Data Privacy Policy

The controller as defined by the General Data Protection Regulation and other national data protection laws of the member states of the European Union (EU), as well as other data protection provisions, is:

RAIDBOXES GmbH
Friedrich-Ebert-Straße 7
48153 Muenster, Germany

The controller’s in-house data protection officer is:

Mr. Jan Hornung

Email: privacy@raidboxes.io

Telephone: 02036086334

I. Introduction

The protection of your data is very important to us! That is why we comply with the statutory provisions on data protection and do everything else in our power to protect your data.

This data privacy statement is intended to give you, as a customer or interested party, a detailed overview as to how and to what extent your data is collected, stored, processed, passed on or transmitted by us when you visit our pages or make use of our services. Furthermore, we want to give you an overview of the data protection measures we have in place and the options available to you when you visit our site and use our services.

In order to be able to ensure the protection of your data in the future too, particularly in the light of new legal requirements and technical developments, it is inevitable that we will adapt this data privacy policy from time to time. We therefore recommend that you re-read our information and notices regarding data processing at regular intervals.

When formulating this privacy policy, we tried to avoid legal phrases as far as possible in order to make the contents comprehensible to laymen too. Where references are made in some places to the legal wording, then this is solely for the sake of completeness. Should any parts not be comprehensible, please let us know so that we can rephrase the relevant part.

However, it has proved very difficult to draft a privacy policy that is on the one hand transparent, comprehensible and complete and on the other hand does not overwhelm the reader with its length. We have therefore decided to provide you with an overview first in a general section and then with further details in the subsequent section of the data privacy statement. Please take a moment to read through this data privacy policy. Should you have any further questions about data protection, you can always contact our data protection officer Mr. Jan Hornung.

1. What data are we talking about?

When we talk about data processing, we always mean your personal data. Art. 4 (1) of the GDPR defines this data as information relating to an identified or identifiable person. This means all data relating to you (whether directly or indirectly), e.g. first name, last name, addresses, e-mail addresses, user behaviour, etc.. Data relating to online websites or services that do not belong to us or over which we have no control is not part of this data privacy policy. Websites or services of other RAIDBOXES customers are also excluded.

2. Why do we process personal data?

Firstly, because we have to: for a contract to be concluded with us, it is absolutely necessary that we have your master data. Secondly, we want to give you as our customer the best possible user experience and are therefore always eager to optimise our services. We only process personal data in compliance with the statutory provisions. That means that the data is only processed if we have legal permission to do so – especially if the processing of the data is necessary for the performance of our contractual services or for the use of the online services, or is required by law. Furthermore, we process data if we have obtained your consent or if we have a legitimate interest in its processing (e.g. interest in analysis, optimisation, economic operation, security of our online offering, in particular as regards range measurement, the creation of profiles for advertising and marketing purposes and the collection of access data and use of third-party services). In the second section, “Further details: cookies and other technologies”, we give you a comprehensive picture of the use and application of these.

3. When and to what extent do we process personal data?

In the following you will find a summary of all the processes during which your personal data is processed. You will find a more detailed description here.

3.1 For the performance of contractual services/ for registration

We process inventory data and contract data in order to fulfil our contractual obligations and perform our services pursuant to Art. 6 (1) lit. b GDPR.

3.2 Establishing contact

If contact is made by email, the information will be processed to the extent necessary to answer your questions. Contact established via our live chat takes place via the services of Intercom. You can find more details on this under the heading “Further details: cookies and other technologies”.

3.3 Visiting our website

When you use our website, services or messaging functions, we or our authorised service providers may use cookies or similar technologies. The information collected helps us to better align our services to the needs of our customers, to make them better, faster and, above all, safer. It also serves advertising purposes. You can find more details about this here.

4. Legal basis for the processing of personal data

Where we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the General Data Protection Regulation (GDPR) is the legal basis. For the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR is the legal basis. This also applies to processing steps which are necessary for the implementation of pre-contractual measures. Where the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR is the legal basis. In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 (1) lit. d GDPR is the legal basis. Where the processing is necessary for the purposes of a legitimate interest pursued by our company or by a third party, except where such interest is overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 (1) lit. f GDPR is the legal basis.

5. Erasure of data and duration of storage

The data we store is deleted as soon as it is no longer required for its intended purpose and if there are no legal obligations for it to be retained. Where user data is not deleted because it is required for other lawful purposes, its processing will be restricted. This means that the data will be blocked and not processed for any other purposes. That applies for example to user data which must be stored for reasons of commercial or tax law. In accordance with legal requirements, the documents are stored for 6 years pursuant to Section 257 (1) of the German Commercial Code (HGB) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years pursuant to Section 147 (1) of the German Tax Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant to taxation, etc.).

6. May minors use our services?

In one word: no. Our website and services may not be used by persons who have not yet reached the age of majority. We do not knowingly record any data concerning minors or other persons who are not allowed by law to use our services. If we discover that we have obtained personal data concerning minors, we will delete it immediately, unless we are required by law to retain it. Please contact us if you suspect that we have accidentally or mistakenly recorded information about a minor.

7. How do we protect your personal data?

We carry out physical, technical and administrative security measures in order to adequately protect your personal data against loss, misuse, unauthorised access, disclosure or alteration. These security measures include firewalls, data encryption, access control for data access, and careful selection of our server locations. We are committed to securing our systems and services.

However, you yourself are responsible for the security and privacy of your passwords, account profile and registration data. Furthermore, it is your responsibility to ensure that the personal data we have about you is accurate and up to date. We are not liable for the protection of personal data which we disclose to third parties on the basis of an account link authorised by you.

8. Where is your data stored?

8.1 Frankfurt

Some of the servers used for the hosting service are located in the Interxion data centres in Frankfurt. The server location is, inter alia, ISO 27001 certified. You can find more details about the data centre here. The locations in the computer centre were rented from Digital Ocean LLC, New York. Digital Ocean operates a cloud platform for virtual servers there and we use this as our hosting platform. An order data processing contract was concluded with DigitalOcean. DigitalOcean is also subject to the EU-US Privacy Shield Agreement.

8.2 Falkenstein / Nuremberg

Another part of the servers used for the hosting service as well as the server for our own infrastructure/data processing (dashboard, monitoring, configuration management etc.) are located in the computer centres of Hetzner, Hetzner Online GmbH, in Falkenstein and Nuremberg. Hetzner offers dedicated servers for rent at these locations, which we use as a platform for hosting. We also use them for our own infrastructure. An order data processing contract was concluded with Hetzner. Hetzner is also subject to the requirements of the General Data Protection Regulation. Hetzner Online GmbH was awarded the certificate 27001. You can find more details about the server locations here.

8.3 Amsterdam

From our early days, there are still a few websites in the data centers of Equinix Amsterdam Data Centers. The server location is, inter alia, ISO 27001 certified. You can find more details about the data centre here. The locations in the computer centre were rented from Digital Ocean LLC, New York.

