PRINCIPLES OF DATA PROCESSING

Personal data includes all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address, or user behavior. Information for which we cannot establish a reference to your person (or only with disproportionate effort), such as through anonymization of the information, is not considered personal data. The processing of personal data (e.g., collection, querying, use, storage, or transmission) always requires a legal basis or your consent. Processed personal data will be deleted as soon as the purpose of the processing has been achieved and there are no longer any legally prescribed retention obligations to be observed.

If we process your personal data for the provision of certain services, we will inform you below about the specific processes, scope, and purpose of the data processing, the legal basis for the processing, and the respective storage period. We use affiliated companies or other third parties for the processing of personal data, as shown in our subcontractor list.

INDIVIDUAL PROCESSING OPERATIONS

  1. Provision and Use of the Website a. Nature and Scope of Data Processing When you access and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called logfile. When you use our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:
  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the accessed file
  • Website from which access is made (Referrer-URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
  1. Legal Basis The legal basis for the mentioned data processing is Art. 6(1)(f) GDPR. The processing of the mentioned data is necessary for the provision of a website and thus serves the legitimate interest of our company.
  2. Storage Duration Once the mentioned data is no longer required for the display of the website, it will be deleted. The collection of data for the provision of the website and the storage of data in logfiles is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user. Further storage may occur in individual cases if this is legally required.
  3. Registration/User Account a. Nature and Scope of Data Processing On our website, we offer you the opportunity to register by providing personal data. Your registration is necessary to fulfill a contract with us or to carry out pre-contractual measures, including measures for fraud prevention, in order to grant you permanent access to the booked services. With the processed data, we create a personalized user account for you, with which you can use certain content and services such as cloud storage. You can find detailed information about which personal data we process from you during registration in the following overview:
  • Name
  • Email address
  • Address
  • Date of birth
  • IP address
  • Telephone number
  • Payment data
  1. Legal Basis The processing of the specified personal data serves the performance of a contract between you and Cloud2Go AG or the implementation of pre-contractual measures according to Art. 6(1)(b) GDPR. The processing of data for the purpose of fraud prevention is based on legitimate interests according to Art. 6(1)(f) GDPR. You can revoke your consent to the use of your personal data at any time by emailing the email address mentioned in § 1 above or the data protection officer (see above under § 2) with effect for the future.
  2. Storage Duration Once the processed data is no longer required for the performance of the contract or for fraud prevention, it will be deleted. Even after the conclusion of the contract, it may be necessary to store personal data from you to fulfill contractual or legal obligations. Further storage may occur in individual cases if this is legally required.
  3. Termination of Registration As a user, you have the option to terminate your registration at any time. You can have the data stored about you amended at any time. To do this, please use the link in the customer menu or contact us at hello@cloud2go.de. However, if the processed data is necessary to fulfill a contract or to carry out pre-contractual measures including fraud prevention, premature deletion of the data is only possible if there are no contractual or legal obligations to the contrary.
  4. Newsletter a. Nature and Scope of Data Processing On our website, you have the option to subscribe to a free newsletter. In order to regularly send you the newsletter, we need the following information from you:
  • Email address

In connection with the newsletter dispatch, your data will not be passed on to third parties. For the newsletter dispatch, we use the so-called double opt-in procedure, i.e., we will only send you the newsletter after you have confirmed your registration via a confirmation email sent to you for this purpose by clicking on the link contained therein. In this way, we want to ensure that only you as the owner of the specified email address can register for the newsletter. Your confirmation must be made promptly after receiving the confirmation email, otherwise, your newsletter registration will be automatically deleted from our database.

  1. Legal Basis The processing of your email address for newsletter dispatch is based on your voluntary consent according to Art. 6(1)(a) GDPR as stated below:

Consent Statement: By entering my data and clicking the “Submit” button, I consent to the processing of my email address for regular newsletter dispatch. I can unsubscribe from the newsletter service at any time by clicking on the corresponding link at the end of the newsletter. I have read and accept the current privacy policy. I can revoke the consent to the collection of the personal data collected during the registration process at any time by contacting hello@cloud2go.de. You can revoke your consent to the use of your personal data at any time by emailing the email address mentioned in § 1 above or the data protection officer (see above under § 2) with effect for the future.

