LAST UPDATED: October 20th, 2023
Who can I contact?
Responsible for this website is:
2108 N ST, #6753,
Sacramento, CA 95816
Via the contact data you can reach our Data Protection Officer or another data protection relevant contact. Don’t hesitate to contact us if you have specific questions about your personal data, deletion of your personal data or similar things.
What are my rights?
You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:
- Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)
- Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
- Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your email address has changed and we should replace your old email address)
- Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)
- Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your email address, but only to send absolutely necessary emails)
- Right to data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website)
- Right to send complaints to the supervisory authority in accordance with Art. 77 para. 1 f GDPR (e.g. you can contact the data protection supervisory authority directly: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm)
Deletion of data and storage periods
Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed, e.g. your email address after you have unsubscribed from a newsletter. Your data will also be deleted or blocked automatically if the mandatory storage period expires. Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you. Data protection inquiries and other legal matters may also be stored for a longer period of time within the scope of the legally relevant retention and statute of limitations periods.
Visiting our website
If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g.:
- IP address (e.g. 82.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)
- Approximate location based on IP range (e.g. “Berlin city”)
- Internet provider (e.g. “Telecom” or „AT&T”)
- Internet connection speed (e.g. 120 Mbit)
- Date and time of visit (e.g. 11:55 on 25.05.2023)
- Last visited website (e.g. google.com)
- Browser and version (e.g. Chrome or Safari)
- Operating system (e.g. Mac OS)
- Hardware (e.g. Intel processor)
As a protective measure in favor of your privacy, we delete or anonymise the IP address after your visit to our website. This means that the other technical data can no longer be traced back to you and are only used for anonymous, statistical purposes to optimize our website. The purpose of the temporary storage of the data is, on the one hand, the technical necessity for establishing the connection and, on the other hand, the correct, error-free presentation of our website. The IP address and the technical data already mentioned are necessary to display the website, to prevent display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.
You can contact us at firstname.lastname@example.org.
As a protective measure, contact is established – just like the visit to the rest of the website – via an encrypted connection. You may also choose other means of getting into contact with us. After the successful contact and completed contact request, your data will be deleted. The sole purpose of the requested data is to contact you or communicate with you, which is why the data is only used for this purpose. The legal basis is the so-called legitimate interest, which has been examined in order to pursue the purpose and within the framework of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.
Sign up/ Log-in
You also have the option of signing up on our website and then logging in at any time with a user account. To register with us, the following data is required:
- First- / Last name
As a protective measure, data is transmitted via a secure connection like the rest of the website. After successful confirmation your data will be stored until you decide to delete individual data or the entire user account. The purpose of the data requested is the creation of a user account that provides extended functionality to the website. Sign up is voluntary and can be withdrawn or the user data deleted at any time. The legal basis is your consent in accordance with the European data protection requirements under Art. 6 para. 1 lit. a GDPR. In cases where the sign up is required for the mutual conclusion of the contract, the legal basis is the fulfillment of the contract in accordance with the European data protection requirements from Art. 6 para. 1 lit. b GDPR.
Social Sign-In & Social Login
In addition to the manual registration, we offer you the possibility to register with us directly with your existing user account of a social network of selected providers. We use the platform “”Google Sign In”. If you want to use one of these functions, you will be redirected to the page of the respective provider and navigated through the registration.
As a protective measure, data that you enter is transmitted via a secure connection through the corresponding platform. We do not use the login to access personal information such as friend lists or contacts or to store such information for our own purposes. There is no permanent link between your account and your account on Facebook and Google. We do not know what information social networks collect during registration or how information is linked. Further details can be found in the privacy statement of Google (https://policies.google.com/privacy). The purpose of the data requested is the registration via an existing user account to use extended functionality on the website. Registration via the social networks is voluntary and can be withdrawn or the user account can be logged out at any time. The legal basis is your consent in accordance with the European data protection requirements under Art. 6 para. 1 lit. a GDPR.