8.4 Backups

Our backups are stored in the data centers of Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, United States, or AWS for short. We chose Frankfurt as the server location. AWS participates in the EU-US Privacy Shield programme. The server location is, inter alia, ISO 27001 certified.

8.5 SMTP relay (email dispatch)

For the dispatch of transactional emails, we cooperate with the service provider Mailgun (Mailgun Technologies, Inc., 548 Market St. #43099, San Francisco, CA 94104). To this end, the following data is stored:

  • email address “from”
  • email address “to”
  • contents of email
  • domain of the BOX which sends the email

The purpose of the processing is the fulfillment of contractual obligations. Its legal basis is Art. 6 (1) lit. b GDPR.

The data is stored at Mailgun for 15 days. The emails themselves are stored in the BOX for 7 days.

9. When do we forward your data?

First, we would like to assure you that we do not sell, lend or lease your personal data. We only pass on data if this is indispensable, e.g. for the fulfilment of our contractual obligations, if we have a justified interest or if we have received your consent. Each of our contractual partners is conscientiously and carefully selected and we oblige them to protect all data in accordance with the statutory provisions. For this reason, we conclude an order data processing agreement with the processor in accordance with Art. 28 GDPR.

10. Links

Our website may contain links to other providers’ websites for whose content we, RAIDBOXES Gmbh, are not responsible and which are not encompassed by this data privacy policy.

11. Your rights

When personal data concerning you is processed, you are a data subject as defined by the GDPR and you have the following rights vis-à-vis the controller (i.e. vis-à-vis us):

  • Right to access
  • Right to rectification or erasure
  • Right to the restriction of processing
  • Right to object to the processing
  • Right to data portability

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. You will find more information here.

II. Further details: cookies, tracking and other technologies

The following section is intended to give you a better insight into the different technologies we use and how we use them. When you use our website, services or messaging functions, we or our authorised service providers may use cookies or similar technologies. The information collected helps us to better align our services to the needs of our customers, to make them better, faster and, above all, safer. It also serves advertising purposes.

1. Provision of the website and creation of log files

1.1 Description and scope of data processing

When you access our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

  • Information about the browser type and the version used
  • The user’s operating system
  • The user’s IP address
  • Date and time of access
  • Websites from which the user’s system reaches our website
  • The data is also stored in our system’s log files. This data is not stored together with other personal data of the user.

1.2 Legal basis

The legal basis for the temporary storage of the data and log files is Art. 6 (1) lit. f GDPR.

1.3 Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this, your IP address must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. Furthermore, the data helps us to optimise the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this context. These purposes constitute our legitimate interest in the data processing pursuant to Art. 6 (1) lit. f GDPR.

1.4 Duration of storage

The data is deleted as soon as it is no longer required in order to achieve the purpose for which it was collected. In the case of collection of data for the provision of the website, this is the case when the respective session is over. In the case of storage of data in log files, this is the case after seven days at the latest. Storage for a longer duration than this is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to map the client accessing the service.

1.5 Possibility of objection and elimination

Collection of data for the provision of the website and storage of data in log files is indispensable for the running of the website. Consequently, there is no possibility of objection for the user.

2. Cookies

2.1 Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the user’s computer system in or by the internet browser. This cookie contains a characteristic string of characters that makes it possible to clearly identify the browser when the website is revisited. Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. During that particular browser session, they allow us to link your actions together. Other cookies (so-called permanent cookies) remain stored on your terminal device until you delete them. Cookies cannot run programs or transmit viruses to your computer.

We use cookies to make our website more user-friendly. Some elements of our website make it necessary for the calling browser to be identified even after a change of page. In these technically necessary cookies, the following data is stored and transmitted:

  • Language settings
  • Log-in information

On our website we also use cookies which enable us to analyse the surfing behaviour of our users. We use them to monitor the anonymised behaviour of users on the website, for example to record the number of visits per page. The data collected is used solely to optimise our performance and the design of this website. These cookies are mostly third-party cookies (e.g. Google Analytics). The data is however collected in an anonymised form and used only by us. If you as a user call up a website, a cookie may be stored in your operating system. The following data can be transmitted in this way:

  • Use of website functions (Intercom, OneSignal)
  • User behaviour (Crazy Egg, Google Analytics)
  • Allocation of the source of the website calls (our own cookie)
  • Allocation to an affiliate / advertising partner (our own cookie)
  • Frequency of page views (Google Analytics)
  • Search terms entered (Google Analytics)

When you visit our website, we will inform you about our use of cookies for analysis purposes, and we will ask for your permission to process the personal data used in this connection. In this connection we will also refer to this data privacy policy. You will find more information about cookies in the next sections.

2.2 Legal basis for the processing of data

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) lit. f GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is, where consent has been given by the user, Art. 6 (1) lit. a GDPR.

2.3 Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some of the functions of our website cannot be offered without the use of cookies. For these it is necessary to be able to recognise the browser even after a change of page. We require cookies for the following applications:

  • Taking over language settings
  • Remembering search terms
  • Analysis cookies are used for the purpose of improving the quality of our website and its contents. By means of the analysis cookies we learn how the website is used and can thus constantly optimise our offer.

2.4 Duration of storage, possibility of objection and elimination

Cookies are stored on your computer and from there are transmitted to our site. Therefore, you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be carried out automatically. If cookies for our website are disabled, it is possible that not all of the functions of the website can be used to the full extent any more. If you wish to object to the cookies which we, RAIDBOXES GmbH, place, just write to us.

3. Registration

3.1 Description and scope of data processing

On our homepage we offer you the chance of registering by providing personal data. In the process, the data is entered into an input mask, transmitted to us and stored. The data is not forwarded to third parties. The following data is collected during the registration process:

  1. First name
  2. Last name
  3. Email address

3.2 Legal basis for the processing of data

The legal basis for the processing of the data is, where consent has been given by the user, Art. 6 (1) lit. a GDPR. Where registration serves to fulfil a contract to which the user is a party or to carry out pre-contractual measures, an additional legal basis for the processing of the data is Art. 6 (1) b GDPR.

3.3 Purpose of data processing

Registration of the user is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures.

3.4 Duration of storage

The data is deleted as soon as it is no longer required in order to achieve the purpose for which it was collected. This is the case during the registration process for the fulfilment of a contract or for the implementation of pre-contractual measures when the data is no longer required to execute the contract. Even after concluding the contract, it may be necessary to store personal data of the contractual partner in order to fulfil contractual or legal obligations. Long-term liabilities require the storage of personal data during the term of the contract. Furthermore, warranty periods must be observed as well as the storage of data for tax purposes. It is not possible to specify the storage periods to be observed here in general terms; instead, they must be determined on a case-by-case basis for the contracts concluded and contracting parties in each case.

