Data protection and information security are essential elements at luca. The protection of your data and your trust are very important to us. Therefore, we have implemented technical and organisational measures to ensure the security of processing, which we are continuously developing. luca meets all requirements of the EU General Data Protection Regulation and is data protection compliant according to the EU GDPR. Download our TÜV Saarland certificate Please click here to download If you would also like to check the validity of this certificate, you can do so here using the TÜV Saarland certificate database.
%402x%20(2).svg){kind=icon}
Yes. luca meets all requirements of the EU General Data Protection Regulation and is data protection compliant according to the EU GDPR. This was recently certified by TÜV Saarland. In accordance with the EU GDPR, we have checked our product for the essential legal requirements such as data protection through technical design and data protection-friendly default settings (Art. 25 EU GDPR) or the support of customers in safeguarding data subject rights – such as the right to deletion, the right to information or the right to data portability (Chapter 3 EU GDPR) and have made the appropriate adjustments.
On the one hand, we oblige all employees to maintain confidentiality and data protection in general and familiarise them with the corresponding consequences in the event of a violation. On the other hand, we regularly conduct data protection training courses in our company.
Organizationally, we are guided by the requirements of ISO/IEC 27001 and strive to continuously improve processes and structures in data protection and information security.
Should, contrary to expectations, a data breach occur at luca that affects clients' personal data and the breach is likely to result in a risk to the rights and freedoms of operators and users, Luca will immediately inform the data subject of this in accordance with legal and contractual obligations.
Yes, data protection is an integral part of our product strategy and therefore, when developing luca, we pay attention to principles such as data economy and the use of state-of-the-art measures to ensure an appropriate level of protection. As part of the EU GDPR, we have also reviewed the entire application with regard to the default settings and adjusted them to achieve the highest possible level of data protection friendliness while maintaining usability. In addition, the settings are generally designed in such a way that customers can adapt them to their needs. To ensure this on an ongoing basis, we have also defined a process to continuously incorporate legal requirements into the product development process and then review the application at regular intervals.
If you have any further questions, you can contact our appointed data protection officer. You can reach them at privacy@culture4life.de.
The responsibility lies with you as the operator at the location. You initiate the payment and thus also the collection of the data for the settlement of the invoice of your customers.
We act as a technical service provider. This means that we connect you to Rapyd, the payment service provider, and provide you with the support you need at any time.
After successfully creating a luca Locations account, you have concluded an Data Processing Agreement (DPA) with us. It regulates how we handle data related to your account. This contract is stored in your profile. You can access it via your luca Locations account.
