Table of contents |
|
Change to our privacy policy |
We reserve the right to change our Privacy Policy and other terms stated below at any time. If we make changes, we’ll clearly indicate them at the top of this page with the date of modification. April 4, 2023: We have reworked our privacy policy with our new data protection officer. |
Scope of processing personal data |
In general, we only process the personal data of our users to the extent necessary to provide a functioning website with our content and services. The regular processing of personal data only takes place with the consent of the user. Exceptions include cases where prior consent cannot be technically obtained and where the processing of the data is permitted by law. |
Legal basis for the processing |
Where consent is appropriate for processing personal data, Art. 6 (1) (1) (a) GDPR serves as the legal basis to obtain the consent of the data subject for the processing of their data. As for the processing of personal data required for the performance of a contract of which the data subject is party, Art. 6 (1) (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual activities. When it is necessary to process personal data in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) (1) (c) GDPR serves as the legal basis. If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (1) (d) GDPR serves as the legal basis. If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third party, and the fundamental rights and freedoms of the data subject do not outweigh the interest of the former, Art. 6 (1) (1) (f) GDPR will serve as the legal basis for the processing of data. |
Data removal and storage duration |
The personal data of the data subject will be erased or restricted as soon as the purpose of its storage has been accomplished. Additional storage may occur if this is provided for by the European or national legislator within the EU regulations, law, or other relevant regulations to which the data controller is subject. Restriction or erasure of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfiling the respective contract. Your documents are deleted irreversible from our servers within 7 days when use the "Delete" button. Documents are deleted automatically after 60 days without view (Does not apply to Pro accounts). If you delete your account, all personal data and all your documents will be permanently deleted within 7 days. |
Possibility of objection and removal |
You can modify the data on your dashboard and you can delete your account at any time. When you delete your account, all associated data is permanently deleted within 7 days. Deleting your account also deletes all data stored at payment provider Stripe and ticket system Freshdesk (if there is any). Alternatively, you can contact us and we will modify or delete your data and/or delete your account/data for you. |
Description and scope of data processing |
Within our platform, it is possible to contact us via the email address provided. In this case, the user's personal data transmitted with the email will be stored. The following data is transmitted to us:
By contacting us via e-mail, the data processed is transferred to the service provider: Freshworks Inc., 2950 S. Delaware Street, Suite 201. San Mateo, California, USA (hereinafter referred to as: Freshdesk). The data is transferred to Freshworks servers in the USA. Part of the order processing contract with Freshworks are so-called EU standard contractual clauses ((Art. 46 (2) (c) GDPR)). These are to be classified as a safeguard for the protection of the transfer and processing of personal data outside the EU. For more information, please visit: https://www.freshworks.com/data-processing-addendum/ Freshdesk is a web-based customer relationship management (CRM) platform and ticket management solution that enables us to plan and monitor our customer support activities. Further information on the collection and storage of data by Freshworks can be found here: https://www.freshworks.com/privacy/ and https://www.freshworks.com/gdpr/company/ The data is used exclusively for processing the conversation. |
Purpose of the processing |
In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data. |
Legal basis for the processing |
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) (f) GDPR. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR. |
Duration of storage |
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of 14 days at the latest . |
Possibility of objection and removal |
You can modify the data on your dashboard and you can delete your account at any time. When you delete your account, all associated data is permanently deleted within 7 days. Deleting your account also deletes all data stored at payment provider Stripe and ticket system Freshdesk (if there is any). Alternatively, you can contact us and we will modify or delete your data and/or delete your account/data for you. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case. |
Description and scope of data processing |
A contact form is available on our platform, which can be used for electronic contact. If a user uses this option, the data entered in the input mask is transmitted to us and stored.
