SpyOFF - Privacy Policy

Effective Date: July 2018

SpyOFF is committed to protecting online privacy. Therefore, we encrypt and anonymize the Internet connection of our users according to military standards. Our entire system has been designed to capture only the bare minimum of data needed to provide a world-class VPN service.

We attach great importance to understanding what information we collect, which information we DO NOT collect and what we use your information for.

The highest priority for us is data protection. There is no data retention in San Marino. So we can guarantee our no-log-policy (https://www.spyoff.com/en/no-logs). Once a user uses our VPN software, their Internet data is encrypted and their activities become invisible to ISPs, snoopers and criminals thanks to the latest security technologies. Users and their activities will at no time be monitored, logged, recorded, stored or shared with third parties while using our software.

I. Name and address of the person responsible

Sareta S.r.l., Serravalle (R.S.M.)
10 Cardio Street
47899 Serravalle
Repubblica San Marino
Tel.: 0044 203 519 2251
E-Mail: support@spyoff.com

II. General information on data processing

1. Scope of processing of personal data

In principle, we process personal data of you only insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users is basically only after the user's consent. An exception applies in cases where prior consent can not be obtained and the processing of the data is provided for by law

2. Legal basis for the processing of personal data

Insofar as we obtain your consent for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) as legal basis. In the processing of personal data required for the performance of a contract of which you are a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual actions. Insofar as processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 para. 1 lit. c DSGVO as legal basis. In the event that vital interests of you or another natural person require the processing of personal data, Art. 6 (1) lit. d DSGVO as legal basis. If the processing is necessary to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of yours do not outweigh the former interest, Art. 6 para. 1 lit. f DSGVO as legal basis for processing.

3. Data deletion and storage duration

Your personal information will be deleted or blocked as soon as the purpose of the storage is removed. In addition, such storage may be provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.

III. Provision of the website

1.Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.

The following data is collected here:

  • Date and time of access
  • Number, duration and order of page impressions on the website (Impressions)
  • A storage of this data together with other personal data of you will NOTtake place.

    2. Legal basis for data processing

    The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f DSGVO

    3. Purpose of the data processing

    The temporary storage of the data is necessary to enable delivery of the website to your computer, to ensure the functionality of the website, to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. For these purposes, our legitimate interest in the processing of data according to Art. 6 para. 1 lit. f DSGVO.

    4. Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    5. Opposition and removal possibility

    The collection of the data for the provision of the website and the storage of the data is essential for the operation of the website. There is therefore no contradiction on your part.

    Use of cookies

    1. Description and scope of data processing

    Our website uses cookies. Cookies are text files that are stored in the Internet browser or on the Internet browser on your computer system. When you visit a website, a cookie may be stored on your operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened

    We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser be identified even after a page break.

    The following data is stored and transmitted in the cookies:

  • Language settings
  • Articles in a shopping cart
  • Log-in information
  • Websites from which the system of the user reaches our website
  • Consent to the use of cookies
  • When you visit our website you will be informed by an info banner about the use of cookies for analysis purposes and referred to this privacy policy. In this context, there is also an indication of how the storage of cookies in the browser settings can be prevented

    2. Legal basis for data processing

    The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f DSGVO.

    3. Purpose of the data processing

    The purpose of using technically necessary cookies is to facilitate the use of websites for you. Some features of our website can not be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page break.

    We require cookies for the following applications:

  • Shopping cart
  • Acceptance of language settings
  • The user data collected through technically necessary cookies will not be used to create user profiles.

    For these purposes, our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 lit. f DSGVO.

    4. Duration of storage, objection and disposal options

    Cookies are stored on your computer and transmitted by it to our site. Therefore, you also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full.

    We also respect the "do not track" signals and do not track, do not use cookies, and do not use advertisements when there is a "not tracking" (DNT) browser mechanism.

    V. Newsletter

    1. Description and scope of data processing

    On our website you can subscribe to a free newsletter. The data from the input mask are transmitted to us when registering for the newsletter.

  • E-mail address
  • In addition, the following data is collected at registration

  • Date and time of registration
  • IP address
  • For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.

    The data will be used exclusively for sending the newsletter.

