Data privacy

This data protection declaration informs you about the nature, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer"). With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR = EU-DSGVO).

This content has been translated from the German language.

Person in charge:
smart eIDentity UG (haftungsbeschränkt)
#smarte Software
Lützeltaler Straße 5c
63868 Großwallstadt
Deutschland | GERMANY
E-Mail: privacy-Entfernen Sie diesen Text-

Data Protection Officer:
smart eIDentity UG (haftungsbeschränkt)
#smarte Software
Lützeltaler Straße 5c
63868 Großwallstadt
Deutschland | GERMANY
E-Mail: privacy-Entfernen Sie diesen Text-

Types of data processed:
We process your data in connection with § 6b DSGVO for the fulfillment of (pre-)contractual purposes, insofar as you have given your consent to data processing (§ 6 a DSGVO) or insofar as legal requirements dictate (§ 6 c DSGVO).
In doing so, we process the following data:
- Inventory data (e.g., names, login names).
- Contact data (e.g., e-mail address).
- Content data (e.g., text input, mail message texts).
- Usage data (e.g., last login, number of request).
- Meta/communication data (e.g., browser type, IP addresses).

Purpose of the processing:
The main purpose of the processing is the provision of our online offer, its functions and content. In addition, we process data to respond to contact requests and to communicate with users.

Provision of contractual services:
We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO. The entries marked as mandatory in online forms and/or contractual documents are necessary for the conclusion of the contract.
In the context of the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the users in protection against abuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c DSGVO.

Registration function:
Users must create a user account. As part of the registration process, users are provided with the required mandatory information. The data entered during registration will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention is necessary for commercial or tax reasons in accordance with Art. 6 para. 1 lit. c DSGVO. It is the responsibility of the users to save their data in the event of termination before the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.

Sending status notifications:
With the following instructions, we inform you about the contents of the automated e-mail messages or status displays as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By setting up e-mail notifications, you agree to receive them and to the procedures described.
Security note e-mail use: We point out that data transmission on the Internet (especially by e-mail) has security vulnerabilities. When communicating via unencrypted e-mail, the data security on the part of the provider can not be fully guaranteed.
Content of e-mail messages: We send e-mail notifications and other electronic notifications (e.g. about changes to the service or status information) only with the consent of the recipients or a legal permission. If, in the context of a registration for the e-mail status notification service, its contents are specifically described, they are decisive for the consent of the users. Otherwise, our notification emails contain information about our services and us.
Double-Opt-In and logging: The registration for our e-mail notifications as well as account registration is carried out in a so-called double-opt-in process. That is, after registration you will receive an e-mail containing an activation code to complete the confirmation process of your registration. This confirmation is necessary so that no one can register with other people's e-mail addresses. The logins to the e-mail notifications are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address.
For the receipt of product-related information or newsletters, a separate activation in your user account is necessary. This activation is voluntary.
The logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO. Our interest is directed towards the use of a user-friendly as well as secure email notification service that serves our business interests as well as meets the expectations of the users and further allows us to prove consent.
Cancellation/Revocation - You may cancel receipt of our email notifications, i.e. revoke your consents, at any time. You will find a link to cancel the e-mail notification in the online offer under "Account data".

Transfers to third countries:
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. DSGVO are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection that corresponds to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").

Cooperation with processors and third parties:
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, is required for the performance of the contract pursuant to Art. 6 (1) lit. b DSGVO), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 DSGVO.

The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer.
In this context, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO. Art. 28 DSGVO.

Collection of access data and log files:
We, or our hosting providers, collect data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO, we collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of 21 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.

Transmission of data via our API interfaces:
- Identification requests:
As part of our service, we process data that you send via our website or to our API interface for identification. These are, for example, telephone numbers, e-mail addresses, domain names. The contents of these requests are not explicitly stored. However, we are entitled to create and store resulting metadata for billing, security, statistical purposes and product improvement. (Art. 6f DSGVO)

- Reportings:
As part of our service, we process data that you report via our website or to our API interface. This data is stored permanently on the server to provide our service. This data includes the reported phone numbers, email addresses or domains. All data is used exclusively for the provision of our service. No further use of this data takes place.