In connection with the data processing through the contact forms, the data is transferred to the following service provider: Freshworks Inc., 2950 S. Delaware Street, Suite 201. San Mateo, California, USA (hereinafter referred to as: Freshdesk). The data is transferred to Freshworks servers in the USA. Part of the order processing contract with Freshworks are so-called EU standard contractual clauses ((Art. 46 (2) (c) GDPR)). These are to be classified as a safeguard for the protection of the transfer and processing of personal data outside the EU. For more information, please visit: https://www.freshworks.com/data-processing-addendum/ Freshdesk is a web-based customer relationship management (CRM) platform and ticket management solution that enables us to plan and monitor our customer support activities. Further information on the collection and storage of data by Freshworks can be found here: https://www.freshworks.com/privacy/ and https://www.freshworks.com/gdpr/company/ The data is used exclusively for processing the conversation. |
Purpose of the processing |
The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the submission process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. |
Legal basis for the processing |
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (f) GDPR. Our legitimate interest results from the purpose of the data processing. If the e-mail contact is aimed at the conclusion or implementation of a contractual relationship, the additional legal basis for the processing is Art. 6 (1) (b) GDPR. |
Duration of storage |
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The additional personal data collected during the submission process will be deleted at the latest after the end of the contractual relationship or the end of the general use of the platform. |
Possibility of objection and removal |
You can modify the data on your dashboard and you can delete your account at any time. When you delete your account, all associated data is permanently deleted within 7 days. Deleting your account also deletes all data stored at payment provider Stripe and ticket system Freshdesk (if there is any). Alternatively, you can contact us and we will modify or delete your data and/or delete your account/data for you. In such a case, the conversation cannot be continued. |
Use of social networks |
We use different networks for our company websites. When using some networks, personal data may be transferred to servers in the USA. In order to ensure appropriate guarantees for the protection of the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by the networks listed below is carried out on the basis of appropriate guarantees pursuant to Art. 46 et. seq. GDPR, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 (2) (c) GDPR. |
|
|
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland On our company website, we provide information and offer Twitter users the opportunity to communicate. If you carry out an action on our Twitter company website (e.g. comments, posts, likes, etc.), it may be that you make personal data (e.g. clear name or photo of your user profile) public. However, since we generally or to a large extent have no influence on the processing of your personal data by Twitter, the company jointly responsible for the Lunaweb GmbH company website, we cannot make any binding statements about the purpose and scope of the processing of your data. Our corporate presence in social networks is used for communication and information exchange with (potential) customers. In particular, we use the corporate presence to present the company and its services. In this context, publications about the company's appearance may contain the following contents:
Every user is free to publish personal data through activities. The legal basis for data processing is Art. 6 (1) (a) GDPR. The data generated by the company website is not stored in our own systems. You can object at any time to the processing of your personal data that we collect in the context of your use of our Twitter corporate presence and assert your data subject rights as stated under IV. of this privacy policy. To do so, send us an informal email to info@cloudconvert.com. You can find more information about the processing of your personal data by Twitter and the corresponding objection options here: For more information, please visit: https://twitter.com/de/privacy |
Description and scope of data processing |
On our platform, we offer users the opportunity to register by providing personal data. The data is entered in an input mask and transmitted to us and stored. Registration allows the user to use the extended service functionality and access the previously converted files. The data will not be passed on to third parties. The following data is collected as part of the registration process:
You can also register/create a customer account via your Facebook, Google or Twitter account. In this case, you do not have to enter your data manually and we receive your data (Pseudonym, e-mail address, profile picture ) from Facebook, Google or Twitter, which we need to create a customer account for you. The personal data transmitted to us in this way will be used to the extent and for the purposes specified in your account settings on Facebook or in your Google or Twitter account. As part of the registration process, the user's consent to the processing of this data is obtained. |
Purpose of the processing |
Registration of the user is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures. To use the extended services of CloudConvert, it is necessary to register to clearly distinguish the user and allocate the desired resources. |
Legal basis for the processing |
