In the context of transactions processed through collana pay, personal data is collected. To ensure data protection and the security of our users' information, a process for anonymizing this data exists.
The personal data collected during a transaction is automatically anonymized after a period
of 36 months. This involves overwriting the relevant data fields in all collana pay databases
and indexes with null values.
This process is continuously and automatically executed and evaluates transactions based on their timestamp to determine if they are due for anonymization. Once transactions meeting this criterion are identified, they are grouped together and anonymized.
- BillingCustomerData
- NameData (first name, last name)
- AddressData (house number, street)
- PersonalData (date of birth, id number)
- ContactData (email, phone number)
- Companydata (name, registration)
- CustomerNumber
- ShippingCustomerData
- NameData (first name, last name)
- AddressData (house number, street)
- ContactData (email, phone number)
- Companydata (name, registration)
- PaymentParamters
- IpAddressData (IPv4, IPv6)
- PaymentMethodData (individual data per payment method)
- CartItems
- TrackingNumber (Tracking number for parcels)
- TrackingUrl (Link for parcel tracking)
- Callback (individual information for response to the integrating system)
- PassThroughValue (freely selectable value from the integrating system)
- PaymentInstrumentInfo (e.g., pseudo card numbers, brands, etc.)
- Data (information returned individually by the PSP)
- Redirect (individual information for forwarding to the PSP)
After anonymizing the mentioned data fields, collana hive GmbH has no longer any way to associate the transaction with an individual person. All other relevant fields remain unchanged, allowing for the continued analysis of information such as amounts, transaction numbers, and any subsequent interactions.
It is important to emphasize that this measure aims to ensure the anonymity of the individuals concerned while preserving the ability to analyze and evaluate general transactional data.
After a period of 5 years, the entire transaction history will be deleted.
This timeframe has been established to ensure that data is retained for an appropriate period and that no unnecessary storage of sensitive information occurs.
This measure is carried out in accordance with applicable data protection regulations and aims to protect the confidentiality and integrity of our users' data.