8. *Social Media / Social Networks**

 8.1 *Roha Executive’s Social Media Presence*:

 Roha Executive maintains active pages on social networks like Twitter, LinkedIn, or Facebook. Detailed information about the processing of personal data on these platforms is provided by the respective social network providers. Additionally, please refer to our notes on our pages on these platforms for further details.

 8.2 *Facebook, Facebook Messenger and Facebook Connect*:

 Roha Executive utilizes services provided by the social network, Facebook, operated by Meta Platforms Inc., with its main office at 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”). In Europe, the controller for data processing concerning Facebook is Facebook Ireland Ltd., located at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. You can access Facebook’s privacy information at: [Facebook Privacy](https://www.facebook.com/about/privacy/)

      You can contact and exchange messages with Roha Executive via Facebook Messenger.

      Furthermore, Roha Executive offers the option of logging into your Roha Executive account using Facebook Connect. To do so, you will be redirected to a Facebook page where you can log in using your Facebook credentials. When you log in to your Roha Executive account via Facebook Connect, certain personal data will be transmitted from Facebook to Roha Executive. Facebook will inform you about the data that will be transferred and you may grant or deny explicit consent for this purpose. Personal data will not be transferred from Facebook to Roha Executive without your consent. Facebook can also determine from your Facebook Connect login that you have logged in to Roha Executive and when this occurred. Roha Executive utilizes the data received from Facebook for identification purposes.

      **If you actively choose to log in via Facebook, you consent to Roha Executive processing the data transmitted by Facebook in a personalized manner for the purpose of identifying you in connection with your account. This consent can be revoked at any time without incurring any additional costs and will apply for future transactions.**

      Additionally, you have the option to adjust the usage of Facebook Connect and log in to your Roha Executive account using another method at any time.

      With your consent, Roha Executive utilizes Facebook Custom Audiences from lists to deliver targeted advertising via Facebook. Roha Executive compiles lists of existing contacts and uploads them to Facebook through Roha Executive’s Facebook account. Before uploading, the list is locally hashed in the browser and then sent to Facebook. It is then compared with Facebook’s existing list of hashed IDs of Facebook users. Matches are then added to Roha Executive’s Custom Audience. Facebook does not gather any new personal data in this process.

      The legal basis for the processing of personal data when using Facebook Connect is, in each case, Art. 6 Paragraph 1 lit a GDPR (your consent).

      Information about Facebook’s cookies, pixels, and similar technologies used by Roha Executive will be provided in our Cookie Policy.

   8.3 *Google Customer Match*:

      Roha Executive employs the Customer Match service provided by Google LLC, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

      With Google Customer Match, Roha Executive compiles lists of existing contacts and uploads them to Google through Roha Executive’s Google Account. Before uploading, the list is hashed locally in the browser using the SHA256 algorithm and then transmitted to Google with TLS encryption. It is then compared with existing Google Accounts. Matches are then added to Roha Executive’s Audience. This allows us to display targeted advertising via Google Ads.

      The legal basis for processing personal data when using Google Customer Match is Art. 6 para. 1 lit. a GDPR (your consent).

      Information about Google’s cookies and similar procedures used by Roha Executive will be provided in our Cookie Policy.

9. **Data Processing During Registered Use of Roha Executive Services and Booking Rides**:

   When you register and use Roha Executive Services or book rides, Roha Executive processes the following personal data provided by you (“customer data”):

   – Personal master data (such as form of address, title, first name, last name, company, address, zip code, city, country, password).

   – Contact data (e.g., telephone number, mobile number, email address).

   – Contract data (e.g., time and manner of registration, status).

   – Ride-related data (e.g., pickup location, destination, times, flight number, special requests).

   – Status (e.g., bonus program), customer history (e.g., previous rides).

   – Contract invoicing (e.g., invoices, status, invoicing address) and payment data (e.g., last 4 digits of the credit card number).

This customer data is utilized for various purposes, including personalized fulfillment of the framework agreement after registration, procurement of booked rides, and fulfillment of the contract of carriage for the benefit of the customer with the limousine service provider. Roha Executive may provide customer data to third parties, particularly to the limousine service providers, to facilitate transportation according to bookings and process the transport.

If you have indicated participation in a bonus program supported by Roha Executive, the necessary data is transmitted to the bonus program provider. Payment data collected is stored via a payment service provider and transferred to the intermediary financial service provider or bank.

Customer data may be transmitted to limousine service providers in third-party countries outside the European Union or the European Economic Area where the transport is intended to take place. Adequacy decisions or suitable guarantees are not required for such transmission as it is necessary for the performance of a contract between the data subject and the controller or to carry out pre-contractual measures upon request from the data subject.

Customers have the option to rate a ride arranged by Roha Executive, e.g., in the Roha Executive App. Ratings are stored in the customer’s profile and may be communicated to the respective driving service or provider or chauffeur in anonymized form. The customer can view their own reviews, but other customers will not see these reviews. The purpose of the data processing within the evaluation system is to handle the trip or the payment towards the driver or the dispatcher, as well as to analyze and improve Roha Executive Services.

The legal basis for the processing of personal data during registered use of Roha Executive Services and booking of trips is Art. 6 para. 1 lit. b GDPR (contract performance). If the data subject provides additional, voluntary information, the legal basis is their consent according to Art. 6 Paragraph 1 lit a GDPR and Roha Executive’s legitimate interest according to Art. 6 Paragraph 1 lit. f GDPR.

In addition, Roha Executive processes customer data to analyze the use of Roha Executive Services, design and improve them in a demand-oriented and personalized manner, advertise the Roha Executive Services, detect, limit and eliminate malfunctions and problems of a technical or process-related nature, and prevent illegal use of Roha Executive Services. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR (Roha Executive’s legitimate interest).

Data will not be passed on to recipients unless to Roha Executive’s data processors (Art. 28 GDPR) or as far as otherwise permitted by law.

10. **Payment & Fraud Prevention**:

 10.1 *Payment*:

 All Roha Executive bookings can be paid by credit or debit card. For the protection of credit card information, a certified payment provider is used whose systems meet the applicable security standards, such as the PCI DSS standard.