    2. Legal basis for data processing

    Legal basis for the processing of the data after your registration for the newsletter is in the presence of your consent Art. 6 para. 1 lit. a GDPR./p>

    3. Purpose of the data processing

    The collection of your e-mail address serves to deliver the newsletter.

    The collection of other personal data as part of the registration process is intended to prevent abuse of the services or the e-mail address used.

    4. Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection. Your e-mail address will therefore be saved as long as the subscription to the newsletter is active.

    5. Opposition and removal possibility

    Subscription to the newsletter may be terminated at any time by you. For this purpose, there is a corresponding link in each newsletter. This also allows a revocation of the consent to the storage of the personal data collected during the registration process.

    VI. VPN Software

    Anonymous VPN connection diagnostics and crash reports (can be disabled by the user)

    With your permission, we collect anonymized analysis data for network diagnostics. We use this data in our networking tools to optimize network speed and identify issues with specific apps, VPN servers, or ISPs. The information we receive is completely anonymous and can not be assigned to individual SpyOFF users (ie we do not store which user sent which data and do not store IP addresses). If you choose to share this information with SpyOFF, we collect the following information:

  • Diagnostic information about failure of a VPN connection attempt.
  • Speed test data
  • Crash reports, even without personally identifiable information.
  • Depending on your platform, these will be sent to these third parties:

  • Windows: Hockeyapp (owned by Microsoft). See Microsoft Privacy Policy (https://privacy.microsoft.com/en-us/PrivacyStatement)
  • Mac: Crashlytics (owned by Google). See Crashlytic's Privacy Policy (https://try.crashlytics.com/terms/privacy-policy.pdf)
  • iOS: Apple. See Apple's privacy policy. (https://www.apple.com/privacy/) iOS releases this data by default. You can disable this in iOS settings as described here. (Https://support.apple.com/de-de/HT202100)
  • Android: Google Analytics See Terms of Service for Google Analytics. (Https://www.google.de/analytics/terms/de.html)
  • After activating the SpyOFF app you will be asked if you want to share this data. You can start or stop this diagnostic data at any time in the settings menu of the app. This is non-personal information. There is NO information about the activity that is being performed in the SpyOFF VPN tunnel, such as: Browser history, saved web content, VPN traffic destinations, DNS queries, and IP addresses.

    SpyOFF uses the best physical, procedural and technical security with respect to our offices and information storage facilities to prevent loss, misuse, unauthorized access, disclosure or alteration of information. Access to user information is restricted to employees who need such access to perform their tasks. Although we believe that these systems are robust, it is important to understand that no data security measures in the world can provide 100% protection. Servers are located in data centers with strong security practices. None of these data centers require the collection or storage of traffic data or personal information related to your use of SpyOFF services. If any data center asked us to log such data, we would immediately stop using the data center and find alternative ways. Even if a government physically confiscates one of our VPN servers and manages to break their hard drive encryption, there are no protocols or information that bind a single user to a particular event, site, or behavior.

    VII. Registration

    1. Description and scope of data processing

    On our website, we offer you the opportunity to register with your personal information. The data is entered into an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. The following data is collected during the registration process:

  • E-mail address
  • Surname
  • Bank details
  • At the time of registration, the following data will also be stored

  • IP address
  • Date and Time
  • Payment method
  • Selected article and invoice amount
  • As part of the registration process, your consent to the processing of this information will be obtained.

    2. Legal basis for data processing

    Legal basis for the data processing is in the presence of your consent Art. 6 para. 1 lit. a GDPR.

    If the registration serves the fulfillment of a contract of which you are a party or the implementation of pre-contractual measures, then additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO..

    3. Purpose of the data processing

    Registration is required for the provision of certain content and services on our website. In addition, registration is required to fulfill a contract or to carry out pre-contractual action

    4. Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    This is the case for the data collected during the registration process when the registration on our website is canceled or modified.

    This is the case during the registration process for the performance of a contract or for the performance of pre-contractual measures if the data are no longer necessary for the performance of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations.

    5. Opposition and removal possibility

    As a user, you have the option at any time to cancel the registration and / or to modify the data stored about you. Simply send us an e-mail requesting deletion or modification to info@spyoff.com.

    If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible, unless contractual or legal obligations preclude deletion.

