Data protection and information security are central components of luca.
Protecting your data and your trust are very important to us. We have therefore implemented technical and organizational measures to ensure the security of processing. We are continuously developing these measures.luca meets all requirements of the EU General Data Protection Regulation and is data protection compliant in accordance with the EU GDPR.
%402x%20(2).svg){kind=icon}
Yes, luca meets all requirements of the EU General Data Protection Regulation and is data protection compliant in accordance with EU GDPR. We were recently certified by TÜV Saarland. As part of preparations for the EU GDPR, we have reviewed our product for key legal requirements such as data protection through technology design and data protection-friendly default settings (Art. 25 EU GDPR) or even helping customers to protect the rights of data subjects such as the right to deletion, right of information or the right to data portability (chapter 3 EU GDPR) and made appropriate adjustments.
On the one hand, we oblige all employees to maintain confidentiality and data protection in general and familiarise them with the corresponding consequences in the event of a violation. On the other hand, we regularly conduct data protection training courses in our company.
Organizationally, we are guided by the requirements of ISO/IEC 27001 and strive to continuously improve processes and structures in data protection and information security.
Should, contrary to expectations, a data breach occur at luca that affects clients' personal data and the breach is likely to result in a risk to the rights and freedoms of operators and users, Luca will immediately inform the data subject of this in accordance with legal and contractual obligations.
Yes, data protection is an integral part of our product strategy and therefore, when developing luca, we pay attention to principles such as data economy and the use of state-of-the-art measures to ensure an appropriate level of protection. As part of the EU GDPR, we have also reviewed the entire application with regard to the default settings and adjusted them to achieve the highest possible level of data protection friendliness while maintaining usability. In addition, the settings are generally designed in such a way that customers can adapt them to their needs. To ensure this on an ongoing basis, we have also defined a process to continuously incorporate legal requirements into the product development process and then review the application at regular intervals.
If you have any further questions, you can contact our appointed data protection officer. You can reach them at privacy@culture4life.de.
As the operator of the location, you are responsible. You initiate payment and thus also the collection of data to settle your customers' invoices.
We act as a technical service provider. This means that we connect you to Rapyd, the payment service provider, and provide you with the support you need at any time.
After successfully creating a Luca Locations account, you have concluded an order processing agreement (AVV) with us, which regulates how we handle data relating to your account. This is stored in your Luca Location profile.