3.5 Possibility of objection and elimination

As a user you have the possibility to cancel your registration at any time. You can change or delete the stored data yourself at any time via the RAIDBOXES user interface. Where the data is required for the fulfillment of a contract or the implementation of pre-contractual measures, premature deletion of the data is only possible if there are no contractual or statutory obligations to the contrary.

4. Use of an e-mail box

We offer you the possibility of adding e-mail boxes to the services under your contract for a fee. In order to be able to offer you this service, under a reseller contract we work with mailbox.org (Heinlein Support GmbH, Schwedter Straße 8/9A, 10119 Berlin). You will findthe data privacy policy of mailbox.org.

4.1 Scope of data processing

When you set up an e-mail box, the following data will be requested and stored: first name, last name, RAIDBOXES customer number, e-mail addresses belonging to the e-mail box, and the names of the corresponding domains.

4.2. Purpose of data processing, legal basis

Input of the data is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures. Art. 6 (1) lit. b GDPR therefore serves as a legal basis.

4.3 Duration of storage

After the end of your e-mail box contract with RAIDBOXES, your link to mailbox.org will be deleted, provided that it was the last e-mail box contract. This includes the links to the domains you stored at mailbox.org. After the end, the DNS settings will remain unaffected. 60 days after deletion of the e-mail box, mailbox.org will delete all the data.

5. Newsletter, e-mail marketing and product information

We offer you the chance of receiving all the latest news about WordPress and our products. For this purpose, we offer you, for example, our free newsletter. We will explain how, when and where we store data in the process as follows:

5.1 Newsletter

On our website we offer the option of subscribing to a free newsletter. When you register for the newsletter, the data from the input mask will be transmitted to us. To subscribe to the newsletter, all you need to enter is your e-mail address. In addition, the following data is collected when you register:

  • Your e-mail address
  • IP address of the calling computer
  • Date and time of registration
  • Geographical data (longitude and latitude)

Your consent to the processing of the data will be obtained during the registration process. This will be recorded by us. Subscription to our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is required so that no one can register with other people’s e-mail addresses. Subscriptions to the newsletter are recorded so that we can prove that the subscription process complies with legal requirements. This includes storing the log-in and confirmation times as well as the IP address. Changes to your data which is stored by the e-mail marketing service provider are also recorded.

For the dispatch of our newsletter we use the services of Mailchimp Inc.

5.2 Our dispatch service provider for the newsletter: MailChimp

After in-depth research we decided to use “MailChimp”, a newsletter dispatch platform of the US service provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA, for the sending of our newsletter. The e-mail addresses of our newsletter recipients as well as their further data, described in the notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to the dispatch service provider itself, it may use this data in a pseudonymous form, i.e. without being attributed to a user, to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and of the presentation of the newsletter or for statistical purposes, to determine the countries the recipients come from. The dispatch service provider does not however use the data of our newsletter recipients to write to them itself or to forward it to third parties. We trust in the reliability and IT and data security of MailChimp. MailChimp is certified under the Privacy Shield agreement and thus provides a guarantee of complying with the European data protection standards. Furthermore, we have concluded a data processing agreement with MailChimp. This is an agreement whereby MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties. You can view the data privacy policy of the dispatch service provider here.

5.2 E-mails containing product information

In order to send you e-mail messages about our products and any malfunctions that may occur, we use the services of Intercom Inc. 98 Battery Street, Suite 402, San Francisco, CA 94111 USA. These purposes constitute our legitimate interest in the data processing pursuant to Art. 6 (1) lit. f GDPR. You can find more details about this here.

5.3 E-mail marketing for existing customers

If you purchase services on our website and thereby supply your e-mail address, this may subsequently be used by us to send you product information. In such a case, only direct advertising for our own similar products or services will be sent by e-mail.

In connection with the processing of the data, the data will not be forwarded to third parties.

5.4 Legal basis for the processing of data

The legal basis for the processing of the data after the user has subscribed to the newsletter is Art. 6 (1) lit. a GDPR. The legal basis for the dispatch of direct marketing e-mails following the sale of goods or services is Section 7 (3) of the German Fair Trade Practices Act (UWG).

The use of the service providers HubSpot and Intercom is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

5.5 Purpose of data processing

The user’s e-mail address is recorded so that the newsletter or direct mail can be delivered. Our interest lies in employing a user-friendly and secure mailing system which both serves our business interests and meets users’ expectations.

5.6 Duration of storage

The data is deleted as soon as it is no longer required in order to achieve the purpose for which it was collected. Your e-mail address will therefore be stored for as long as your newsletter subscription is active. Your email address for direct marketing mail will be stored for as long as you are one of our current customers.

5.7 Possibility of objection and elimination

You can cancel or unsuscribe from our newsletter or our direct marketingmail any time. You will find an unsubscription link at the end of each newsletter. Following cancellation all your data will be deleted except for your e-mail address. The e-mail address will be stored in a blacklist and only be used to ensure that we do not send any more e-mails to your e-mail address.

6. Contact forms, contact e-mail, live chat

6.1 Description and scope of data processing

Our website contains forms which may be used for electronic enquiries. When a user makes use of this option, the data entered in the input mask is transmitted to us and stored. At the time of dispatch of the message the following data is also stored:

  • The user’s e-mail address
  • The user’s IP address
  • Date and time of registration

Your consent to the processing of the data will be obtained during the dispatch process and your attention drawn to this data privacy policy. Alternatively, we can be contacted via the e-mail address supplied. In this case, the personal data of the user which is transmitted with the e-mail will be stored. You can also contact us via the live chat function. Forthis we use the services of Intercom. In this connection the data will not be forwarded to third parties. The data will be used only in order to process the conversation.

6.2 Legal basis of data processing

The legal basis for the processing of the data is, where consent has been given by the user, Art. 6 (1) lit. a GDPR. The legal basis for the processing of the data transmitted when an e-mail is sent is Art. 6 (1) lit. f GDPR. Where the purpose of the e-mail is to conclude a contract, an additional legal basis for the processing of the data is Art. 6 (1) lit. b GDPR.

The use of the service provider Intercom is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

6.3 Use of Intercom

For the purpose of customer administration and, above all, to ensure the fastest possible support for the best possible user experience, for the dispatch of messages by e-mail and for live chats, we use the Intercom service of Intercom Inc. 98 Battery Street, Suite 402, San Francisco, CA 94111 USA. These purposes constitute our legitimate interest in the data processing pursuant to Art. 6 (1) lit. f GDPR. You can find more details about this here.

6.4 Purpose of data processing

The processing of the personal data from the input mask serves only for us to process the establishment of contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the dispatch process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

6.5 Duration of storage

The data is deleted as soon as it is no longer required in order to achieve the purpose for which it was collected. With regard to the personal data from the input mask of the contact form and the data sent by e-mail, this is the case when the particular conversation with the user has ended. The conversation has ended when it can be deduced from the circumstances that the relevant facts have been conclusively clarified. The personal data additionally collected during the dispatch process is deleted after seven days at the latest.

