Keeping information secure
All our products and services are built with strong security features that continuously protect your information. The insights we gain from maintaining our services help us detect and automatically block security threats. We work hard to protect you and our services from unauthorized access, alteration, disclosure, or destruction of information. Measures implemented include but are not limited to:
- We use strong encryption to keep your data private while in transit.
- We encrypt data on all of our devices to keep your data private while at rest.
- We continuously review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems.
- We restrict access to personal information to employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined, terminated, and prosecuted if they fail to meet these obligations.
- A cookie is a tiny piece of text sent to your browser by a website you visit. It helps the website to remember information about your visit, like your preferred language and other settings, and to recall who you are after having logged in.
- You can set your browser to ask before allowing cookies or to not allow cookies at all. Please refer to your browser's help to find out about the options available. Please be aware, that it is not possible to log on to our services or place an order with cookies fully deactivated.
This policy reflects our duties under the General Data Protection Regulation 2016 (GDPR). It describes how we use personal data (data that is about you) fairly, keep it secure, make sure it is accurate, and uphold your rights as a data subject. These rights are:
- Information to be provided where personal data are collected from the data subject (Art. 13):
- Information to be provided where personal data have not been obtained from the data subject (Art. 14): not applicable, all personal data will be obtained from the data subject
- Right of access by the data subject (Art. 15):
You have the right to access your personal data that we hold. This is called a subject access request. We must respond to your request within one month.
- Right to rectification (Art. 16):
If you think the data we hold on you is incorrect, please inform us so we can put it right.
- Right to erasure ('right to be forgotten') (Art. 17):
You have the right to request that we delete your data. We will do so, provided that we do not have a compelling reason for keeping it.
- Right to restriction of processing (Art. 18)
- Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19)
- Right to data portability (Art. 20):
You can obtain and reuse your personal data for your own purposes across different services.
- Right to object (Art. 21):
You have the right to object to
- Direct marketing: you can opt out of direct marketing any time by following the instructions on how to unsubscribe included in any direct marketing message that we send to you.
- Any processing where our lawful basis is legitimate interest (see above). If you would like to formally object to any of our legitimate interest processing, please contact us.
- Automated individual decision-making, including profiling (Art. 22):
This is not something we do at all. If that ever changes, this policy will be updated accordingly.
You can use the social media icons provided on our sites to post content and and to comment on social networks.
When you click on any of these icons, you will be directed to the respective site. That site will be registering that action and may use that information. Please refer to the respective policies of that site to see how exactly they use your information and to find out how to opt out or delete such information.
AWS (Amazon Web Services)
To allow faster and more reliable access to our websites and services we use CDN services provided by CDN77
DNS services, SMTP routing, web content delivery, and web security are provided by Cloudflare
Webanalytics are provided by Conva Ventures Inc., please see their (Privacy notice for Fathom Analytics
). We use their EU Isolation feature that keeps all data in EU datacenters run by a EU company.
Our own communication services including but not limited to email run on Microsoft 365 (Microsoft Trust Center
All services are hosted in datacenters located in the EU.
Our order process is conducted by our online reseller Paddle.com
. Paddle.com is the MOR (Merchant of Record) for all our orders. Paddle provides all customer service inquiries and handles returns (Paddle GDPR
Please send formal complaints, feedback, and all other requests regarding data privacy and data protection in general to firstname.lastname@example.org