    VIII. Contact form and e-mail contact

    1. Description and scope of data processing

    On our website is a contact form available, which can be used for electronic contact. If you take this opportunity, the data entered in the input mask will be transmitted to us and saved. These data are:

  • E-mail address
  • First and Last Name
  • For the processing of the data, reference is made to this privacy policy in the context of the sending process.

    Alternatively, contact via the provided e-mail address is possible. In this case, your personal data transmitted by e-mail will be stored.

    In this context, there is no disclosure of the data to third parties. The data is used exclusively for processing the conversation.

    2. Legal basis for data processing

    Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR.

    The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) lit. f DSGVO. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

    3. Purpose of the data processing

    The processing of the personal data from the input mask serves us only to process the contact and subsequent improvement of our service. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

    4. Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    5. Opposition and removal possibility

    You have the option at any time by e-mail to info@spyoff.com to revoke your consent to the processing of personal data. In such a case, however, the conversation can not continue.

    All personal data stored in the course of contacting will be deleted in this case.

    IX. Blog with commentary

    a) Description and extent of processing of personal data

    At blog.spyoff.com we offer visitors to our website a blog with commentary function including the possibility to subscribe to comments via EmailReminder. To use the blog, the following data is collected:

  • name / pseudonym
  • E-mail address
  • Link
  • Selected payment method
  • Comment content
  • For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.

    b) Legal basis for the processing of personal data

    The legal basis for processing the data is Art. 6 para. 1 lit. a GDPR.

    c) Purpose of the data processing

    The collection of data serves to ensure security, as well as use of the blog. The collection of the e-mail address is intended to prevent misuse and the delivery of the e-mail reminder, if desired.

    d) Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    e) Opposition and removal options

    The subscription of the comments as well as the registration to the blog and the associated consent to the data processing can be terminated at any time. For this purpose, we find in every email from us a "unsubscribe link". After clicking on the link, the subscription to the comments will be deleted and you will no longer receive any reminder emails. To delete your pseudonym and your email, please send an e-mail to info@spyoff.com with the appropriate request.

    X. Disclosure of personal data to third parties

    1. Payment services and payment procedures

    a) Description and extent of processing of personal data

    Your data will only be disclosed if absolutely necessary for the provision of our VPN service and only for this purpose.

    In order to process your payment, the following data will be passed on to selected payment service providers. Their privacy policy can be found here:

    Paypal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

    Bitpay: https://bitpay.com/about/privacy

  • E-mail address
  • IP address at login
  • Registration time
  • Selected payment method
  • Selected article & invoice amount
  • For direct debit and direct debit and credit card in addition:

  • Surname
  • Bank details
  • b) Legal basis for the processing of personal data

    The legal basis for data processing is Art. 6 para. 1 lit. b DSGVO.

    c) Purpose of the data processing

    The transfer of the aforementioned data and their processing is mandatory for the fulfillment of the contract and the fraud detection and prevention necessary.

    d) Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    e) Opposition and removal options

    The collection of the data and their storage and processing is mandatory for the execution of the contract. There is therefore no premature contradiction and elimination possibility on your part.

    2. Third-Party-Cookies

    a) Description and extent of processing of personal data

    Our website uses various third-party cookies for analysis and marketing purposes:

    Google Adwords

    For marketing purposes, we use Google Adwords, an advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google").

    The following functions of the service are used by us:

    Remarketing feature: This feature allows us to show you advertisements based on your interests on other websites within the Google Display Network. For this, your behavior on our website is analyzed (for example, interest in certain offers / content) in order to be able to show you targeted advertising even after your visit to other sites. Google uses cookies for this purpose. This number is used to uniquely identify a web browser on a particular computer and not to identify a person; personal information will not be stored.

    Conversion Tracking:

    This will set a conversion tracking cookie on your machine when you click on a Google-served ad. These cookies lose their validity after 30 days, contain no personal data and are thus not used for personal identification. The information gathered using the conversion cookie is only used to generate conversion statistics for AdWords advertisers who have opted for conversion tracking.