6.6 Possibility of objection and elimination

The user can revoke his consent to the processing of personal data at any time. Where the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. A description of how to revoke consent and object to storage follows. In this case, all the personal data stored during the establishment of contact is deleted.

7. RAIDBOXES magazine “OUT OF THE BOX” comment function

Under https://raidboxes.*/blog/ you can find our magazine “OUT OF THE BOX”. With our magazine we wish to inform you about all kinds of subjects to do with WordPress.

7.1 Scope of data processing/ purpose of processing

Our magazine “OUT OF THE BOX” contains a comment function that allows you to comment on our articles. In order to use this comment function, you need to enter your e-mail address and name. All other information, such as your website, is optional. It is necessary to enter an e-mail address so that in case there is a complaint about your comment it can be forwarded to you and you also have the opportunity to comment. If you give your surname and/or first name when you post your comment, they will be published. Your e-mail address and all other voluntary information as well as the time when your comment was posted will be stored in WordPress, will not be passed on to unauthorised third parties and will only be processed for the purpose of the comment function. We reserve the right to delete any comments with an offensive, threatening or racist content.

7.2 Legal basis of processing

Where your personal data is communicated to us via the comment function, the disclosure of this data is always on an expressly voluntary basis. The legal basis for the processing is Art. 6 (1) lit. a GDPR.

7.3 Duration of storage/ revocation and elimination

The data will be stored until you revoke your consent to the processing. You can revoke your consent to the processing of your data at any time. All the personal data that you stored while using the comment function will be deleted immediately upon revocation. As a result, all the comments you entered in our magazine will also be deleted.

8. Google Analytics

8.1 Scope of data processing

On our website we use Google Analytics in order to analyse our users’ surfing behaviour. The software places a cookie on the user’s computer (with regard to cookies, see above). Whenever a page of our website is called up, the following data is stored:

Two bytes of the IP address of the user’s system which is calling

  • The page called up
  • The website from which the user accessed the page called up (referrer)
  • The subpages accessed from the page called up
  • The time spent on the page
  • How many times the page was called up

Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield agreement and thus provides a guarantee of complying with European data protection law. We only use Google Analytics with enabled IP anonymisation. This means that the user’s IP address is abbreviated by Google in Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and abbreviated there. The IP address transmitted by the user’s browser is not merged with other Google data. Users may prevent the storage of cookies by selecting the appropriate settings in their browser software; users may also prevent Google from collecting the data generated by the cookie relating to their use of the website and from processing this data by downloading and installing the browser plug-in available via the following link. Further information on the use of data by Google, and setting and objection options can be found on the Google websites “How Google uses information from sites or apps that use our services“, “How Google uses data in advertising“, “Managing information used by Google to display advertisements to you. Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on the activities carried out within this online service and to provide us with other services associated with the use of this online service and the internet. From the processed data, pseudonymous user profiles of the users may be created.

8.2 Legal basis of data processing

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 (1) lit. f. GDPR), we use Google Analytics, a web analysis service of Google Inc. “(“Google”).

8.3 Purpose of data processing

We use Google Analytics to display only those ads placed by Google and its partners within our advertising services to users who have shown an interest in our online offering or have specific characteristics (e.g. an interest in specific topics or products determined by the pages they visit), which we transmit to Google (so-called “remarketing” or “Google Analytics Audiences”). With the aid of remarketing audiences, we also wish to ensure that our advertisements correspond to the potential interests of users and do not cause annoyance.

8.4 Duration of storage

Sessions and campaigns are ended after a certain period of time. Sessions end by default after 30 minutes of inactivity, and campaigns end after six months. The time limit for campaigns is a maximum of two years. You can find more information on terms of use and data privacy under https://www.google.com/analytics/terms/en.html. or under https://policies.google.com/.

8.5 Possibilities of objection and elimination

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent the transmission of the data generated by the cookie relating to your use of the website (incl. its IP address) to Google and the processing of this data by Google by downloading and installing this browser add-on.

Opt-out cookies prevent the collection of your data in future when you visit this website. To prevent Universal Analytics from collecting data across multiple devices, you need to opt out on all the systems you use.

9. Google marketing and remarketing services

9.1 Scope of data processing

We use the marketing and remarketing services (for short: “Google marketing services”) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google is certified under the Privacy Shield agreement and thus provides a guarantee of complying with European data protection law. Google marketing services allow us to display advertisements for and on our website in a more targeted manner to show users only those ads that could potentially interest them. If a user is for example shown ads for products for which he showed interest on other websites, this is referred to as “remarketing”. For these purposes, when our and other websites on which Google marketing services are active are called up, a Google code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are inserted into the webpage. With their aid, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). The cookies can be placed by various domains, i.a. by google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. It is noted in this file what websites the user visits, what contents he is interested in and what offers he clicks, as well as technical information about the browser and operating system, referring websites, times of visits and other information about the use of the online offer. The user’s IP address is also recorded. With regard to Google Analytics, the IP address is abbreviated in Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area and only in exceptional cases is transmitted in whole to a Google server in the USA and abbreviated there. The IP address is not merged with data of the user within other Google offerings. The information mentioned above may also be linked by Google to such information from other sources. If the user subsequently visits other websites, ads corresponding to his interests may be displayed to him. User data is processed pseudonymously within Google marketing services, i.e. Google does not store and process the name or e-mail address of the user, but processes the cookie-related data within pseudonymous user profiles. This means that, from Google’s point of view, the ads are not managed and displayed for a clearly identified person but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without such pseudonymisation. The information about users which is collected by Google marketing services is transmitted to Google and stored on Google’s servers in the USA. The Google marketing services used by us include the online advertising programme “Google AdWords”. With Google AdWords, every AdWords customer receives a different “conversion cookie”. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected with the help of the cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page carrying a conversion tracking tag. However, they do not receive any information with which users could be personally identified. With the Google marketing service “DoubleClick,” we can insert advertisements of third parties. DoubleClick uses cookies with the aid of which Google and its partner websites can place ads which are based on the visits made by users to this website or other websites on the internet. With the Google marketing service “AdSense,” we can insert advertisements of third parties. AdSense uses cookies with the aid of which Google and its partner websites can place ads which are based on the visits made by users to this website or other websites on the internet. We can also employ the “Google Optimizer” service. Google Optimizer allows us to monitor in so-called “A/B testings” what the effects of various changes to a website are (e.g. changes to input fields, design, etc.). For these tests, cookies are placed on the devices of the users. We can also employ the “Google Tag Manager” to embed and manage the Google analytics and marketing services on our website. You can find more information about Google’s use of data for marketing purposes on the overview page, Google’s privacy policy can be viewed here.

9.2 Legal basis of data processing

We use these services on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 (1) lit. f. GDPR).

9.3 Purpose of processing

The Google marketing services give us the chance of displaying advertisements for ourselves and on our website in a more targeted manner in order to show users only those ads that could potentially interest them.

9.4 Duration of storage

According to Google, the protocol data collected by Google is anonymised by deleting part of the IP address and of the cookie information after 9 and 18 months respectively. You can find more details about this here.

9.5 Possibilities of objection and elimination

If you wish to object to interest-based advertising by Google marketing services, you can use the preference and opt-out settings provided by Google.

10. Facebook Social Plugins

We use the Social Plugin “Shariff Wrapper”. You can find more details about this here.

10.1 Scope of data processing

We use social plugins (“plugins”) of the social network facebook.com, run by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can depict interaction elements or content (e.g. videos, graphics or text contributions) and are recognisable by one of the Facebook logos (white “f” on a blue tile, the terms “like”, “share” or a “thumbs up” sign) or are indicated by the addition “Facebook Social Plugin”. The list and the appearance of Facebook Social Plugins can be seen here. The plugins are not activated until you click on the corresponding button. If they are greyed out, the plugins are inactive. You have the possibility of activating the plugins once or permanently. Facebook is certified under the Privacy Shield agreement and thus provides a guarantee of complying with European data protection law. When a user accesses a function of this online service that contains such a plugin, his device establishes a direct connection with Facebook’s servers. The content of the plugin is transmitted directly from Facebook to the user’s device, which integrates it into the online offering. From the processed data, user profiles of the users may be created. We therefore have no influence on the extent of the data that Facebook collects with the aid of this plugin and hereby inform the users to the best of our knowledge. Through the integration of the plugins, Facebook receives the information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, e.g. by clicking the Like button or commenting, the corresponding information is transferred directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to know and store his IP address. According to Facebook, only anonymous IP addresses are stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for the protection of your privacy can be found in Facebook’s data privacy policy.

10.2 Legal basis of data processing

The data is processed on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 (1) lit. f. GDPR).

10.3 Purpose of data processing

The Facebook Social Plugins show us the interests of the visitors so that we can display them in a more targeted manner on our website in order to show users only those articles which could potentially interest them.

10.4 Duration of storage

According to Facebook’s information, Facebook stores the date and time of your visit, the specific internet address where the social plugin is located, and other technical data such as IP address, browser type and operating system for a period of 90 days in order to further optimise Facebook’s services. After 90 days the data is anonymised so that it can no longer be associated with you.

10.5 Possibilities of objection and elimination

If a user is a Facebook member and does not want Facebook to collect data about him via this online service and link it to his membership data stored on Facebook, he must log out of Facebook and delete his cookies before using our online service. Further settings and objections to the use of data for advertising purposes can be made in the Facebook profile settings or via the US-American page or the EU page. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.

11. Facebook, Custom Audiences and Facebook marketing services

11.1 Scope of data processing

Within our online offering, the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of complying with European data protection law. By means of the Facebook pixel, Facebook can, firstly, identify the visitors to our online site as the target group for the presentation of advertisements (so-called “Facebook ads”). When you visit our web pages, the Facebook pixel is directly inserted by Facebook and can store a so-called cookie, i.e. a small file, on your device. When you subsequently log in to Facebook or visit Facebook when already logged in, the visit to our online site will be noted in your profile. The data collected about you is anonymous for us, i.e. it does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and can be used by Facebook as well as for our own market research and advertising purposes. If we should transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of comparison with the data equally encrypted by Facebook. Facebook processes the data in accordance with Facebook’s data usage policy. Accordingly, general notes on the presentation of Facebook ads in Facebook’s data policy. You can find specific information and details about the Facebook pixel and how it works in the Facebook Help Center.

11.2 Legal basis of data processing

Our justified interests in the analysis, optimisation and economic operation of our online offer and for these purposes.

11.3 Purpose of data processing

We use the Facebook pixel to display only those Facebook ads placed by us to those Facebook users who have shown an interest in our online offering or specific characteristics (e.g. an interest in specific topics or products determined by the pages they visit), which we transmit to Facebook (so-called “Custom Audiences”). With the aid of the Facebook pixel, we also wish to ensure that our Facebook ads correspond to the potential interests of users and do not cause annoyance. With the aid of the Facebook pixel, we can also monitor the effectiveness of Facebook ads for statistical and market research purposes, by seeing whether users were referred to our website after clicking on a Facebook ad (so-called “conversion”).

11.4 Duration of storage

According to Facebook’s information, Facebook stores the date and time of your visit, the specific internet address where the social plugin is located, and other technical data such as IP address, browser type and operating system for a period of 90 days in order to further optimise Facebook’s services. After 90 days the data is anonymised so that it can no longer be associated with you.

11.5 Possibilities of objection and elimination

You can object to the collection of data by the Facebook pixel and the use of your data to display Facebook ads. To control what types of ads are displayed to you on Facebook, you can go to the page set up by Facebook and there follow the instructions regarding settings of user-based advertising. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices. You can also opt out of the use of cookies used for range measurement and advertising purposes via the deactivation page of the network advertising initiative and also the US-American webpage or the European webpage.

12. Twitter Conversion Tracking, Re-Marketing and Twitter Marketing Services

12.1 Scope of data processing

Within our online offering, we use Twitter’s Conversion Tracking and Marketing Services (provided by the Twitter Website Tag) of the social network Twitter, which is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 49103, USA, or if you are a resident of the EU, by Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland (“Twitter”), is used. Twitter and its corporate affiliates are certified under the Privacy Shield Agreement and thus offer a guarantee of complying with European data protection law. By means of the Twitter Website Tag, Twitter can quantify our Twitter Ads’ success as well as create custom audiences for our ads according to our website visitors’ behaviour. When you visit our web pages, the Twitter Website Tag is directly inserted by Twitter and stores a so-called cookie, which is a small file, on your device. When you log in to Twitter afterwards or if you are logged in to Twitter while surfing on one of our web pages, this visit will be logged in your Twitter profile. This data is anonymised which does not allow us to draw any conclusions about the identity of single users. Twitter however stores and processes this data which allows Twitter and their corporate affiliates can combine behavioural and Twitter profile date for market research and advertising purposes. If we should transmit data to Twitter for comparison purposes, this data is locally encrypted and only then uploaded via a secure HTTPS connection. This is done solely for comparison purposes with data already collected and encrypted by Twitter. Twitter processes data in accordance with Twitter’s data privacy policy. Accordingly, Twitter’s general notes for ad delivery and personalised advertising apply, which can also be found in Twitter’s privacy policy. Please find more specific information on how Twitter Conversion Tracking and the Twitter Website Tag work in the Twitter Help Center.

12.2 Legal basis of data processing

We use Twitter Conversion Tracking and the Twitter Website Tag on basis of our justified interest in the analysis, optimasation and economically successful operation of our online business according to Art. 6 (1) lit. f GDPR.

12.3 Purpose of data processing

We use Twitter Conversion Tracking as well as the Twitter Website Tag in order to display our Twitter ads only to those Twitter users who have shown an interest in our website or who meet a specific set of characteristics (e.g. an interest in specific topics or products). These specific characteristics and behavioural patterns are stored in so called “tailored audiences” for ad delivery. By using the Twitter Website Tag we also wish to ensure that our Twitter ads correspond as closely as possible to the potential interests of users these ads are shown to and keep distractions and annoyances at a minimum level. With the help of the Twitter Website Tag and Twitter Marketing Tools we can also monitor and improve our Twitter Ads’ effectiveness, by analysing a website visitors behaviour after the clicked on one of our Twitter ads (so-called “Conversion Tracking”).

12.4 Duration of storage

According to Twitter’s information, Twitter stores the data they collect for up to 30 days. This data includes the date and time of your visit on our website, as well as the URL you visited. Twitter also collects several additional data sets like your IP address, the type of browser you were using and your device’s operating system. Twitter uses this data to optimise their own platform and services. After 30 days the data is anonymised so that it can no longer be associated with you.

12.5 Possibilities of objection and elimination

You can object to the collection of data by the Twitter Website Tag and the use of your data to display Twitter ads. To control what types of ads are displayed to you on Twitter, you can visit your Twitter settings and change your personalisation settings which determine if and how user-based advertising is presented to you. These settings are cross device settings, which means that they are adopted for all your devices, such as desktop computers and mobile devices. You can also globally opt out of the use of cookies that are used for analysis and tracking for user-based advertising, by using the Network Advertising Initiative’s (NAI) deactivation page. You can also do so by using the Digital Advertising Alliance’s (DAA) website for Europe and the US.

13. Online presences in social media

We operate internet sites on social networks and platforms in order to establish contact with customers, interested parties and users who are active there and to inform them about our services. You yourself are responsible for the use of Facebook, Instagram and Twitter. This applies in particular to the functions Comment, Share, Rate, etc. The information that we publish on our online sites in the social media can also be called up from our own website.

13.1 Scope of processing

When you visit our Facebook / Instagram / Twitter / XING or Linkedin page, your IP address and information stored as cookies on your computer are collected. Your usage behaviour and interests derived from this can then be used for the creation of a user profile in order to produce advertisements which are visible to you on and outside of the respective platform. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

It cannot be ruled out that the data collected from you might also be processed outside the territory of the European Union. Among other things, this may make it more difficult to enforce your rights.

13.2 Legal basis of processing / purpose of processing

The processing of users’ personal data is carried out on the basis of our legitimate interests in providing users with effective information and communicating with users pursuant to Art. 6 (1) lit. f GDPR. Where users are asked by the respective providers of the platforms to give their consent to the aforementioned data processing, the legal basis for the processing is Art. 6 (1) lit. a., Art. 7 GDPR.

13.3 Request for information

If you wish to obtain information concerning the data stored about you within the online services or to assert your user rights over these services, we recommend that you assert such rights directly vis-à-vis the respective provider. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. Should you need help, you can of course contact us.

13.4 Possibilities of objection and elimination

For more detailed information regarding the possibilities of objection (opt-out), please refer to the information on the relevant platform. Below you will find further information and the corresponding links:

13.4.1 Facebook, pages, groups

When you visit our Facebook page, the IP address assigned to your end device is transmitted to Facebook. Whether and how Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are attributed to you, how long Facebook stores this data and whether data from your visit to the Facebook page is passed on to third parties, is not conclusively and clearly specified by Facebook and not known to us. We would also like to draw your attention to the fact that Facebook stores information not only on the end devices of its users; Facebook may thus be able to attribute IP addresses to individual users. When you are logged in to Facebook, there is a cookie on your device that contains your Facebook ID. This lets Facebook know that you have visited our site and how you have used it. Facebook buttons which are embedded in our website enable Facebook to record your visits and assign them to your Facebook profile. This data can be used to offer content or advertising which is tailored to you.

If you want to avoid this, you will need to log out of Facebook or disable the “Stay logged in” feature, delete the cookies that are present on your devices, and exit and restart your browser. This will delete Facebook information with which you can be directly identified. This lets you use our Facebook page to a limited extent without revealing your Facebook ID. However, if you want to use the interactive features of the page (like, comment, share, news, etc.), a Facebook login screen will appear. If you log in, Facebook will again recognise you as a certain user. You can find information on how to manage or delete information about yourself on the following Facebook support page: https://de-de.facebook.com/about/privacy and here: https://www.facebook.com/settings?tab=ads. You can also find out more about how Facebook uses your data in order to generate statistical information about visits to the Facebook page by clicking here: https://de-de.facebook.com/help/pages/insights. Facebook is Privacy Shield certified.

13.4.2 Instagram

Instagram functions are integrated into our website. You can also find a RAIDBOXES online presence on Instagram. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. When you are logged into your Instagram account, by clicking the Instagram button you can link the contents of our pages to your Instagram profile. Thus, Instagram can assign your visit to our pages to your user account. We would like to point out that as the provider of the pages we have no knowledge of the content of the transmitted data or its use by Instagram. Data privacy policy and opt-out: https://instagram.com/about/legal/privacy/.

13.4.3 Twitter

Functions of the Twitter service can be integrated into our website. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account, made known to other users and transmitted to Twitter. We would like to point out that as the provider of the pages we have no knowledge of the content of the transmitted data or its use by Twitter. The same applies to our Twitter online presence. Twitter’s data privacy policy. You can change your privacy settings on Twitter in your account settings. Opt-out: https://twitter.com/personalization. Twitter is Privacy Shield certified.

14. Intercom

14.1 Scope of data processing

For the transmission of messages by e-mail and for live chats as well as for customer management, we use the Intercom service provided by Intercom Inc.. 98 Battery Street, Suite 402, San Francisco, CA 94111 USA. In this context we transmit the following personal data:

  • Your e-mail address
  • Your first and last name
  • Your telephone number
  • Contract master data
  • Contact details of the technical support team

Intercom, Inc. holds the Privacy Shield Certificate, designed to achieve a higher level of privacy protection for non-EU companies. You can find more details about data protection at Intercom here. Intercom also uses cookies. The information generated by the cookie about the last subpage of this online platform which you called up is as a rule transmitted to an Intercom server in the USA and stored there. On our behalf, Intercom will use the above information in order to provide the associated services to the website operator. The IP address transmitted by your browser during the use of Intercom will not be merged with other data.

14.2 Legal basis of data processing

The data processing takes place on the basis of our legitimate interests (Art. 6 (1) lit. f GDPR).

14.3 Purpose of data processing

We use the Intercom service to respond as quickly as possible to customer enquiries made in the LIVE chat, and also to manage our customer contact. These purposes constitute our legitimate interest in the data processing pursuant to Art. 6 (1) lit. f GDPR.

14.4 Duration of storage

The data concerning interested parties who have contacted us via the live chat is fully deleted after 9 months at the latest. Every interested party who contacts us afterwards is treated as a new interested party.