  1. Storage Duration Your email address will be stored for as long as you have subscribed to the newsletter. After unsubscribing from the newsletter dispatch, your email address will be deleted. Further storage may occur in individual cases if this is legally required.
  2. Personalized Advertising We process inventory data from customers with a customer account and newsletter registration in order to recommend them individually interesting products. This is based on a balance of interests according to Art. 6(1)(f) GDPR. You can object to this processing of your personal data at any time by contacting hello@cloud2go.de. We will then no longer process your data for this purpose in the future.

4. Contact Form

  1. Nature and Scope of Data Processing
    On our website, we offer you the option to contact us via a provided form. When you submit your inquiry through the contact form, reference is made to this privacy policy to obtain your consent. If you use the contact form, the following personal data from you will be processed:
  • Name
  • Email address
  • Content of the message

Providing your email address serves the purpose of assigning your inquiry and responding to you. When using the contact form, your personal data will not be disclosed to third parties.

  1. Legal Basis
    The data processing described above (see § 4 4. a.) for the purpose of contacting us is carried out based on Art. 6(1)(a) GDPR, following your voluntary consent as stated below: By entering my data and clicking the “Send Inquiry” button, I consent to the processing of my email address, name, and customer number for the purpose of responding to my contact request. I have read and accept the current privacy policy. I can revoke this consent at any time with effect for the future by contacting hello@cloud2go.de. You can revoke your consent to the use of your personal data at any time by emailing the email address mentioned in § 1 above or the data protection officer (see above under § 2) with effect for the future.
  2. Storage Duration
    Once your inquiry has been processed and the relevant matter has been conclusively clarified, the personal data processed via the contact form will be deleted. Further storage may occur in individual cases if this is legally required.

5. Order Form

  1. Nature and Scope of Data Processing
    The order form consists of fillable fields on our website. When filling out the order form, the user provides the following personal data to receive various services/products (e.g., personalized smart cards, NFC tags, NFC keychains, etc.) from the responsible party:
  • Salutation
  • Name
  • Street
  • Postal code
  • City
  • Country
  • Email
  • Company

If you wish to arrange a callback, it is necessary to provide the following (additional) personal data:

  • Phone number
  1. Legal Basis
    The processing of the specified personal data serves the performance of a contract between you and Cloud2Go AG or the implementation of pre-contractual measures according to Art. 6(1)(b) GDPR. You can revoke your consent to the use of your personal data at any time by emailing the email address mentioned in § 1 above or the data protection officer (see above under § 2) with effect for the future.
  2. Storage Duration
    The duration of storage of the aforementioned data depends on the purpose of your contact. Your data will be regularly deleted if the purpose of communication is no longer valid and storage is no longer necessary.

6. Payment Service Providers

Regarding the use of payment services, the data protection responsibility for the data processed lies with the payment service provider itself. The processing of data transmitted to the service provider is based on Art. 6(1)(b) GDPR and serves the execution of the payment transaction. The overall payment processing is based on a contractual relationship between you and the respective payment service provider. For all payment methods offered by us, the respective provider is responsible for data protection. If data is transferred to the respective payment service provider for the performance of a contract with you (name, address, purchase price to be paid), this is done on the basis of Art. 6(1)(b) GDPR, so that the service provider has the necessary data for the execution of the payment transaction and the selection of available payment methods. If the payment service provider transfers data concerning you to us, we also use this data for the execution of the corresponding contractual relationship with you. Therefore, the legal basis is also Art. 6(1)(b) GDPR. Below are the privacy policies for the payment service providers we offer:

Mollie Privacy Policy: Link

Paypal Privacy Policy: Link

Stripe Privacy Policy: Link


CONTACT OPTIONS ON OUR WEBSITE

On our website, you have various contact options via email available:

Email Consultation & Support: hello@cloud2go.de

Email Sales: hello@cloud2go.de

  1. Nature and Scope of Data Processing Any website visitor can send their concerns to these email addresses. The respective departments handle the inquiries via email. Our data collection is limited to the email address of the email account you use to contact us and to any personal data you provide us with as part of the contact.
  2. Legal Basis The legality of data collection is based on Art. 6(1)(f) GDPR, as there is a mutual interest in contact and communication between you and our company, as well as a legitimate interest of the company in processing the above-mentioned data in order to handle your concerns.
  3. Storage Duration The storage period of the above-mentioned data depends on the background of your contact. Your data will be regularly deleted if the purpose of the communication is no longer relevant and storage is no longer necessary (e.g., after processing your concern).

DATA DISCLOSURE

We only disclose your personal data to third parties if:

  • You have given your express consent according to Art. 6(1)(a) GDPR
  • This is legally permissible and necessary for the fulfillment of a contractual relationship with you according to Art. 6(1)(b) GDPR
  • There is a legal obligation for the disclosure according to Art. 6(1)(c) GDPR
  • Disclosure is necessary to protect legitimate interests according to Art. 6(1)(f) GDPR and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data.

USE OF COOKIES

  1. Nature and Scope of Data Processing We use cookies on our website. Cookies are small files that are sent to your browser by us during your visit to our websites and stored there on your device. Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, allow us to perform various analyses. For example, cookies can recognize your browser on a subsequent visit to our website and transmit various information to us. With the help of cookies, we can make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g., country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs and do not contain viruses. Various types of cookies are used on our website, the type and function of which are explained in more detail below.
  2. Legal Basis Due to the described purposes of use (see § 6. a.), the legal basis for the processing of personal data using cookies is Art. 6(1)(f) GDPR. If you have given us your consent to the use of cookies based on a notice provided by us on the website (“cookie banner”), the legality of the use is additionally based on Art. 6(1)(a) GDPR.
  3. Storage Duration Once the data transmitted to us via cookies is no longer required for the purposes described above, this information will be deleted. Further storage may occur in individual cases if this is legally required.
  4. Browser Configuration Most browsers are set to accept cookies by default. However, you can configure your respective browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may not be able to use all functions of our website if cookies are disabled by your browser settings. You can also delete cookies already stored in your browser via your browser settings. Furthermore, you can configure your browser to notify you before cookies are stored. Since browsers may differ in their respective functionalities, we ask you to consult the respective help menu of your browser for configuration options. If you wish to have a comprehensive overview of all third-party accesses to your internet browser, we recommend installing specially developed plug-ins for this purpose.

TRACKING AND ANALYSIS TOOLS

We use tracking and analysis tools to ensure continuous optimization and user-oriented design of our website. Through tracking measures, we can statistically record the use of our website by visitors and further develop our online offering based on the insights gained. Due to these interests, the use of the tracking and analysis tools described below is justified according to Art. 6(1)(f) GDPR. If you have given us your consent to the use of cookies based on a notice provided by us on the website (“cookie banner”), the legality of the use is additionally based on Art. 6(1)(a) GDPR. The following description of the tracking and analysis tools also includes the respective processing purposes and the processed data. You can change your selection of tracking and analysis tools in the cookie settings at any time and activate them accordingly.