    You may disable the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin.https://www.google.com/settings/ads/plugin

    Double Click

    To optimize and display advertising, we use DoubleClick from Google on our website (Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA). Data is transferred to the DoubleClick server with every impression, click, or other activity. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this request, DoubleClick sets a cookie on your system. The cookie is used, among other things, to serve and display user-relevant advertisements, as well as to generate reports on advertising campaigns or to improve them. Furthermore, the cookie is used to avoid multiple impressions of the same advertising. DoubleClick uses a cookie ID required to complete the technical process. For example, the cookie ID is needed to display an ad in a browser. DoubleClick can also use the cookie ID to see which ads have already appeared in a browser to avoid duplication. DoubleClick also allows the cookie ID to track conversions. For example, conversions will be tracked if you've previously seen a DoubleClick ad, and then you're making a purchase on the advertiser's website using the same Internet browser. A DoubleClick cookie does not contain any personally identifiable information. It can, however, contain additional campaign identifiers. This serves to identify the campaigns that you already use. Each time you visit our website, which incorporates a DoubleClick component, the Internet browser on your computer is automatically driven by the relevant DoubleClick component to submit data to Google for online advertising and commission billing purposes. In this context, Google is aware of data that Google also used to create commission statements. You may disable the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin. Additional information and DoubleClick by Google's applicable privacy policy can be found at https://www.google.com/intl/en/policies/.

    Bing Ads

    For marketing purposes, we use Bing Ads (bingads.microsoft.com), a product of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft"). When you reach our website from a Microsoft Bing ad, Microsoft places a cookie on your machine. So for us Microsoft understands that someone has clicked on an ad, has been redirected to our website and has reached a previously determined landing page (conversion page). We only hear the total number of users who clicked on a Bing ad and were then redirected to the conversion page. Microsoft uses the cookie to collect, process and use information that generates usage profiles using pseudonyms. These usage profiles are used to analyze visitor behavior and are used to display advertisements. No personal information about your identity will be processed.

    If you do not agree with this, you can prevent the collection of the data generated by the cookie and related to your use of the website as well as the processing of this data by Microsoft by contradicting the collection and use under the following link: http://choice.microsoft.com/de-DE/opt-outIhren

    For more information about privacy and cookies on Microsoft and Bing Ads, visit the Microsoft website https://privacy.microsoft.com/de-de/privacystatement.

    FriendlyDuck/ Affiliate System

    For analysis and marketing purposes, as well as for the provision of the website, we use FriendlyDuck (a platform of FriendlyDuck S.r.l., Via XXVIII Luglio, 212, 47893 Borgo Maggiore). FriendlyDuck introduces on the Internet at the domain http://affiliate.friendlyduck.com a platform for the support in the online distribution of goods and services available. If you visit our website, a standard cookie will be set so that our site will be serviceable. The cookie contains i.a. the information from which website you reach our website (see III. Use of Cookies). For the purpose of commission billing we transfer an anonymous visitor ID to our partner, which will be deleted afterwards.

    zendesk livechat

    To provide a live chat with our customer service and to show the conversation, we use the service Zendesk livechat (zendesk.com). There, data is transferred that serves as documentation in customer service. The data collected includes:

    • Chat History
    • specified name
    • IP address
    • country of origin
    • other personal information, depending on the information provided.

    This data will not be disclosed to third parties and will only be used to process and document the requests. By using the chat, you agree that you agree.

    You can find information about Zendesk's chat and privacy policy here: https://www.zendesk.de/company/customers-partners/privacy-policy/

    IXOPAY

    For the provision of payment services and payment methods, we use IXOPAY. IXOPAY, an offer of IXOLIT GmbH, Mariahilfer Str. 77-79, 1060 Vienna, is a PCI-DSS Level 1 certified payment platform. It combines a variety of alternative payment methods and credit card acquirers and enables the secure storage of credit and debit card data (PANs). We use this cookie to prevent fraud and increase the security of payment transactions. The moment you reach our website, an anonymous visitor ID is stored in a cookie for this purpose.