The legal basis for the processing serves the fulfilment of a contract to which the user is a party or the implementation of pre-contractual measures. Therefore, the additional legal basis for the processing of the data is Art. 6 (1) (b) GDPR. |
Duration of storage |
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case for the data collected during the registration process for the fulfilment of a contract or for the implementation of pre-contractual measures when the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contractual partner in order to comply with contractual or legal obligations. |
Possibility of objection and removal |
You can modify the data on your dashboard and you can delete your account at any time. When you delete your account, all associated data is permanently deleted within 7 days. Deleting your account also deletes all data stored at payment provider Stripe and ticket system Freshdesk (if there is any). Alternatively, you can contact us and we will modify or delete your data and/or delete your account/data for you. If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion. |
Description and scope of data processing |
We offer our customers various payment options for processing costs incurred through the provision of our service. For this purpose, we forward customers to the platform of the corresponding payment service provider, depending on the payment option. After completion of the payment process, we receive the payment data of the customers from the payment service providers or our house bank and process them in our systems for the purpose of invoicing and accounting. |
Payment by credit card |
It is possible to complete the payment process by credit card. If you have selected payment by credit card, payment data will be passed on to payment service providers for payment processing. All payment service providers comply with the specifications of the "Payment Card Industry (PCI) Data Security Standards" and have been certified by an independent PCI Qualified Security Assessor. Within the framework of payment by credit card, the following data are regularly transmitted:
Payment data is passed on to the following payment service providers:
Further information on the data protection guidelines as well as revocation and removal options vis-à-vis the payment service providers can be found here: https://stripe.com/en-gb-de/privacy |
Payment by SEPA direct debit mandate |
Your data will be processed for the purpose of carrying out the SEPA direct debit procedure for the settlement of costs incurred through the use of our services. The personal data that Lunaweb GmbH collects from you for the above-mentioned purpose results from the "SEPA direct debit mandate". As soon as we have received the SEPA direct debit mandate signed by you, the data provided by you therein will be stored for the debiting of costs incurred. The data will be transferred to the participating banking institutions ( Stripe Inc., house bank of Lunaweb GmbH and the banking institution specified by you) within the framework of the direct debit procedure. |
Purpose of the data processing |
The transmission of payment data to payment service providers serves to process the payment, e.g. when you purchase a product and/or use a service, as well as to carry out direct debit procedures. |
Legal basis for the data processing |
The legal basis for the data processing is Art. 6 (1) (b) GDPR, as the processing of the data is necessary for the execution of the concluded purchase contract. |
Duration of the storage |
All payment data as well as data on possible chargebacks will only be stored for as long as they are needed for payment processing and possible processing of chargebacks and debt collection as well as for combating misuse. Furthermore, payment data may be stored beyond this if and as long as this is necessary to comply with statutory retention periods or to prosecute a specific case of misuse. Your personal data will be deleted upon expiry of the statutory retention obligations, i.e., after 10 years at the latest. |
Possibility of objection and removal |
You can revoke your consent to the processing of your payment data at any time by deleting your account, notifying the responsible party or the payment service provider used. However, the payment service provider used may still be entitled to process your payment data if and as long as this is necessary for the contractual processing of payments. |
Description and scope of data processing |
On our website we use functions of the content delivery network OVHcloud of OVH GmbH (Hereinafter referred to as OVHcloud). A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet to deliver content, especially large media files such as videos. OVHcloud offers web optimization and security services that we use to improve the load times of our website and to protect it from misuse. When you visit our website you will be connected to the servers of OVHcloud, e.g. to retrieve content. This allows personal data to be stored and evaluated in server log files, the user's activity (e.g. which pages have been visited) and device and browser information (e.g. IP address and operating system). Further information on the collection and storage of data by OVHcloud can be found here: https://www.ovhcloud.com/de/personal-data-protection/ |
Purpose of the processing |
The use of OVHcloud features serves to deliver and accelerate online applications and content. |
Legal basis for the processing |
The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - for this purpose, the server log files must be collected. |
Duration of storage |
Your personal information will be retained for as long as is necessary to fulfil the purposes described in this Privacy Policy or as required by law. |
Possibility of objection and removal |
Information about objection and removal options regarding OVHcloud can be found at: https://www.ovhcloud.com/de/personal-data-protection/ |