  1. Google Analytics
    • Purpose: Google Analytics, a web analytics service provided by Google Inc., is used on this website to analyze your use of the website.
    • Data Processed: Cookies are used to collect information such as time, location, and frequency of your use of this website. These cookies may capture additional personal data along with the IP address.
    • Opt-Out: You can prevent the storage of cookies by adjusting your browser settings accordingly. However, please note that in this case, you may not be able to use all functions of this website to their full extent. You can also prevent Google Analytics from collecting and processing your data by downloading and installing the browser plugin available at: Google Analytics Opt-out Browser Add-on.
    • Anonymization: Google Analytics on this website is enhanced with the code “anonymizeIp” to anonymize your IP address.
  1. Google AdWords Conversion Tracking
    • Purpose: Conversion tracking technology provided by Google Inc. is used to track the effectiveness of Google AdWords advertisements.
    • Data Processed: Cookies are used for conversion tracking.
    • Opt-Out: You can prevent conversion tracking by adjusting your browser settings accordingly or by disabling cookies from the domain “googleadservices.com”.
  1. Google Remarketing
    • Purpose: Google Remarketing technology is used to display targeted ads to users who have previously visited our website.
    • Data Processed: Cookies are used for remarketing.
    • Opt-Out: You can opt out of personalized, interest-based advertising by disabling cookies for this purpose through the following link: Google Ad Settings.
  1. Optimizely
    • Purpose: Optimizely, Inc.’s web analytics service is used for A/B testing to improve this website.
    • Data Processed: Cookies are used for website analysis.
    • Opt-Out: You can deactivate Optimizely tracking at any time by visiting the following link: Optimizely Opt-out.
  1. Google reCAPTCHA
    • Purpose: Google reCAPTCHA is used for enhanced security to distinguish between human and automated traffic on some of our pages.
    • Data Processed: IP address and other necessary data are sent to Google for reCAPTCHA.
    • More Information: For further information on Google Inc.’s privacy policies, please visit: Google Privacy Policy or Google Privacy Policy.

6. Facebook Retargeting

We utilize the retargeting feature provided by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland. This feature allows us to target users of our website with advertisements on our partner’s website. It involves the use of cookies and analysis of user behavior. No personal data is stored or merged with personally identifiable information. This feature only applies if you have consented to the use of advertising-related cookies in the cookie settings. The feature can be deactivated at any time at Facebook Ad Preferences.

7. Lead Inspector

For statistical analysis of visitor traffic, data for marketing purposes and the identification of web visitors are collected, processed, and stored using technologies from Lead Inspector GmbH. Lead Inspector GmbH’s technology performs address identification based on this data, but only in cases where it can ensure that it is a company and not an individual visitor. Cookies may be used for this purpose. Cookies are small text files stored on your computer that enable an analysis of your use of the website. The company data collected by Lead Inspector GmbH may also include personal data. Lead Inspector GmbH may use information left behind by visits to websites to create anonymized usage profiles. If IP addresses are collected, they are anonymized immediately after collection by deleting the last block of numbers. You can object to the data collection and storage by Lead Inspector GmbH for this website at any time with effect for the future at Lead Inspector Opt-out.

Rights of Data Subjects

Under the GDPR, you have the following rights concerning the processing of your personal data:

  1. Right to Information (Art. 15 GDPR)
  2. Right to Rectification (Art. 16 GDPR)
  3. Right to Erasure (Art. 17 GDPR)
  4. Right to Restriction of Processing (Art. 18 GDPR)
  5. Right to Data Portability (Art. 20 GDPR)
  6. Right to Withdraw Consent (Art. 7(3) GDPR)
  7. Right to Lodge a Complaint (Art. 77 GDPR)

Right to Object

You have the right to object to the processing of your personal data based on legitimate interests (Art. 6(1)(f) GDPR) or for direct marketing purposes. You can exercise this right without giving reasons.

Data Security and Security Measures

  1. Security Measures: We implement extensive technical and organizational security measures to protect your privacy and treat your personal data confidentially.
  2. GoDaddy RUM: We use the GoDaddy RUM (Real User Management) technology on this website to ensure its availability and improve loading times. This involves the necessary processing of your IP address, which is anonymized. More information can be found here.
  3. MaxMind MinFraud: To prevent fraud in ordering our services, we use MinFraud, a service provided by MaxMind. Data transferred includes name, IP address, email, billing address, payment details, and order amount. Data is stored by the provider for 18 months. For more information, refer to MaxMind Privacy Policy.
  4. Web Application Firewall: We use Web Application Firewall services provided by Sucuri, Cloudflare, and Akamai to protect our IT infrastructure. These services filter potentially malicious traffic between our servers and the internet, protecting against fraudulent activities. More information can be found in their respective privacy policies: Sucuri, Cloudflare, Akamai.
en_USEnglish