    Dislo

    To provide the website, we use the platform www.dislo.com, a product of IXOLIT GmbH, Mariahilfer Straße 77-79, 1060 Vienna. This cookie helps us to make our website more user-friendly. For this the following data are stored in the cookie:

    • Language settings
    • Articles in a shopping cart
    • Log-in information

    For more information, see Dislo's privacy policy: https://www.dislo.com/en/privacy-policy https://www.dislo.com/de/privacy-policy

    Cloudflare

    To provide and secure this website and to maximize loading times, CloudFlare (a service of CloudFlare Inc., 101 Townsend St., San Francisco, CA 94107) is being used as a "Content Delivery Network" (CDN service). A CDN is a service that helps deliver content from our online offering, especially large media files, such as graphics or scripts, using regionally distributed and Internet-connected servers. For the CDN service, content data is purpose-bound for performance improvement on CloudFlare servers.
    Cloudflare is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active).
    For more information, see the Cloudflare Privacy Policy: https://www.cloudflare.com/security-policy.

    Facebook Pixel

    On our website we use the so-called "Facebook Pixel" of the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are located in the EU) to analyze and optimize our online offer. Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland).
    Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
    With the help of the Facebook pixel, Facebook is able to designate the visitors to our website as a target group for the display of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads we have been sent only to those Facebook users who have also shown an interest in our online shop or who have certain characteristics (interest in certain products, etc.) that we use Facebook (so-called "Custom Audiences"). In addition, by using the Facebook Pixel, we want to ensure that our Facebook Ads are in line with the potential interest of users and are not annoying. Finally, with the help of the Facebook pixel, we can track the effectiveness of Facebook ads for statistical and market research purposes, by seeing whether users have been redirected to our site after clicking on a Facebook ad (so-called "conversion").
    The privacy information of Facebook can be found here: https://www.facebook.com/about/privacy/ https://www.facebook.com/about/privacy/
    Information and details about the Facebook pixel can be found here: https://www.facebook.com/business/help/651294705016616.
    You may object to the capture by the Facebook Pixel and use of your data to display Facebook Ads under the following link: https://www.facebook.com/settings?tab=ads.

    When you visit our website you will be informed about the use of cookies for analysis purposes and pointed to this privacy policy. In this context, there is also an indication of how the storage of cookies in the browser settings can be prevented.

    b) Legal basis for the processing of personal data

    The legal basis for data processing is Art. 6 para. 1 lit. f DSGVO.

    c) Purpose of the data processing

    By using the aforementioned cookies, we aim to improve the performance and enjoyment of our service, as well as to ensure the marketing of our website.

    d) Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    e) Opposition and removal options

    Du kannst dich über die Google Analytics-Deaktivierungsseite (https://tools.google.com/dlpage/gaoptout?hl=de) von Google Analytics abmelden

    You can sign out of Google Analytics through the Google Analytics opt-out page (https://support.google.com/dfp_premium/answer/2839090?hl=de) .

    You may disable the use of third-party cookies by visiting the opt-out page of the Network Advertising (http://optout.networkadvertising.org/?c=1#!/) initiative.

    We recommend to allow all cookies on the website, otherwise the functionality may be limited. If you still want to disable cookies, this is how it works:

    Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de

    Edge: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

    Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

    Safari: https://support.apple.com/kb/PH21411?locale=de_DE

    3. Website analytics services

    a) Description and extent of processing of personal data

    Web analytics with Google Analytics

    This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. By activating the IP anonymization on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all the features of this website in full.

    In addition, we have made settings that Google Analytics deletes the last part of the IP addresses of visitors to our website. Hereby we do not come into possession of data that allow us to draw conclusions about your person.

    Mixpanel:

    In addition, we use the tracking tool from www.mixpanel.com, a web analytics service provided by Mixpanel Inc. Cookies can be used for this purpose. These are small text files that are stored locally on the site visitor's computer, allowing them to be recognized when revisiting our website. Mixpanel Inc. collects and stores usage data in pseudonymous profiles. The pseudonymous usage profiles are not merged with personal data about the bearer of the pseudonym.

    Mixpanel is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

    You can view the Privacy Policy of Mixpanel here: https://mixpanel.com/terms.

    b) Legal basis for the processing of personal data

    The legal basis is Art. 6 para. 1 lit. f DSGVO

    c) Purpose of the data processing

    The use of the website analysis services optimizes the website and our offer. Google and Mixpanel uses the information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and Internet usage to the website operator.

    d) Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection.

    e) Opposition and removal options

    You can prevent the storage of cookies by setting your browser software accordingly; However, we point out that in this case you may not be able to use all the features of this website in full.

    Google Analytics:

    In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=en. Mobile users can disable Google Analytics at this link.

    Mixpanel:

    The data collection and storage for the purpose of web analytics, you can at any time object to the future by clicking the service by clicking on "Yes, I would like to opt out" on this page https://mixpanel.com/optout/ In this case, please note that as a result of this a cookie will be set on your device, which will stop you from collecting and evaluating any data, so you should not delete this cookie.

    4. Newsletter shipping and tracking

    a) Description and scope of the processing of personal data, purpose of data processing

    For sending e-mails or newsletters we use the list provider MailChimp, an offer from The Rocket Science Group, LLC, 512 Means St, Suite 404 Atlanta, GA 30318.

    The following data is transferred to MailChimp and stored there:

  • E-mail address
  • language variant
  • MailChimp offers extensive analysis of how the newsletters are opened and used. These analyzes are group-related and are not used by us for individual evaluation. In addition, MailChimp uses the analytics tool Google Analytics and, if necessary, integrates it into the newsletter. More information about MailChimp and privacy at MailChimp can be found here: www.mailchimp.com/legal/privacy/

    MailChimp is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active)..

    The information gained helps us to optimize our service.

    You can cancel the subscription to the newsletter at any time. (short description, for example link to cancellation is in each newsletter). The data you provide will be deleted.

    b) Legal basis for the processing of personal data

    The legal basis is Art. 6 para. 1 lit. f DSGVO

    c) Duration of storage

    The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The e-mail address of the user is therefore stored as long as the subscription to the newsletter is active.

    d) Opposition and removal options

    Opposition and removal options

    We also respect the "do not track" signals and do not track, do not use cookies, and do not use advertisements when there is a "not tracking" (DNT) browser mechanism.

    XI. Rights of the person concerned

    If you process personally identifiable information, you are i.S.d. DSGVO and you have the following rights to the person responsible:

    1. Right to information

    You may ask the person in charge to confirm if personal data concerning you is processed by us.

    If such processing is available, you can request information from the person responsible about the following information:

    (1) the purposes for which the personal data are processed;

    (2) the categories of personal data being processed;

    (3) the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;

    (4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;

    (5) the right of rectification or deletion of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

    (6) the right of rectification or deletion of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

    (7) all available information on the source of the data if the personal data is not collected from the data subject;

    (8) the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.

    You have the right to request information about whether your personal information relates to a third country or an international organization. In this regard, you can ask for the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.

    Right to rectification

    You have a right to rectification and / or completion to the controller, if the processed personal data relating to you is incorrect or incomplete. The responsible person must make the correction without delay.

    Right to restriction of processing

    You may request the restriction of the processing of your personal data under the following conditions:

    (1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

    (2) You revoke your consent to the processing gem. Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. DSGVO and there is no other legal basis for processing.

    (3) You lay gem. Art. 21 para. 1 DSGVO objection to the processing and there are no prior justifiable reasons for processing, or you submit gem. Art. 21 para. 2 DSGVO Opposition to processing. or/p>

    (4) if you have filed an objection to the processing pursuant to Art. 21 para. 1 DSGVO and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons.

    If the processing of your personal information has been restricted, such data may be stored, except for yours, only with your consent or for the purposes of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest Union or a Member State.

    If the limitation of the processing after the o.g. If conditions are restricted, you will be instructed by the person in charge before the restriction is lifted.

    Right to delete

    a) deletion of duty

    You may require the controller to delete your personal information without delay, and the controller is required to delete that information immediately if one of the following is true:

    (1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed

    (2) You revoke your consent to the processing gem. Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. DSGVO and there is no other legal basis for processing.

    (3) You lay gem. Art. 21 para. 1 DSGVO objection to the processing and there are no prior justifiable reasons for processing, or you submit gem. Art. 21 para. 2 DSGVO Opposition to processing.

    (4) Your personal data has been processed unlawfully.

    (5) The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.

    (6) The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

    Information to third parties

    If the person in charge has made the personal data relating to you public and is in accordance with. Article 17 (1) of the GDPR, with due regard to available technology and implementation costs, shall take appropriate measures, including technical means, to inform data controllers who process the personal data that you are affected Persons requesting deletion of all links to such personal data or of copies or replications of such personal data.

