use technical specifications.

h) Automated Individual Decision-Making, Including Profiling Any person whose personal data is processed has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, except when the decision is necessary for entering into or performance of a contract, is authorized by Union or Member State law, or is based on the data subject’s explicit consent. If the decision is necessary for entering into or performance of a contract or is based on explicit consent, 10xshareholders.com takes suitable measures to safeguard the data subject’s rights and freedoms. The data subject can contact an employee of the data controller at any time to exercise their rights related to automated decisions.

i) Right to Withdraw Consent Any person whose personal data is processed has the right to withdraw their consent to the processing of personal data at any time. To exercise this right, the data subject can contact an employee of the data controller at any time.

  1. Privacy Provisions for the Use of the 10xApp (in Development)
  • Location Data Usage If you agree to our app accessing your location data, we might use this data to present tailored content within the app based on your location. This content could be editorial or promotional, fitting your current location. Such location data serves purely for content presentation and can’t identify you personally. Profiles based on location or movement aren’t constructed.
  • Device Identification Characteristics Our app employs varied techniques for device identification and to exhibit user-centric details. This aids in associating both complimentary and subscription-based services with devices, facilitating “push notifications,” and directing ads across applications. For iOS (Apple) gadgets, the “Advertising Identifier” from Apple is used. With these IDs, personal identification isn’t feasible. These IDs are crafted as per the OS provider’s norms. We uphold your preferences regarding targeted ads. Push notifications’ delivery relies on “Device Tokens,” initiated by Apple or Google (for Android apps) at app initiation.
  • Google Analytics App Tracking The app integrates Google Analytics App Tracking, a service by Google Inc. (“Google”). This service uses “IDs,” distinct markers formed and stored on your gadget, enabling app usage analysis. Data derived from the ID regarding your app interactions generally goes to a Google hub in the USA for storage. When IP anonymization is on in this app, your IP undergoes truncation within EU states or other EEA agreement nations first. Only rarely is the complete IP forwarded to Google’s US server for truncation. Google processes this data for us, analyzing your app interactions, crafting app activity reports, and extending related services. The provided IP doesn’t merge with other Google datasets. You possess the right to decline Google’s collection and processing of app data linked to the ID (comprising your IP) by toggling the switch below. Yet, be aware: this action just ceases our app’s metrics collection. Other entities might still gauge your interactions via Google Analytics App Tracking. IP anonymity stands active within our app.
  1. Privacy Policy Regarding the Use of Facebook Features

Components of Facebook have been incorporated by the controller into this website. Facebook, a platform enabling online interactions, is operated by Facebook, Inc., situated at 1 Hacker Way, Menlo Park, CA 94025, USA. Whenever a page with the Facebook plugin is accessed, the browser is prompted to fetch the Facebook plugin’s display. When users are logged into Facebook, the platform gathers data on the specific website sections they visit. To prevent such data transmission to Facebook, users can log out of their Facebook accounts before navigating our site. For a comprehensive understanding of data collection and usage, Facebook’s privacy guidelines offer further insights.

  1. Payment Method

On this website, we have integrated the payment option “Credit Card,” which allows you to conveniently and securely pay with your credit card. This service is provided in cooperation with the payment processor Stripe. The operating company of the payment processor Stripe is Stripe Inc., 510 Townsend Street, San Francisco, CA 94103, USA. When you select the “Credit Card” payment option in the online store during the ordering process, data is automatically transmitted to the payment processor Stripe. By choosing this payment option, you consent to the necessary transfer of personal data for payment processing. During the checkout process using the credit card option, the necessary payment information is securely transmitted to Stripe. This may include, among other things, the credit card number, expiration date, cardholder’s name, and security code. The data transmission serves exclusively for payment processing and fraud prevention. The controller also transfers personal data to Stripe when there is a legitimate interest in such transmission. The data exchanged between Stripe and the controller may, under certain circumstances, be forwarded to credit agencies to conduct identity and credit checks. Stripe may disclose personal data to affiliated companies, service providers, or subcontractors if this is necessary to fulfill contractual obligations. You have the right to revoke your consent to the processing of personal data at any time vis-à-vis Stripe. However, please note that revoking the consent does not affect the processing of necessary data for payment processing.

  1. Basis for Data Processing

The legal basis for processing personal data in our company is derived from Article 6(1)(a) of the General Data Protection Regulation (GDPR) when we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfill a contract in which the data subject is a party, the basis is under Article 6(1)(b) GDPR. This applies, for example, to processing operations required for the delivery of goods or the provision of services. Similarly, processing is based on Article 6(1)(b) GDPR when pre-contractual measures are carried out, such as inquiries about our products or services.

If our company is subject to a legal obligation that requires the processing of personal data, such as for fulfilling tax obligations, the processing is based on Article 6(1)(c) GDPR. In rare cases where processing is necessary to protect vital interests of the data subject or another natural person, Article 6(1)(d) GDPR applies. An example would be sharing information with a doctor or third parties in the event of an injury to a visitor at our premises.

Finally, processing operations may also be based on Article 6(1)(f) GDPR if they are not covered by the aforementioned legal bases. In such cases, processing is carried out to protect a legitimate interest of our company or a third party, provided that the interests or fundamental rights and freedoms of the data subject do not override these interests. Such processing operations are permitted, especially when the European legislator assumes a legitimate interest, such as when the data subject is a customer of the controller (Recital 47, sentence 2 GDPR).

  1. Legitimate Interests in Processing

If the processing of personal data is based on Article 6(1)(f) GDPR, we pursue our legitimate interest with this processing to conduct our business operations for the benefit of all our employees and shareholders.

  1. Storage Duration of Personal Data

The duration of the storage of personal data is based on the respective statutory retention periods. After these periods expire, the corresponding data is routinely deleted unless it is no longer required for contract fulfillment or initiation.

  1. Provision of Personal Data and Potential Consequences

We inform you that the provision of personal data may be partially legally required (e.g., tax regulations) or contractually necessary. In certain cases, providing personal data is necessary to conclude a contract. For example, the data subject is obliged to provide us with personal data when entering into a contract with our company. Failure to provide such data would result in the contract not being concluded. Before providing personal data, the data subject has the right to contact one of our employees to be informed about whether the provision is legally or contractually required, whether there is an obligation to provide the data, and what consequences the failure to provide it might have.

  1. Automated Decision-Making

As a responsible company, we refrain from automated decision-making or profiling.