Skip to content

Latest commit

 

History

History
197 lines (126 loc) · 12.6 KB

privacy-policy.md

File metadata and controls

197 lines (126 loc) · 12.6 KB

Privacy statement

last modified: 28th of February 2024

1. Scope of this statement

This is the privacy statement required by German law for interacting with our websites. In the following "websites" refers to the internet addresses: www.fortrabbit.com, help.fortrabbit.com, blog.fortrabbit.com and dashboard.fortrabbit.com.

This statement covers usage from unregistered website visitors as well as registered clients.

2. Name and address of the responsible

The legally responsible, hereinafter also "we" or "our", within meaning of the General Data Protection Regulation and other national data laws of the member states as well as other data protection regulations, is:

fortrabbit GmbH
Gloaguer Str. 24
10999 Berlin
[email protected]

3. General information about data processing

1. Scope of processing of personal data

  1. In principle, we process personal data of our users only insofar as this is necessary to provide a functional website and our content and services.
  2. The processing of personal data of our users takes place regularly only with the consent of the user.
  3. An exception applies in cases in which prior consent is not possible for actual reasons and the processing of the data is permitted by law.

2. Legal basis for the processing of personal data

  1. Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) as legal basis.
  2. In the processing of personal data necessary for the performance of a contract of which the data subject is a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual actions.
  3. If processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 para. 1 lit. c DSGVO as legal basis.
  4. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
  5. If processing is necessary to safeguard the legitimate interests of our company or a third party and if the interest, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 para. 1 lit. f DSGVO as legal basis for processing.

3. Data deletion and storage duration

  1. The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage is removed.
  2. It may also be stored if provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject.
  3. A blocking or deletion of the data takes place if the storage period, prescribed by the standards mentioned, expires, unless there is a need for further storage of the data for a contract or fulfillment of the contract.

4. Providing the website and creating log files

1. Description and scope of data processing

  1. Whenever our website is accessed, our system automatically collects data and information from the computer system of the computer making the request.
  2. The following data is collected here: information about the browser type and the version used, the user's operating system, the IP address of the user, the date and time of access, websites from which the user's system accesses our website, websites which are accessed by the user's system through our website.
  3. The data is also stored in the log files of our system.

2. Legal basis for data processing

  1. The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.

3. Purpose of the data processing

  1. The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be kept for the duration of the session.
  2. Storage in log files is done to ensure the functionality of the website.
  3. In addition, the data is used to optimize the website and to ensure the security of our information technology systems.
  4. An evaluation of the data for marketing purposes does not take place in this context.
  5. In these purposes, our legitimate interest in the processing of data accords with Art. 6 para. 1 lit. f DSGVO.

4. Duration of storage

  1. The data will be deleted as soon as they are no longer necessary for the purpose of their collection.
  2. In the case of the collection of data for the provision of the website, this is the case when the respective session is completed.
  3. In the case of storing the data in log files, this is the case after no more than seven days, unless legal or technical reasons or the need for security make longer storage necessary.
  4. Further storage is possible.
  5. In this case, the IP addresses of the users are deleted or alienated, so that an identification of the calling client is no longer possible.

5. Removal possibility

  1. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website.
  2. There is consequently no contradiction on the part of the user.

5. Use of cookies

1. Description and scope of data processing

  1. Our websites use cookies. Cookies are text files that are stored in the browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system.
  2. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.
  3. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser be identified even after a page break.
  4. The cookies store and transmit data such as currency, session and account information, selection in ordering systems, CSRF tokens and potentially other metadata.

2. Legal basis for data processing

  1. The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f DSGVO.

3. Purpose of the data processing

  1. The purpose of using technically necessary cookies is to facilitate the use of websites for users.
  2. Some features of our website can not be offered without the use of cookies.
  3. For this it is necessary that the browser is recognized even after a page break.
  4. For these purposes, our legitimate interest in the processing of personal data is pursuant to Art. 6 para. 1 lit. f DSGVO.