    Exceptions

    The right to erasure does not exist if the processing is necessary/p>

    (1) to exercise the right to freedom of expression and information;

    (2) to fulfill a legal obligation required by the law of the Union or of the Member States to which the controller is subject, or to carry out a task which is in the public interest or in the exercise of official authority conferring on the controller has been;

    (3) for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;

    (4)for archival purposes of public interest, scientific or historical research purposes or for statistical purposes acc. Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or

    (5) to assert, exercise or defend legal claims.

    Right to information

    If you have asserted the right of rectification, erasure or restriction of the processing to the controller, he / she is obliged to notify all recipients to whom the personal data relating to you have been corrected or deleted or processing restricted, unless: this proves to be impossible or involves a disproportionate effort. You have a right to the person responsible to be informed about these recipients.

    Right to data portability

    You have the right to receive the personal information that you provide to the controller in a structured, common and machine-readable format. You also have the right to transfer this information to another person without hindrance by the person responsible for the personal data provided, provided that

    (1) the processing on a consent acc. Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a DSGVO or on a contract acc. Art. 6 para. 1 lit. b DSGVO is based and

    (2) the processing is done by automated means.

    In exercising this right, you also have the right to obtain that personal data relating to you be transmitted directly from one person responsible to another person responsible, as far as this is technically feasible. Freedoms and rights of other persons may not be affected.

    The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.

    Contradictory legal

    You have the right at any time, for reasons that arise from your particular situation, against the processing of personal data concerning you, which, pursuant to Art. 6 para. 1 lit. e or f DSGVO takes an objection; this also applies to profiling based on these provisions. The controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims. If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to opt-out by means of automated procedures that use technical specifications.

    Right to revoke the data protection consent declaration

    You have the right to revoke your privacy statement at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

    Automated decision on an individual basis including profiling

    You have the right not to be subjected to a decision based solely on automated processing - including profiling - that will have legal effect or similarly affect you in a similar manner. This does not apply if the decision

    (1) is required for the conclusion or performance of a contract between you and the controller,

    (2) is permissible under Union or Member State legislation to which the controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or

    (3) with your express consent.

    However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g DSGVO applies and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests.

    With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to uphold the rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person by the controller, to express his / her own position and heard on challenge of the decision

    Right to complain to a supervisory authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of alleged infringement, if you believe that the processing of your personal data is against you the DSGVO violates.

    The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

     

    XII Facebook Fanpage

    1. Description and scope of data processing

    We have set up a Facebook fan page at [https://www.facebook.com/SpyOFFVPN]. This is an offer from Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbor, Dublin 2, Ireland. You do not need to be a member of Facebook to see the contents of our Facebook Fanpage. Every time you visit our fan page, Facebook collects, stores and uses the visitor's data, so-called page insights. Facebook provides us as the operator of the fan page these site insights. Page Insights are aggregated data that shows how people interact with our site. Site insights may be based on personal information collected in connection with a visit or interaction of people on or with our site and its content. For the processing of the side insights we are grds. responsible together with Facebook. However, Facebook bears the primary responsibility for processing and is the contact person for the data protection obligations under the GDPR (information obligations, data subject rights, data security and notification of data breaches). We point out that only Facebook can make and implement decisions regarding the processing of Insights data and we have no influence on them. Further information and the privacy policy of Facebook can be found here: https://www.facebook.com/about/privacy/ https://de-de.facebook.com/help/pages/insights

    2. Legal basis for data processing

    The legal basis is Art. 6 para. 1 lit. f DSGVO.

    3. Purpose of data processing

    By running a Facebook Fanpage and the related use The site insights data we want the performance and user experience improve our offer and this to the wishes and interests of our customers and our customers an additional information and communication channel

    4. Duration of storage, repudiation and disposal

    If you do not want Facebook to collect data about you through our Fanpage, should you log out of Facebook or deactivate the function "stay logged in", delete the cookies on your device and stop and restart your browser. In this way, Facebook information about which you could be immediately identified will be deleted. Of course you can get all the essential information on our Facebook Fanpage can also be found on our website [https://www.facebook.com/SpyOFFVPN].