If you are interested in receiving updates about our company or our products, you can subscribe to our newsletter. You will then receive an email in which you must click on a link to confirm receipt of the newsletter. We will then save your e-mail address until you unsubscribe from the newsletter. For this purpose you will find a corresponding link to unsubscribe in every email of our newsletter. The delivery of the newsletter is carried out by specialized service providers:
- Intuit Mailchimp: https://www.intuit.com/privacy/statement/;
- Hubspot: https://legal.hubspot.com/privacy-policy;
As a protective measure, we ask for a so-called “Double-Opt-In” to ensure that the registered email address actually belongs to you. Furthermore, we have entered into a data processing agreement with the assigned service provider. You are also able to unsubscribe from the newsletter at any time and thus delete your email address from the service provider’s database. The purpose of the data requested is to send the newsletter to your personal email address in order to fulfill your request for updates about our company or our products. The legal basis is your consent in accordance with the European data protection requirements under Art. 6 para. 1 lit. a GDPR.
Insofar as you apply to us online or otherwise respond to one of our job ads, we collect and process the personal applicant data for the purpose of handling the application process. The processing is primarily carried out electronically. This is particularly the case if corresponding application documents are submitted electronically to us, for example by e-mail or via a web form located on the website. If we conclude an employment contract, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If we do not conclude an employment contract, the application documents will be deleted six months after notification of the rejection decision – this retention period is justified by a potential obligation to provide evidence in proceedings under the General Equal Treatment Act (AGG). If consent was given, applications may also be retained for longer than six months.
The legal basis is the establishment and performance of the employment relationship on the basis of an employment contract in accordance with Art. 6 para. 1 lit. b GDPR, Art. 88 GDPR with § 26 BDSG (Federal Data Protection Act of Germany, where applicable).
Our website partially uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:
- Name of the website
- Expiration date of the cookie
- Any value
If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually.
We use the following three types of cookies on our website:
- required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily)
- functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages)
- advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)
You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers can be found here: https://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html
In accordance with the descriptions and purposes stated above, we share your information with the following recipients that are essential to providing our services and communicating with you:
We only share data that is necessary for the performance of the mutual contract or if you have given us your consent, for example in the context of our newsletter or cookie banner. If no contract exists yet, we share the data in certain cases in the context of legitimate interests. This is the case, for example, if you only want to visit our website or contact us. When you visit our website, it is in the interest of both parties to provide access to the services and to communicate with each other.
We have also entered into data processing agreements with all external recipients to comply with European legal requirements. Depending on your location, some of the above service providers – if specified – will also transfer your data to the United States. The European Court of Justice has ruled that the United States does not have an equivalent level of data protection to the EU and authorities may be able to access data without due process. Additional safeguards are therefore required to ensure a sufficient level of data protection. To meet this requirement, we have concluded additional data processing agreements called Standard Contractual Clauses. We also check each service provider together with our data protection officer and ensure that additional security measures are available, such as strong encryption of data.
We take reasonable administrative, physical and electronic measures designed to protect Personal Data and Other Information from unauthorized access, use or disclosure. Data collected from your device is encrypted using SSL or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
Our customers are advertisers. On behalf of a customer, we receive data about its advertising campaign on a particular advertising network directly from that network. “Customer Data” means advertising campaign data or information made available to Tenjin or the Tenjin Platform by or on behalf of a customer or any Authorized User, or via a customer’s use of the Tenjin Platform. We format and otherwise process the Customer Data, to help our customer understand and analyze the effectiveness of and costs associated with its advertising campaigns across various advertising networks.
Customer Data may include the following Personal Data:
-name and surname of customer and/or any customer staff that interacts with us;
-e-mail address(es) used to communicate with us;
-company name and address, invoicing address, payment details;
-IP addresses, advertising unique identifiers;
-credentials to customer’s sources, storage, destinations.
How we collect customer data
We collect Customer Data through Tenjin’s software development kit (“Tenjin SDK”) that customers have a license to use. We may also collect Customer Data from our customers’ third-party mobile marketing partners, to the extent that the customer has authorized us to do so.
How we use customer data
We use Customer Data to provide the Services to the relevant customer. We may also use it to improve the Services and develop new products and services.
We do not share Customer Data with any customer other than the customer to which it relates unless we have received the prior express written consent of the customer to do otherwise. Without consent, we may disclose Customer Data:
To the external service providers and consultants who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, network and system safety and security services, customer service, email delivery, auditing and other similar services.
In all such cases Personal Data shall be processed by the mentioned Processors solely on our behalf and shall not be processed for the Processors’ or any other third party’s own purposes. To the extent required by law, Tenjin and/or Tenjin Inc. have closed agreements pursuant to art. 28 GDPR with such Processors.
In all above-mentioned cases, the processing of Customer Data – in as far as Personal Data is concerned – is necessary in order to provide the Services according to the contract or agreement customers have entered into with us. The legal basis of processing is therefore art. 6 par. 1 lit. b) GDPR.
In addition, we may use or disclose Customer Data as we believe necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, customers or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
In the above cases (a) to (c) the legal basis for processing is art. 6 par. 1 lit. c) GDPR.
In the above cases (d) – (g) it is our legitimate interest to process Personal Data to protect our legal rights and enforce our claims, as well as to ensure the safety, security and stability of our networks and systems. The legal basis for processing is art. 6 par. 1 lit. f) GDPR.
In principle and unless otherwise stated, personal data will only be stored until the purpose of the collection and storage is achieved. If the storage is based on your consent, personal data can be stored as long as you do not revoke such consent; if it’s based on a contract we have closed with you, as long as such contract is effective.
Furthermore, data may be stored if it is required by European or national legal provisions, laws or regulations which we are subject to. Personal data will be blocked or deleted if the retention period set forth by any such regulations expires, unless further storage is necessary for the conclusion or fulfillment of a contract.
Unless prohibited by applicable law or advertising network terms, we may aggregate Customer Data such that it is not reasonably identifiable with or to the customer to which it relates, or the customer’s end users (“Aggregate Data”). We may share Aggregate Data with third parties for industry research and analysis, demographic profiling and other similar purposes.
How we collect and process end user data for customers
Customers may send information about individuals using their app (“End Users”) to Tenjin for processing and storage. This information may include Vendor ID (if available), IP address, Apple Search attribution (if enabled), Device ID, Bundle ID, SDK Version, App Version, OS Version, Device Type, Device Model, Device Locale, Device Country, OS Platform, Limit Ad Tracking setting, and Advertising ID. Advertising IDs are user-specific, unique character strings that can be reset by the user and are used to track an End User’s device for advertising purposes. Examples include Google Ad ID and IDFA.
We process such data from the source and write it directly to client storage.
We use a non-persistent buffer on our side (ram/tempfile) on non-persistent compute nodes. In other words, we process the data only when our code helps to transfer the data from sources to destinations. It is only in ‘memory’ as the process runs and it never enters any of our servers.
We process End User data only in an aggregated, anonymized manner in order to provide our services, such as market analytics, to our Customers. We do not process End User data in order to track single users or to enrich data referring to single users. We do not create user profiles.
Tenjin customers must abide by all applicable laws. In particular, Tenjin customers acknowledge and accept that they are acting as controllers (as of art. 4 no. 7) GDPR) in the relationship to End Users, whose Personal Data they disclose to Tenjin. Therefore, customers commit to inform End Users as required by law (including but not limited to art. 13, 14 GDPR) and obtain all applicable consents (if any) before sending End User data to Tenjin.
When processing Personal Data referring to End Users Tenjin therefore acts as processor within the meaning of art. 4 no. 8) GDPR pursuant to the data processing agreement (“DPA”) we enter into with customers.
How we process and secure data
Tenjin is a SaaS company whose solutions are built on the AWS platform. Data is processed by Tenjin in secure locations operated by Amazon (AWS) and Google Cloud Platform (GCP) in the United States.
Tenjin uses appropriate and reasonable measures to protect data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, while taking into account any inherent risks and the nature of the data.
- Tenjin Trust Report is available at https://app.vanta.com/tenjin/trust/ywn3l93hj2amywx3h6448;
- Additional details on AWS security certifications and procedures can be found here: https://aws.amazon.com/security/;
- Additional details on AWS security certifications and procedures can be found here: https://cloud.google.com/security.