4. Duration of storage, objection and disposal options

  1. Cookies are stored on the computer of the user and transmitted by this on our side.
  2. Therefore, as a user, you have full control over the use of cookies.
  3. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies.
  4. Already stored cookies can be deleted at any time.
  5. This can also be done automatically.
  6. If cookies are disabled for our website, not all features can be fully used.

6. Registration

1. Description and scope of data processing

  1. On our website, we offer users the opportunity to register by providing personal information.
  2. The data is entered into an input mask and transmitted to us and stored.
  3. In addition to the data that the user enters in our input masks, the IP address of the user, location data and date and time of registration are also stored.
  4. As part of the registration process, the user's consent to the processing of this data is obtained.

2. Legal basis for data processing

  1. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR.
  2. If the registration serves the fulfillment of a contract of which the user is a party or the implementation of pre-contractual measures, an additional legal basis for the processing of the data is Art. 6 (1) lit. b DSGVO.

3. Purpose of the data processing

  1. User registration is required for the provision of certain content and services on our websites. In the case of registration for free trial offers, registration is required for the prevention of abuse.
  2. Registration of the user in connection with the ordering of paid services is required to fulfill a contract with the user or to carry out pre-contractual measures.

4. Duration of storage

  1. The data will be deleted as soon as they are no longer necessary for the purpose of their collection.
  2. This is the case during the registration process for the performance of a contract or for the performance of pre-contractual measures if the data are no longer necessary for the performance of the contract.
  3. Even after conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations, the latter in particular according to HGB and the tax law.

5. Opposition and removal possibility

  1. As a user, you have the option of canceling the registration at any time. You can change the data stored about you at any time.
  2. If the data are necessary for the fulfillment of a contract or for the execution of pre-contractual measures, a premature deletion of the data is only possible, as far as non-contractual or legal obligations preclude a deletion.

7. Product information

1. Description and scope of data processing

  1. We regularly contact our registered clients via e-mail for updates, such as scheduled maintenance, new releases and updates informing of security-relevant changes.
  2. The data from the input mask are transmitted to us during registration.
  3. For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.
  4. In connection with the processing of data for the shipment of product information, no transfer of the data to third parties takes place.
  5. The data will be used exclusively for sending the product information.

2. Legal basis for data processing

  1. Legal basis for the processing of the data after the user has registered for the newsletter is the consent of the user Art. 6 para. 1 lit. a GDPR.

3. Purpose of the data processing

  1. The collection of the user's e-mail address serves to provide the product information.

4. Duration of storage

  1. The data will be deleted as soon as they are no longer necessary for the purpose of their collection. The e-mail address of the user is therefore (like all contract-related data) stored as long as the client maintains an active user account.

5. Opposition and removal possibility

  1. You may object to storage for the future if you terminate your Account at the same time.
  2. It is also possible to suspend the receipt of e-mails temporarily, but this does not end the storage of your e-mail address, which is required for the execution of the contract.

8. E-mail contact

1. Description and scope of data processing

  1. It is possible to contact the provided e-mail address.
  2. In this case, the user's personal data transmitted by e-mail will be stored.
  3. The data is used exclusively for the processing of the conversation.

2. Legal basis for data processing

  1. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) lit. f DSGVO. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

3. Purpose of the data processing

  1. In the case of contacting by e-mail, this also includes the necessary legitimate interest in the processing of the data.

4. Duration of storage

  1. The data will be deleted as soon as they are no longer necessary for the purpose of their collection.
  2. For the personal data sent via e-mail, this is the case when the respective conversation with the user has ended.
  3. The conversation ends when it can be inferred from the circumstances that the relevant facts have been finally clarified.
  4. Statutory regulations, such as the obligation to store business mail, may preclude premature cancellation.

5. Opposition and removal possibility

  1. The user has the opportunity to revoke his consent to the processing of personal data at any time.
  2. If the user contacts us by e-mail, he may object to the storage of his personal data at any time.
  3. In such a case, the conversation can not continue.

9. Data collection by third party companies

We are using third party sub processors to improve our service offerings. That might also include sharing some personal data. See a list of services in use and their application here: fortrabbit.com/sub-processors

10. Rights of data subjects

Please visit fortrabbit.com/dsar