14.5 Possibilities of objection and elimination

You can prevent the storage of cookies by setting your browser software accordingly (can be found under “Settings” with most browsers); however, we would again like to point out that in this case you may not be able to use all the functions of this website to their full extent (e.g. the live chat).

15. Feedback forum: Uservoice

15.1 Scope of processing

With our dashboard’s Ideas forum, we give you the opportunity to rate our product and suggest improvements and new features. Forthis we use the software Uservoice, which is provided and operated by Uservoice Inc. 121 2nd St, Fl 4, San Francisco, CA 94105, USA (“Uservoice”). To provide feedback, you will be asked to enter your e-mail address. Further information, such as your name, is optional, so that you can decide yourself which personal data you want to transmit to Uservoice via the feedback function. By giving us feedback on Uservoice, you agree to the use and processing by Uservoice of the data collected via the software and supplied by you.

According to Uservoice DPA the following is stored:

  • Name (first and last name)
  • E-mail address
  • IP address
  • (Billing) address (where given)
  • Name of company (where given)
  • Role in said company (if any; referred to in English as Affiliation) (where given).

An idea will however not be published until it has been checked and approved by us.

15.2 Legal basis

We avail ourselves of this service on the basis of our legitimate interests, i.e interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 (1) lit. f. GDPR.

15.3 Purpose of processing

By using Uservoice, we want to give our customers and users the opportunity to actively participate in our product development by sharing ideas for product optimisation and development with us and other participants. We use this information to develop new product functions and position our company as a whole more closely to our target groups.

15.4 Possibilities of objection and elimination

Uservoice offers the possibility to download your data directly via Uservoice and, if desired, to delete it directly. The associated process is as follows:
Go to https://raidboxes.uservoice.com/. Once you have logged in with the email address and password that you used to submit your feedback request, you can click on “Settings” under your name in the top right corner. A sidebar will then appear on the right side of the screen with the setting options. Scroll down to the bottom to find the two options for deleting the account and the data, as well as for exporting the datasets.

16. OneSignal

16.1 Scope of data processing

When you visit our websites, we will ask you in a screen message whether we may inform you about news in the future via messages sent by your browser (push messages). Consent is given for the browser with which you logged in. If you consent, you will regularly receive push messages from our website. To implement this, we use the technology of the provider OneSignal, 201 San Antonio Circle Suite #140, Mountain View, CA, USA. You will find the data privacy policy of the provider here: https://onesignal.com/privacy_policy.. To be able to send you the push messages, it is necessary that non-personal data, such as a notification, is sent to the server of OneSignal. This service will store the status of the subscription, the first and last activity on our pages, the device, the platform (browser), number of sessions, IP address and the country of origin.

16.2 Legal basis of processing

The processing of the data via OneSignal is carried out on the basis of your consent pursuant to Art. 6 (1) lit. a GDPR.

16.3 Purpose of data processing

We use the OneSignal service to provide current information about us and our products only to those customers who are interested.

16.4 Duration of storage

OneSignal stores the personal data for 30 days.

16.5 Possibilities of objection and elimination

In your browsersettings you can delete the OneSignal cookie under Cookies.

17. Hubspot

We use HubSpot on this website for our online marketing activities. HubSpot is a software company from the USA with a subsidiary in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, telephone: +353 1 5187500. We use HubSpot for:

  • the evaluation of the use of our web pages (e.g. access, pages visited, length of stay, etc.).

We trust in the reliability and IT and data security of HubSpot. HubSpot is certified under the Privacy Shield agreement and thus provides a guarantee of complying with the European data protection standards. Furthermore, we have concluded a data processing agreement with HubSpot. This is an agreement whereby HubSpot undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties. More information on HubSpot’s data privacy policy. More information on HubSpot concerning the EU data protection regulations. More information about the cookies used by HubSpot can be found here and here.

17.1 Scope of data processing

Through the use of the service, so-called “web beacons” are used and cookies are also set, which are stored on your computer and thus enable us to analyse your use of our website.

In the process, the following data is stored:

  • IP address
  • Geographical location
  • Type of browser
  • Length of visit
  • Page called up

If you have subscribed to our newsletter, your e-mail address, your newsletter opt-in, and optionally your name will be stored. When you register with us, the following data will also be stored:

  • Name, first name
  • Address
  • Telephone number
  • Contract data
  • Any expectations stated

The legal basis for the use of Hubspot’s services is Art. 6 (1) lit. f. GDPR – legitimate interest. Our legitimate interest in using this service is to optimise our marketing efforts and improve the quality of our service on the website.

17.2 Legal basis of processing

The data processing takes place on the basis of our legitimate interests (Art. 6 (1) lit. f GDPR). Our legitimate interest in using this service is to optimise our marketing efforts and improve the quality of our service on our website. The purpose of the processing consists in this legitimate interest.

17.3 Possibility of objection and elimination

If you wish to object to the collection of data in general, you can prevent the storage of cookies any time by changing your browser settings.

17.4 Hubspot logfiles

Whenever web pages or landing pages created with Hubspot are called up, Hubspot automatically creates so-called log files. The log files can contain the following information, for example: IP address, browser, operating system, internet provider, pages visited, etc. The collection of data serves to optimise the pages, to ensure the security of the websites and to compile general statistics on the use of pages created with Hubspot. The automatically collected data is linked to personal data stored in Hubspot. The legal basis for the storage of the data in the log files is Art. 6 (1) lit. f GDPR. The data is deleted after 180 days and during this period only authenticated Hubspot IT staff have access to the log files.

18. Rollbar

18.1 Scope of data processing

On our website and dashboard, we use the error analysis service of Rollbar Inc. (Rollbar, 51 Federal Street, San Francisco, CA 94107, USA). Only in the event of an error will your IP address, the user agent and the page accessed be transmitted to Rollbar. Rollbar, Inc. is certified under the EU/Swiss/ US data Privacy Shield. You can find further data protection information about Rollbar at https://rollbar.com/privacy. Furthermore, we have concluded a data processing agreement with Rollbar.

18.2 Legal basis of processing

We avail ourselves of the service on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f GDPR.

18.3 Purpose of processing

The Rollbar tracking tool helps us to optimise the technical reliabilityof our services by monitoring system stability and identifying code errors from our log files. Rollbar serves these purposes alone and does not evaluate any data for advertising purposes.

18.4 Duration of storage

Personal data such as IP addresses are anonymised either after 30 days or after a problem has been solved.

19. ComX IVS

ComX IVS is a software, that we use to manage our outbound sales emails. ComX IVS is a software company from Denmark. Contact: ComX IVS, Danneskiold-Samsøes allé 41, 1434 Copenhagen, Denmark. ComX IVS helps us to identify and contact potential customers and business partners. We trust in ComX IVS’ software features to work reliable. We also trust in their IT security and data protection measures. ComX IVS is located in the European Union and therefore bound to the EU’s data protection legislation. RAIDBOXES has concluded a valid Data Processing Agreement (DPA) with ComX IVS in accordance with Art. 28 GDPR. In this Data Processing Agreement ComX IVS are committing themselves to protect our customers’ personal data (i.e. your personal data) and to process this data only as described in their DPA. This includes not sharing your personal data with any third party. For further information please see ComX IVS’ privacy policy.

19.1 3.1 Description and Scope of Data Processing

If you want to use the RAIDBOXES hosting platform, you can register as a RAIDBOXES user. The registration process involves several steps in which you need to provide us with personal data. Only after you accept our data privacy policy, this personal data is transferred and stored on our servers. Your personal data will not be shared, forwarded or sold to third parties. During the registration process you will be asked to enter the following personal data types:

  • first name
  • last name
  • email address
  • job title (optional)

19.2 Purpose of data processing, legal basis

The legal basis for this data processing is RAIDBOXES’ legitimate interest according to Art. 6 (1) lit. f GDPR. Our legitimate interest is based on the optimization of our marketing efforts as well as on maintaining a high service quality for our users. We specifically want to avoid unnecessary emails as well as prevent users from being contacted repeatedly. This legitimate interest also constitutes the purpose of the data processing.

19.3 Duration of Storage / Possibility of Objection and Elimination

Your personal data will be stored until you either object to the data processing itself or until you delete your RAIDBOXES user account. If you want to object to the processing of your personal data, please contact us directly via chat, which can be found on our website (https://raidboxes.io) and in the RAIDBOXES dashboard (https://dashboard.raidboxes.de) or email us at support@raidboxes.io. Upon the objection we will delete all your personal data from ComX IVS’ services.

20. Integration of third-party services and content

We use content or service offerings from third-party providers in our online presence on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer pursuant to Art. 6 (1) lit. f. GDPR), such as videos or font types (in the following jointly called “content”). This always presupposes that the third-party providers of this content are aware of the IP address of the users, since they would not be able to send the content to their browsers without the IP address. The IP address is therefore required for the presentation of this content. We endeavour to use only such content whose respective providers use the IP address only for delivering the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. By means of the “pixel tags”, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, times of visits and other information about the use of our website, and may also be linked to such information from other sources. The following description offers an overview of third-party providers and their content, along with links to their data privacy statements, which contain further notes on the processing of data and, in part already mentioned here, objection (so-called opt-out) options:

  • Third-party fonts provided by Google, Inc., https://www.google.com/fonts (“Google Fonts”). Google Fonts are integrated by means of accessing a Google server (usually in the USA). Data privacy policy, opt-out.
  • Maps of the service “Google Maps” belonging to the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Data privacy policy, opt-out.
  • Functions of the Google+ service are integrated into our online offering. These functions are offered by the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). When you are logged into your Google+ account, by clicking the Google+ button you can link the contents of our pages to your Google+ profile. Thus, Google can assign your visit to our pages to your user account. We would like to point out that as the provider of the pages we have no knowledge of the content of the transmitted data or its use by Google+. Data privacy policy, opt-out.
  • Our online offering uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you access one of our pages that contains LinkedIn functions, a connection is established to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. When you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn will be able to assign your visit to our website to you and your user account. We would like to point out that as the provider of the pages we have no knowledge of the content of the transmitted data or its use by LinkedIn. Data privacy policy, opt-out.
  • We employ functions of the network XING. Provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Every time you access one of our pages that contains Xing functions, a connection is established to Xing servers. Personal data is not stored as far as we are aware. In particular, no IP addresses are stored or user behaviour evaluated. Data privacy policy. Opt-out.
  • External code of the JavaScript framework “jQuery”, supplied by the third-party providerjQuery Foundation.
  • Our website uses the tracking tool “Crazy Egg” of Crazy Egg Inc. USA to collect statistical data about the use of our website. With the aid of technologies from Crazy Egg Inc., visitor information is collected at random and transmitted to the servers of Crazy Egg Inc. The technology allows the activities of the user while visiting our website to be collected, analysed and visualised. For example, with the help of a “heat map”, we can see which areas of our website are the most visited and clicked on. Cookies are also used for this purpose. You can object at any time to the collection, processing and recording of data generated by CrazyEgg.com by following these instructions. The purpose and scope of the data collection and the further processing and use of the data by Crazy Egg as well as your rights in this regard and setting options for the protection of your privacy can be found in the data privacy policy of Crazy Inc.
  • This site uses so-called web fonts offered by Fonticons, Inc. for the uniform display of fonts. When you visit our site, your browser loads the web fonts you need into your browser’s cache to display text and fonts correctly, and the fonts used are hosted directly by us, so the browser you are using does not need to connect to third parties. Web fonts are used in the interest of a uniform and appealing presentation of our online offering. This represents a legitimate interest pursuant to Art. 6 (1) lit. f GDPR. If your browser does not support web fonts, a default font will be used by your computer. More information about Font Awesome can be found at https://fontawesome.com/help and in the Fonticons, Inc. privacy statement: https://fontawesome.com/privacy.
  • To measure customer satisfaction via a Net Promoter Score, we use the service of Wootric, Inc. Wootric is a software platform based in the USA. Wootric’s privacy policy can be viewed here.

III. Your rights

1. Right to access

You can request confirmation at any time as to whether personal data concerning you is processed by us. This information is of course – unless requested with above-average frequency – free of charge. In order to be able to give you this information, it is necessary to perform a further verification. You will therefore receive a randomly generated verification code at your e-mail address as soon as you submit your request, which you need to confirm.

2. Right to rectification

Should the personal data which we have stored be incorrect or incomplete, you can request rectification at any time. We shall make the rectification without delay.

3. Right to restriction of processing

Under the following conditions, you may request that the processing of your personal data be restricted:

  1. If you dispute the accuracy of the personally identifiable data concerning you for a period of time that allows us to verify the accuracy of the personally identifiable data;
  2. If the processing is unlawful and you refuse to delete the personal data and instead request restriction of the use of the personal data;
  3. If we no longer need the personal data for the purposes of the processing, but you need it to assert, exercise or defend legal claims; or
  4. If you have lodged an objection against the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether our legitimate reasons override your reasons.

If the processing of personal data concerning you has been restricted, such data may be processed – with the exception of its storage – only with your consent or for the purpose of asserting, exercising or defending a right or protecting the rights of another natural or legal person or for reasons relating to an important public interest of the Union or of a Member State. If the processing was restricted pursuant to the above conditions, you will be informed by us, RAIDBOXES GmbH, before the restriction is lifted.

4. Right to erasure

Unless there is a legitimate interest to the contrary, you can assert your right to erasure at any time.

5. Revocation of consent

Any data processing based on your consent can be stopped as soon as you revoke your consent. Revocation may be carried out at any time and with effect for the future. As our accountability obliges us to store any consent given, revocation must be effected in writing, whereby an e-mail is deemed sufficient.

If you continue, you agree our Cookie Policy.