What privacy means to us

In order to be able to actively pursue data protection, you have to understand when, how and which data is collected. But of course also why and above all where they are stored. Unfortunately, this is not always immediately obvious to many website operators. The integration of certain tools, plugins and libraries, and of course the hosting of the respective systems, usually plays a major role here. For us, dealing responsibly with these requirements and technical principles means data protection. If you have any questions about data protection, simply send us a message with your request.


Jetzt Nachricht senden

Our privacy policy

- unsere Datenschutzerklärung

Table of contents

  • 1.- Rights of the customer
    1.1 Right to information and confirmation
    1.2 Right of correction
    1.3 Cancellation rights
    1.4 Right to restrict processing
    1.5 Right to object to processing
    1.6 Right to data portability
    1.7 Right to withdraw consent under data protection law
    1.8 Right of appeal to the supervisory authority
    1.9 Legal or contractual provisions for the provision of personal data
  • 2.- What data we collect and process
    2.1 Webserver
    2.2 Contract data
    2.3 Data you store on our servers
    2.4 Customer correspondence
    2.5 Domain Holder Requests
    2.6 Cookies, pixels and other procedures
    2.7 Google reCAPTCHA
    2.8 Social media
  • 3.- Legal basis of the processing
  • 4.- Categories of recipients
    4.1 Registrars and Registrars
    4.2 Processors
    4.3 Authorities
  • 5.- Data processing in third countries
    5.1 Registries
    5.2 Internet Security Research Group (Let’s Encrypt)
  • 6.- Duration of storage
    6.1 Period in general
    6.2 Domain Holder Requests
    6.3 Log and account data
    6.4 Customer correspondence and payment procedures
    6.5 Subscriptions & contract data

1.- Rights of the customer

1.1 Right to information and confirmation
You have the right at any time to receive information from us free of charge as well as confirmation of the personal data stored about you and a copy of this information.

1.2 Right of correction
You have the right to request the immediate correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data, also by means of a supplementary declaration, taking into account the purposes of the processing.

1.3 Cancellation rights
You have the right to have your personal data erased immediately if one of the following reasons applies and if the processing is not necessary:

  • The personal data has been collected or otherwise processed for purposes for which it is no longer necessary
  • They withdraw their consent on which the processing was based and there is no other legal basis for the processing.
  • Pursuant to Article 21 para. 1 GDPR Objection to the processing, and there are no overriding legitimate reasons for the processing, or you submit in accordance with Art. 21 paragraph 2 GDPR Objection to the processing.
  • The personal data were processed unlawfully.
  • The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject.
  • The personal data was collected in relation to the information society services offered in accordance with Article 8, paragraph 1 GDPR.

1.4 Right to restrict processing
You have the right to request the restriction of processing if one of the following conditions is met:

  • The accuracy of the personal data is disputed by you, for a period that allows us to verify the accuracy of the personal data.
  •  The processing is unlawful, you object to the deletion of personal data and instead request the restriction of the use of personal data.
  • We no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims.
  • You object to the processing pursuant to Article 21 para. 1 GDPR and it is not yet clear whether our legitimate reasons prevail against it.

1.5 Right to object to processing
You have the right to object at any time to the processing of your personal data. We no longer process the personal data in the event of an objection, unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves the assertion, Exercise or defend legal claims. You have the right to object at any time to the processing of your personal data for direct marketing purposes.

1.6 Right to data portability
You have the right to receive your personal data in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance by us, provided that the processing is carried out on the basis of consent in accordance with the privacy policy we have drawn up, if the processing is not necessary for the performance of a task that is in the public interest or in the exercise of public authority, which has been delegated to the controller.
Furthermore, when exercising your right to data portability pursuant to Article 20 para. 1 GDPR, the right to obtain that the personal data is transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

1.7 Right to withdraw consent under data protection law
You have the right to withdraw your consent at any time.

1.8 Right of appeal to the supervisory authority
You have the right at any time to contact a supervisory authority in the Member State of your place of residence or place of work or the alleged violation if you believe that the processing of your personal data is contrary to the EUGeneral data protection regulation violates.

1.9 Legal or contractual provisions for the provision of personal data
The provision of personal data may be required by law (e.g., tax regulations) or may also result from contractual regulations (e.g., information about the contractual partner). Sometimes it may be necessary for a contract to be concluded that you provide us with personal data, which must subsequently be processed by us. For example, you are required to provide us with personal data when we enter into a contract with you. Failure to provide the personal data would result in the contract not being concluded.

 

 

2.- What data we collect and process

2.1 Webserver
When you visit our website or use our services, the device with which you access the page automatically transmits connection data to our servers. This is especially the case when you log in or when you upload or download data. The following connection data is collected during this process: client IP, request line, timestamp, status code, size of the response body, referer sent by the client, user agent sent by the client and the remote user.

2.2 Contract data
We collect, process and store the data you provide when you book or order an offer from us. We also store and process data about the order and payment history.

2.3 Data you store on our servers
We collect, process and store the data you save yourself when you use our services. This includes making backup copies in our backup systems.

2.4 Customer correspondence
We process the data that arises when you contact us, for example, by e-mail, fax or post.

2.5 Domain Holder Requests
We process the data you provide in the context of domain holder requests. This includes your name, address, e-mail address and personal data that you provide to us for the purpose of verifying the right to provide information.

2.6 Cookies, pixels and other procedures
We use cookies, pixels and similar technologies at various points on our website.  We use the term "cookies" as a common umbrella term, which also includes tags, pixels and scripts as an alternative technical implementation. Cookies are small identifiers that a server stores on the device with which you access our website or our services. They contain information that can be accessed when you access our services and thus enable a more efficient and better use of our offers. We use persistent and session cookies, which are deleted when you close your web browser. Permanent cookies remain on your device until they are no longer necessary to achieve their purpose and are deleted.

2.7 Google reCAPTCHA
Data protection also means protecting yourself from spam and attacks on your own systems with proactive measures. Due to an increased number of attacks on our system, we therefore use Google reCAPTCHA on our website. The data processing takes place on the basis of Article 6 paragraph 1 letter f GDPR. The website operator has a legitimate interest in protecting its web applications from abusive automated spying and SPAM. The script of the data interface for the use of reCAPTCHA is integrated exclusively on the subpages, where it is also used. reCAPTCHA is intended to check whether data entry on our websites is carried out by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g., IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google, and reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

For more information on Google reCAPTCHA and Google’s privacy policy, please refer to the following link:
Google Privacy Policy

Provider
Google Inc.
1600 Amphitheatre Parkway
Mountain View
CA 94043, United States

2.8 Integration of Adobe Typekit
We use Adobe Typekit for the visual design of our website. Typekit is a service provided by Adobe Systems Software Ireland Companies (hereinafter referred to as "Adobe") that grants us access to a font library. To integrate the fonts we use, your browser must connect to an Adobe server in the USA and download the font required for our website. This informs Adobe that your IP address was used to access our website.  Calling script libraries or font libraries automatically triggers a connection to the library operator.

For more information about Adobe Typekit from Adobe, see the following link: 
Adobe Privacy Policy

Provider
Adobe Systems Software Ireland Companies
4-6 Riverwalk
Citywest Business Campus Dublin 24,
Republic of Ireland

2.9 Social media
We use icons of the social networks Facebook, Instagram and LinkedIn on our website In order to increase the protection of your data when visiting our website, the redirects are static links, which are integrated using locally stored font files. This prevents your data from being sent to the social networks when you visit our website. A contact between you and the social network will not be established until you actively click on the link (the icon). Detailed information about the data processing in connection with the use of our social media offers, possibilities to object and the assertion of information rights can be found in the privacy policy of the respective platform operator.

Facebook
Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Instagram
Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
LinkedIn
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

 

 

3.- Legal basis of the processing


We process and use your data to perform the contract and provide our services, to improve our services and our websites, to provide updates and upgrades and to send you notifications regarding the service, as well as invoicing and collecting our claims. Article 6 I lit. a GDPR serves as the legal basis for processing operations where we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract, the processing is based on Article 6 I letter b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. We are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations. This legal basis is used for processing operations that are not covered by any of the aforementioned legal bases if the processing is necessary to safeguard our legitimate interests or those of a third party, provided that the interests Fundamental rights and freedoms of the person concerned do not prevail. In particular, we are permitted to carry out such processing operations because the European legislator specifically mentions them. A legitimate interest is usually assumed if the data subject is a customer of the controller.

 

 

4.- Categories of recipients


4.1 Registrars and Registrars
For domain registrations, we must forward certain personal data to the registrars and registrars.

4.2 Processors
We pass on various personal data as controllers to our processors as part of order data processing. We have ensured the security of your data by concluding agreements on order data processing. Our processors can be divided into the following categories:

  • Provision of services: This includes sending newsletters, printing and sending invoices, customer surveys, payment service providers, data carrier destruction
  • Operation of services, maintenance and maintenance of hardware and software

4.3 Authorities
We only disclose data to authorities and third parties in accordance with legal regulations or a judicial title. Information to authorities can be provided on the basis of a legal requirement for security or for prosecution. Third parties will only receive information if required by law, for example in the case of copyright infringement.

 

5.- Data processing in third countries


5.1 Registries
For the registration of Top Level Domains, which are processed on the basis of Article 49 paragraph 1 letter b GDPR.

5.2 Internet Security Research Group (Let’s Encrypt)
 We act as an intermediary in the procurement and maintenance of SSL certificates. We transfer your data to the Internet Security Research Group Let’s Encrypt. in the United States so that Internet Security Research Group can make its service available to Let’s Encrypt. The processing is carried out on the basis of Article 49 Paragraph 1 letter b GDPR.

 

 

6.- Duration of the storage

6.1 Period in general
We process and store personal data only for the period necessary to achieve the storage purpose or if required by law. The purpose of the processing is usually achieved with the termination of your contract

6.2 Domain Holder Requests
Data we collect in connection with domain owner requests will be stored until the date of deletion or a domain transfer after application.

6.3 Log and account data
Log and account data are stored with us with login for a maximum of 6 months. After termination of the contract, the account data will be deleted within 4 months.

6.4 Customer correspondence and payment procedures
Customer correspondence, order and payment history is subject to the statutory retention period of 6 years in accordance with Section 257 HGB and Section 147 AO

6.5 Subscriptions & contract data
For contract data, the processing will be restricted after termination of the contract, after expiry of the 10-year legal retention period pursuant to Section 257 HGB and Section 147 AO, they will be deleted.  You can change and delete data that you store in our services yourself. After termination of the contract, we delete the data stored in the services within 1-3 months.  Backup copies in our backup systems are automatically deleted with a time delay.