Safety Procedures:
In accordance with Article 32 of the GDPR, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons; the measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access concerning them, input, disclosure, ensuring availability and their separation. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Article 25 of the GDPR).

Rights of data subjects:
You have the right to obtain confirmation as to whether data concerning you are being processed and to obtain information about such data, as well as further information and a copy of the data in accordance with Art. 15 GDPR.
You have the right, in accordance with Art. 16 DSGVO, to request that the data concerning you be completed or that incorrect data concerning you be corrected.
After the end of the contract, you have the right, in accordance with Art. 17 DSGVO, to demand that data concerning you be deleted without delay, or alternatively, in accordance with Art. 18 DSGVO, to demand restriction of the processing of the data, insofar as this does not conflict with any statutory retention periods.
You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 DSGVO and to request that it be transferred to other data controllers.
You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 DSGVO.

Right of withdrawal:
You have the right to revoke given consents according to Art. 7 para. 3 DSGVO with effect for the future.

Right to object:
You may object to the future processing of data concerning you in accordance with Art. 21 DSGVO at any time.

Deletion of data:
The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
According to legal requirements in Germany, data is stored in particular for 10 years in accordance with §§ 147 para. 1 AO, 257 para. 1 nos. 1 and 4, para. 4 HGB (books, records, management reports, accounting vouchers, commercial books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 para. 1 nos. 2 and 3, para. 4 HGB (commercial letters).

Cookies and right to object to direct marketing:
Cookies" are small files that are stored on users' computers. Different information can be stored within the cookies. The primary purpose of a cookie is to store information about a user (or the device on which the cookie is stored) during or after his visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. A login status, for example, can be stored in such a cookie. Permanent" or "persistent" cookies are cookies that remain stored even after the browser is closed. For example, the login status can be stored if users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which is used for range measurement or marketing purposes. Third-party cookies are cookies offered by providers other than the responsible party that operates the online offer (otherwise, if they are only its cookies, they are referred to as first-party cookies).
This website uses cookies to provide you with an optimal website experience. These include cookies that are necessary for the operation of the site and to manage our commercial business objectives, as well as those that are used only for anonymous statistical purposes or to display personalized content. You can decide for yourself which categories you wish to allow via our cookie settings. Please note that based on your settings, not all functionalities of the site may be available.

To the cookie settings of our website including an overview of the cookies we set:

Cookies that are set exclusively by our application (excluding third parties) can be manually removed using the " - Delete Cookies" function. Please note that this will reset your current visitor status on our website.

If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The instructions for managing cookies on your browser can usually be found under the help function of your browser or in the operating instructions of your smartphone/tablet. The exclusion of cookies can lead to functional restrictions of this online offer up to non-usability. A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the U.S. site or the EU site

In order to add you to our newsletter distribution list, we require confirmation that you are the owner of the email address provided and that you agree to receive the newsletter. The data collected is only used to send the newsletter and to document your consent. No other processing or disclosure to third parties will take place. You can revoke the newsletter and the consent to store the data at any time.

We use the following services from Google:
Cookie provider:

Google LLC
1600 Amphitheatre Parkway
Mountain View
CA 94043, USA

Google Webfonts:
To prevent the forwarding of user data to Google in the USA, copies of Google Web Fonts are embedded locally on our servers. We use Google Web Fonts which are published under the following licenses:

Apache License, Version 2.0 (Roboto - Copyright 2011 Google Inc).
SIL Open Font License, 1.1 (Lato - Copyright 2010-2011 by tyPoland Lukasz Dziedzic)
SIL Open Font License, 1.1 (Poppins - Copyright 2020 The Poppins Project Authors)

This site uses so-called web fonts provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google's servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. If your browser does not support web fonts, a standard font will be used by your computer.
Google LLC, based in the USA, is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.
For more information on Google Web Fonts, please visit and Google's privacy policy:

Google Analytics:
This website uses Google Analytics to enable an analysis of the use of the website by website users. Your IP address is shortened by Google within the EU or the EEA and thus anonymized before this anonymized information is stored on servers in the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing us with other services relating to website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

With the following browser plugin, you can also prevent your IP address from being recorded by Google on the website:

Privacy policy: