What types of personal data do we collect on our Sites
We collect certain personal data about visitors and users of our Sites.
The most common types of personal data we collect include things like: usernames, personal names, email addresses, IP addresses, other contact details, survey responses, blogs, photos, payment information, transactional details, support queries, forum comments, blog comments, content you direct us to make available on our Sites (such as descriptions), and web analytics data.
How we collect personal data on our Sites
We collect personal data directly when you provide it to us, automatically as you navigate through the Sites, or through other people when you use services associated with the Sites.
We collect your personal data when you provide it to us when you subscribe to a newsletter, email list, submit feedback, enter a contest, fill out a survey, complete a form, purchase a product, download software, or send us an email.
Personal data we collect about you from third parties
Although we generally collect personal data directly from you, on occasion, we also collect certain categories of personal data about you from other sources including: (1) third-party service providers (like Google, Facebook) who are located in Europe, the US or the UK, which may provide personal data about you when you link, connect, or login to your account with the third-party provider and they send us personal data such as your registration and profile from that service. The personal data varies and is controlled by each such service provider or as authorized by you via your privacy settings at each such service provider; and (2) other third party sources or partners from the EU, the US or the UK, whereby we receive additional personal data about you (to the extent permitted by applicable law), such as demographic data or fraud detection information, and combine it with personal data we already have about you. For example, fraud warnings from service providers such as identity verification services. We also receive personal data about you and your activities on and off the Sites through partnerships, or about your experiences and interactions from our partner ad networks.
How we use your personal data
We will use your personal data where necessary for purposes which are in our, or third parties, legitimate interests. These legitimate interests include: (1) operating the Sites; (2) providing you with services described on the Sites; (3) responding to support requests, and helping facilitate the resolution of any disputes; (4) updating you with operational news and information about our Sites and services, i.e. to notify you about changes to our Sites, website disruptions or security updates; (5) carrying out technical analysis to determine how to improve the Sites and services we provide; (6) managing our relationship with you, i.e. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey; (7) managing our legal and operational affairs; (8) providing general administrative and performance functions and activities.
Who has access to your personal data
We will disclose personal data to the following recipients: (1) subcontractors and service providers who assist us in connection with the ways we use personal data (as set out above), in particular, security and fraud prevention services, payment processing services, and identification verification services. Our subcontractors and services providers may also transfer and access such personal data from other countries in which they have operations; (2) our professional advisors, including lawyers, accountants, and financial advisors; (3) regulators and government authorities in connection with our compliance procedures and obligations; (4) third-party requests relating to criminal investigations or alleged or suspected illegal activity; (5) third-party requests, in order to enforce or defend our rights, or to address financial or reputational risks; (6) intellectual property rights holders in relation to an allegation of intellectual property infringement or any other infringement; and (7) other recipients where we are authorized or required by law to provide your personal data.
Where we transfer and store your personal data
We are based in Germany, with servers in Ukraine so your data will be processed in the EU, UK, and the US, in accordance with applicable data protection regulations. Some of the recipients mentioned above, to whom we may disclose your personal information, may be located outside of Germany and the US. In order to protect your personal data, we will strive to work with subcontractors and service providers who we believe maintain an adequate level of data security compliance.
How we secure your personal data
We store your personal data on secure servers that are managed by us and our service providers, and occasionally on hard copy files that are kept in a secure location in Germany or the US. Personal data that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How you can access your personal data
You may request to access and receive a copy of your personal data and request corrections of any errors in such personal data by contacting us at [email protected]
Cookies and web analytics
You may choose whether to accept cookies by modifying your browser preferences to accept all cookies, be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies parts of our Sites may not work properly during your use of our Sites.
When you visit our Sites, certain anonymous information is collected which does not reveal your identity. Occasionally, we will use third-party advertising companies to serve ads based on prior visits to our Sites. For example, if you visit our Sites, you may later see an ad for our products and services when you visit a different website.
If you’re logged into your account on any of our Sites the following details may be recorded: (1) your IP address or proxy server IP address; (2) the domain name you requested; (3) the name of your internet service provider depending on the configuration of your ISP connection; (4) the date and time of your visit to the Site(s); (5) the length of your session; (6) the pages which you have accessed; (7) the number of times you access our Sites within any month; (7) the file URL you look at and information relating to it; (8) the website which referred you to our Sites; and (9) the operating system which your computer uses.
Retention and deletion of personal data
If you’re a user or visitor in the European Economic Area these rights also apply to you:
For the purposes of applicable EU data protection law (including the “GDPR”), we are a “data controller” and “data processor” of your personal data.
How to port your personal data
You are entitled to ask us to port your personal data (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase or restrict processing of your personal data. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
These rights are limited in some situations if we can demonstrate that we have a legal requirement to process your personal data. In some circumstances, this means that we may retain some of your personal data even if you withdraw your consent.
Where we require your personal data to comply with legal or contractual obligations, then provision of such personal data is mandatory: if such personal data is not provided, then we will not be able to manage our contractual relationship with you or to meet obligations placed on us. In all other cases, the provision of requested personal data is optional.
If you have unresolved issues you have the right to complain to the data protection authorities. The relevant data protection authority will be the data protection authority of the country: (1) of your habitual residence; (2) of your place of work; or (3) in which you consider the alleged data protection violation has occurred.
How to contact us