Data protection
We are very pleased that you are interested in our company. Data protection is of a particularly high priority at heycare. This is because every user should always be informed which personal data (hereinafter “data”) heycare processes.
Should anything be unclear, please never hesitate to get in touch with us. Data protection case law and decision-making practice is constantly evolving dynamically and we always try to keep pace accordingly. However, should we, contrary to expectations, “go through a topic”, please do not hesitate to contact us using the contact details provided by the person responsible for data protection. We will then immediately address your request.
The term “user” is to be understood broadly below. It includes companies and parents who register with heycare, as well as nannies and pure visitors to our site who do not register. The term is also to be understood as gender-neutral. This privacy policy explains to you the nature, scope and purpose of the processing of personal data within our online offering. The privacy policy applies regardless of the domains, systems, portals and devices (e.g. desktop or mobile) used on which the online offer is run. We process data strictly in compliance with the relevant data protection regulations. It's kind of obvious, but it's also a self-image for us. Because your data is important to us.
In other words, this means that the data will only be processed if there is legal permission.
In addition, we will inform you below about the third-party components we use for optimization purposes and to improve the quality of use, insofar as third parties process data on their own responsibility as a result. With regard to the processing of personal data on the basis of the Data Protection Regulation (GDPR), we would like to point out that the legal basis of consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing to fulfill our services and implementation of contractual measures Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations Art. 6 para. 1 lit. c GDPR, and the legal basis for processing for protection our legitimate interests Art. 6 para. 1 lit. f DSGVO is.
responsible
Responsible for data processing on this website within the meaning of Art. 4 No. 7 GDPR is:
Heynannyly GmbH
Am Galgenberg 21
91315 Höchstadt
Phone: 0175/1156455
email: team@heycare.com
Our data protection officer is via HeyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, email: datenschutz@heydata.eu reachable.
Heynannyly GmbH
Am Galgenberg 21
91315 Höchstadt
Phone: 0175/1156455
email: team@heycare.com
Our data protection officer is via HeyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, email: datenschutz@heydata.eu reachable.
General statement on information security:
ISO/IEC 27001:2022
1.1 Purpose
heynannyly GmbH has developed and maintains an information security management system (ISMS) in accordance with the ISO/IEC 27001 standard to ensure comprehensive information security.
1.2 Commitment to information security
Protecting information assets:
The company is committed to maintaining the confidentiality, integrity, and availability of all information managed in its environment. This includes data owned by the company, its employees, customers, partners, and suppliers.
ISMS introduction:
To demonstrate its commitment to high information security standards, the company has introduced an ISMS that complies with ISO/IEC 27001 best practices.
1.3 Leadership and Commitment
Alignment with strategy:
Top management ensures that information security goals are aligned with the company's wider strategic goals.
Process integration:
The ISMS requirements are embedded in the company's operational processes to support effective and secure business practices.
Defined responsibilities:
Clearly assigned roles and responsibilities enable efficient control and administration of the ISMS.
Provision of resources:
The company provides the necessary resources to effectively maintain and improve the ISMS.
Commitment to improvement:
Leadership promotes a culture of continuous improvement within the ISMS and supports adaptability to new threats and technological changes.
1.4 Key Objectives of the ISMS
Compliance with regulations and stakeholders:
The company strives to comply with applicable legal, regulatory and contractual obligations and to meet the expectations of interested parties.
Operational continuity and resilience:
A high level of cyber resilience and business continuity is maintained to ensure uninterrupted operations.
Risk identification and mitigation:
Security risks are proactively identified, assessed, and managed to minimize potential impacts and maintain an acceptable level of risk.
1.5 Review and update of guidelines
Scheduled and responsive reviews:
This policy is reviewed and revised at least once a year, or earlier if there are significant changes in the business, technology, or regulatory environment.
ISO/IEC 27001:2022
1.1 Purpose
heynannyly GmbH has developed and maintains an information security management system (ISMS) in accordance with the ISO/IEC 27001 standard to ensure comprehensive information security.
1.2 Commitment to information security
Protecting information assets:
The company is committed to maintaining the confidentiality, integrity, and availability of all information managed in its environment. This includes data owned by the company, its employees, customers, partners, and suppliers.
ISMS introduction:
To demonstrate its commitment to high information security standards, the company has introduced an ISMS that complies with ISO/IEC 27001 best practices.
1.3 Leadership and Commitment
Alignment with strategy:
Top management ensures that information security goals are aligned with the company's wider strategic goals.
Process integration:
The ISMS requirements are embedded in the company's operational processes to support effective and secure business practices.
Defined responsibilities:
Clearly assigned roles and responsibilities enable efficient control and administration of the ISMS.
Provision of resources:
The company provides the necessary resources to effectively maintain and improve the ISMS.
Commitment to improvement:
Leadership promotes a culture of continuous improvement within the ISMS and supports adaptability to new threats and technological changes.
1.4 Key Objectives of the ISMS
Compliance with regulations and stakeholders:
The company strives to comply with applicable legal, regulatory and contractual obligations and to meet the expectations of interested parties.
Operational continuity and resilience:
A high level of cyber resilience and business continuity is maintained to ensure uninterrupted operations.
Risk identification and mitigation:
Security risks are proactively identified, assessed, and managed to minimize potential impacts and maintain an acceptable level of risk.
1.5 Review and update of guidelines
Scheduled and responsive reviews:
This policy is reviewed and revised at least once a year, or earlier if there are significant changes in the business, technology, or regulatory environment.
