Privacy Policy
Effective July 10, 2022. Last updated December 30, 2024.For Definitions, see Terms of Service §1. References use a separate naming space.
This page explains how We collect, use, store, and protect information from and about You when using Our Services. By accessing and using the Services, you agree to the collection and purposes of usage of information in accordance to this policy. Together with the Terms of Service, this document constitutes the Service usage agreement between You and Us.
1. Collected Information
1.1. Device Information
We may automatically collect and process information about Your device when accessing the Services in any way, and store it, or information derived from it, in log files. This includes:
- IP address and source port
- Operating system and browser name (if applicable)
- Device specifications (for example, language settings or type of device)
1.2. Page Usage and Performance
We may automatically collect the following information when visiting one of Our websites:
- Which of Our sites you visit, when you visited them, and for how long
- How you interact with the site (for example, mouse movements and mouse clicks)
- From which site you visited Our site (referral information)
- Page performance statistics (for example, how fast the page loaded from Our servers)
1.4. User-Provided Information
a. If you sign up for a User Account or any other service (for example, mailing lists), we store the information provided by You to provide You with the Service. The minimum required information for a User Account is any username and password and Your email address. Further information may be provided by You to access other Services or improve the experience when using other Services.
b. We also store data directly provided by You through Our services. This includes, for example, provided personal information (see §1.5), and uploaded images (profile picture), documents, and other resources. By actively providing this information to Us, You agree that we store this personal information about You indefinitely (see §4).
c. Generally, only Your username or display name and Your profile picture is actively used, for display, and Your email address is used for transactional emails. Your provided information can freely flow between different Services by Us without further notice, although they will stay within Our control and premises.
1.5. Personally Identifiable Information
Personally Identifiable Information (or "Personal Information") includes, but is not limited to, legal name, address, phone number, email address, cookies, browser fingerprints, and IP addresses.
2. Cookies
Cookies are small pieces of data potentially stored on Your computer after visiting a website, to provide a better user experience by keeping information across visits or page navigations.
2.1. First-Party Cookies
We do not use any first-party cookies except ones absolutely necessary, which, for Our Services, usually only includes session cookies, used for example when You log into any of Our Services with Your User Account. If You disable these, You will not be able to log in, but will still be able to access most of the Services. You can most likely disable cookies or delete existing cookies in your browser settings.
2.2. Third-Party Cookies
We do not use any third-party cookies nor externally-hosted third-party services with the primary purpose of data analytics or collection. Few of Our Services or websites may use other third-party services as described under §6.
3. Usage and Sharing of Information
3.1. Service Operation
We use information, especially information described in §1.4, to provide You with the Service. We may also use Your information to contact You in case there is a problem with Your User Account (if applicable), or similar. We may also Your information for additional purposes not described in this section, with Your consent or described by Us when You provide the information.
3.2. Safety and Security
We may use collected information to protect Our Services, prevent misuse or abuse and to enforce our Terms of Service. For example, collecting IP address data and similar information allows us to identify malicious clients accessing Our Services, and report their suspicious behavior internally. This helps Us protect Our Services and other Users of the Services (see also §3.4).
3.3. Legal Requirements
We may share information we have about You or provided by You if we are required to do so by a higher authority or the government. We may also share information if We believe that it is necessary to prevent serious damage to a person or business. Situations as described in this section and in section §3.5 are the only times information about You, described in §1, is transferred outside of Our organization, in which case You will be notified by Us, if possible.
3.4. Improve User Experience
We use information, especially information described in §1.1 and §1.2, to improve the user experience on Our websites. For example, by analyzing detailed user behavior on certain websites, we can improve the site's interface design to make it easier for users to interact with it; or by collecting aggregated statistics about the browser version and geolocation of users, we can optimize our websites and infrastructure to create a better experience for these users. Furthermore, the information helps Us determine the legitimacy of a client accessing Our Services, which minimizes the impact of security measures on legitimate users like You by showing less CAPTCHA challenges or similar functions.
3.5. Data Transfer to External Services
Some Services may require transfer of Your provided personal information to external third party services. If this is the case, it is explicitly specified in the additional Privacy Information of the Service.
4. Data Retention
a. We may store the information described on this page for the amount of time we deem necessary. Temporary personal data (e.g. IP address of a visit) will usually be stored no longer than 7 days. Certain other provided information, for example account information and other information actively provided by You, is stored indefinitely until requested to be deleted by You. Information may be stored longer than usual when required to strengthen securityof Our Services, to comply with legal obligations, resolve disputes, or similar situations.
b. If You delete Your own information in Our Services (for example, when terminating Your User Account), it is deleted immediately and permanently. Note that this may not delete all information about You (see Terms of Service §10.1a for more information). If You would like to make sure we delete all available information about You, You may contact us and Your data will be deleted within 14 days upon receipt of Your request. The easiest option when You had a User Account is for You to provide us Your user ID, available at the SSO account management page under "Debug Information". Otherwise, You may need to provide Us additional information, for example account names and all Services accessed by You.
5. Data Security
a. We care about security, and this includes Your data. All information transferred using HTTPS and SMTPS is encrypted and authenticated using TLS and does not pass unencrypted through any third-party services (e.g. reverse proxy or DDoS protection services), but only through servers fully controlled and monitored by Us.
b. Data stored on our servers have strict software and hardware access controls, and only authorized people may access this data.
c. Of course, no method of transmission over the Internet or storage is absolutely secure, and while We do strive to use widely accepted technologies and high security measures, we cannot fully guarantee the absolute security of Our or Your data.
6. Third-Party Services
a. While content and data related to or passing through Our infrastructure and domains do not use third party services, some of Our web pages may embed resources from third party services. When loading such a web page, Your browser will make requests to such external services, with which information about Your browser, device, and network connection is transmitted to this service. This does not mean We are directly sending Your personal information to third party services. The following paragraphs list all third party services that are used on any of Our web pages. Please refer to their individual terms and policies for more information.
b. "hCaptcha" by Intuition Machines, Inc., 350 Alabama St 10, San Francisco, California 94110, United States. Legal Information, Privacy Policy.
c. "OpenStreetMap" by OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, CB4 0WS Cambridge, United Kingdom. Legal Information, Privacy Policy.
7. Miscellaneous
a. Our Services are not intended for use by people under the age of 16, and We do not knowingly collect information about such people. If We become aware of such information stored or collected by Us, for example through a hint given through Our contact methods (see §4b or Terms of Service §1f), We will take steps to remove that information from Our Services and storage.
b. Our Services may include external links to other sites not operated by Us. Other sites have other content, policies, and terms over which We have no control over, and which You must review before continuing to that site by clicking the external link.
c. Data is processed and stored on servers in Germany. If You are located outside Germany, note that Your Information will be transferred to and processed in Germany, although laws of Your jurisdiction still apply (see §8).
d. We may update this Privacy Policy. Changes are visible on this page upon the changes becoming effective. We may notify You about changes in the Privacy Policy if We have an effective means of doing so.
8. Applicable Law
a. All applicable laws in your jurisdiction also apply.
b. This includes that, for EU Users, we are bound by the terms of the General Data Protection Regulation (GDPR), and therefore you also have all rights provided by the GDPR. This includes, for example, Your right to receive a copy of Your data, to request a correction or deletion of Your data, or the right to withdraw consent.
c. Temporary personal data is collected on a legitimate interest basis [Art. 6 Abs. 1 lit. f DSGVO], while other data is required for providing the Services, as described in §3 [Art. 6 Abs. 1 lit. b DSGVO].
d. According to applicable law, You always have the right to object to some of Your personal information being processed for reasons arising from your particular situation. The processing of Your personal information will end, unless we can demonstrate legitimate reasons for the processing that outweigh your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.
e. The responsible data processor is stated in Terms of Service §1a.2.