Privacy Policy
Effective July 10, 2022. Last updated October 9, 2024.For Definitions, see Terms of Service, §1. References use a separate naming space.
This page explains how We collect, use, store and protect information from and about You when using Our Services.
1. Collected Information
1.1. Device Information
We may automatically collect and process information about Your device in log files. This includes:
- IP address and source port
- Operating system and browser name
- Device specifications (e.g. language settings or screen size)
1.2. Page Usage and Performance
We may collect the following site information:
- Which of Our sites you visit, when you visited them, and for how long
- How you interact with the site (e.g. mouse clicks)
- From which site you visited Our site (referral information)
- Page performance statistics (for example, how fast the page loaded from Our servers)
1.3. User-Provided Information
a. If you sign up for a User Account or any other service (for example, mailing lists), we store the information provided by You to provide You with the Service. The minimum required information for a User Account is any username and password and Your email address. Further information may be provided by You to access other Services or improve the experience when using other Services.
b. We also store data directly provided by You through Our services. This includes, for example, provided personal data, and uploaded images (profile picture), documents, and other resources. By actively providing this information to Us, You agree that we store this personal information about You indefinitely (see §4).
c. Generally, only Your username or display name and Your profile picture is actively used, for display, and Your email address is used for transactional emails. Your provided information can freely flow between different Services by Us, although they will stay within Our control.
2. Cookies
Cookies are small pieces of data potentially stored on Your computer after visiting a website, to provide a better user experience by keeping information across visits or page navigations.
2.1. First-Party Cookies
We do not use any first-party cookies except ones absolutely necessary, which, for Our Services, usually only includes session cookies, used for example when You log into any of Our Services with Your User Account. If You disable these, You will not be able to log in, but will still be able to access most of the Services.
2.2. Third-Party Cookies
We do not use any third-party cookies or services.
3. Usage and Sharing of Information
3.1. Service Operation
We use information, especially information described in §1.3, to provide You with the Service. We may also use Your information to contact You in case there is a problem with Your User Account (if applicable), or similar.
3.2. Safety and Security
We may use collected information to protect Our Services, prevent misuse or abuse and to enforce our Terms of Service. For example, collecting IP address data and similar information allows us to identify malicious clients accessing Our Services, and report their suspicious behavior internally.
3.3. Legal Requirements
We may share information we have about You or provided by You if we are required to do so by a higher authority or the government. We may also share information if We believe that it is necessary to prevent serious damage to a person or business. Situations as described in this section and in section §3.5 are the only times information about You, described in §1, is transferred outside of Our organization, in which case You will be notified by Us, if possible.
3.4. Improve User Experience
We use information, especially information described in §1.1 and §1.2, to improve the user experience on Our websites. For example, by analyzing user behavior on certain websites, we can improve the site's interface design to make it easier for users to interact with it; or by collecting aggregated statistics about the browser version and geolocation of users, we can optimize our websites and infrastructure to create a better experience for these users.
3.5. Data Transfer to External Services
Some Services may require transfer of Your provided personal information to external third party services. If this is the case, it is explicitly specified in the additional Privacy Information of the Service.
4. Data Retention
a. We may store the information described on this page for the amount of time we deem necessary. Temporary personal data (e.g. IP address of a visit) will usually be stored no longer than 7 days. Certain other provided information, for example account information and other information actively provided by You, is stored indefinitely until requested to be deleted by You.
b. If You delete Your own information in Our Services (for example, when terminating Your User Account), it is deleted immediately and permanently. Note that this may not delete all information about You (see Terms of Service, §10.1a for more information). If You would like to make sure we delete all available information about You, You may contact us and Your data will be deleted within 14 days upon receipt of Your request. The easiest option when You had a User Account is for You to provide us Your user ID, available at the SSO account management page under "Debug Information". Otherwise, You may need to provide Us additional information, for example account names and all Services accessed by You.
5. Data Security
a. We care about security, and this includes Your data. All information transferred using HTTPS and SMTPS is encrypted and authenticated using TLS and does not pass unencrypted through any third-party services (e.g. reverse proxy or DDoS protection services), but only through servers fully controlled and monitored by Us.
b. Data stored on our servers have strict software and hardware access controls, and only authorized people may access this data.
6. Third-Party Services
a. While content and data related to or passing through Our infrastructure and domains do not use third party services, some of Our web pages may embed resources from third party services. When loading such a web page, Your browser will make requests to such external services, with which information about Your browser, device, and network connection is transmitted to this service. This does not mean We are directly sending Your personal information to third party services. The following paragraphs list all third party services that are used on any of Our web pages. Please refer to their individual terms and policies for more information.
b. "hCaptcha" by Intuition Machines, Inc., 350 Alabama St 10, San Francisco, California 94110, United States. Legal Information, Privacy Policy.
c. "OpenStreetMap" by OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, CB4 0WS Cambridge, United Kingdom. Legal Information, Privacy Policy.
7. Applicable Law
a. All applicable laws in your jurisdiction also apply.
b. For example, for EU clients, we are bound by the terms of the General Data Protection Regulation (GDPR), and therefore you also have all rights provided by the GDPR. This includes, for example, Your right to receive a copy of Your data, to request a correction or deletion of Your data, or the right to withdraw consent.
c. Temporary personal data is collected on a legitimate interest basis [Art. 6 Abs. 1 lit. f DSGVO], while other data is required for providing the Services, as described in §3 [Art. 6 Abs. 1 lit. b DSGVO].
d. According to applicable law, You always have the right to object to some of Your personal information being processed for reasons arising from your particular situation. The processing of Your personal information will end, unless we can demonstrate legitimate reasons for the processing that outweigh your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.