Data Privacy and Data Protection Statement

We take data protection and data privacy seriously. We have no intention to collect any personal data from you that is not willingly provided by yourself. We have no intent to use your personal data for any purpose that was not obvious at the moment you provided the data.

All data is collected and processed in compliance with the GDPR (General Data Protection Regulation).

We will never give your data to any third parties for their own use without getting your prior and explicit consent for each individual situation.

We do however use external systems (e.g. web servers, email servers) managed by other companies to store your data. The companies operating the data storage and processing systems for me are called Data Processors in the terminology of the GDPR.

The Data Processors we work with are contractually bound to treat any personal data I entrust to them strictly in accordance to our agreements and apply the standards of the GDPR to the data too.

Upon request, you are entitled to get a copy of the personal data we stored about you. You have the right to request that your personal data is deleted.

Here is an overview of the data we collect and what we do with it.

When you visit this website

Web server log files

Whenever you visit and page on this site, your browser request will be stored in the web server log files.

What data is collected?

The request data collected includes the page requested, your browser (user agent) and your public IP address.

Where is the data stored?

The data is stored on our own servers located in Germany.

For what purposed do we collect the data and for how long will it be stored?

This data is used to detect technical problems with our website as well as to detect abuse like hacking attempts and (D)DNS attacks on the website.

While this data includes your IP address, which could be used to identify you as a person, we never combine the server log file data with other information that might allow us to do so.

The only exception to this rule are attacks and illegal abuse of the website. In this case we will pass on this data as well as data related to the incident to the law enforcement authorities to investigate criminal activity.

Unless there were any suspicious, potential criminal activities that need to be investigated, all server log file data is automatically deleted after 30 days.

Google Analytics

We use Google Analytics to track any visit to this website.

What data is collected?

We collect the pages visited, the source of the link to us (if any), the time spent on each page, and the browser and device type used.

We do only collect session information. We do no use cookies that would allow us identify you as a person. Any cookie our google analytics interface will set expires automatically after a maximum of 24 hours.

You IP address is anonymized before it is ever written to disk.

Due to the self-imposed limitations to Google Analytics describe above, it is not possible to link any data we collect with Google Analytics to you as a person. For this reason, we do not consider this to be personal data in the sense of the GDPR.

Where is the data stored?

The data is stored by Google in the United States of America.

For what purposed do we collect the data and for how long will it be stored?

We collect and analyze this data to gather information which content on this site draws the most attention and interest.

We use the insight from this analysis to decide which topics we will cover in the future and which type of content works best to transport the information we provide.

As some interesting insights can be gained from analyzing long term behavioral pattern, we do store this data indefinitely.

This data does not include any information that can be used to identify you as a person. We do include this information here only for completeness and clarification.

When you subscribe to the Ivercy Newsletter

What data is collected?

We ask you to enter your email address and your name. We will store this together with the date of subscription and the IP address used to submit the data.

You will receive an opt-in request that you need to confirm before we will store your email.

Additional we collect the page on which you subscribe to the newsletter and in which language (English/German) that text was.

Where is the data stored?

This data will be stored by our mailing list partner Mailchimp in the United States.

Mailchimp is certified to the EU-U.S. Privacy Shield Framework and we do have a data processing contract with Mailchimp that binds them to the legal framework of the GDPR as well.

For what purposed do we collect the data and for how long will it be stored?

We will use your email address to send emails to you. – That’s why you subscribed, isn’t it?

You name is used to personally address you in these emails.

The IP-Address and the date of subscription are required to document your expressed consent to receiving email from us.

This data is stored as long as you subscribe to the newsletter. Every email we send includes a link to update your personal data in this email list as well as a link to unsubscribe from this list.

You purchased Ivercy through our payment processor Avangate/2Checkout.

When purchasing Ivercy licenses on our website, you will be directed to a web page hosted by our payment processor Avangate/2Checkout.

What data is collected?

On our behalf, Avangate/2Checkout will collect data required to conduct the financial transaction with you.

The data collected will include your name, company name, email- and physical address as well as the required payment details.

Avangate/2Checkout will share your name, contact details, company affiliation and the details about our products (license keys) you purchased through them with us.

Avangate/2Checkout will NOT share any details about the payment process beyond the payment method with us.

Particularly we will never receive any credit card numbers, bank account details, or Paypal account details from them.

Where is the data stored?

We contracted Avangate/2Checkout to handle the payment process according to GDPR requirements. Avangate/2Checkout’s main headquarters is located in The Netherlands and therefore they are immediately bound by GDPR regulations themselves.

For data security and redundancy Avangate/2Checkout may store their data in a secondary data center located in the United States. This company internal data exchange is certified to the EU-U.S. Privacy Shield Framework and compliant to the GDPR.

For what purposed do we collect the data and for how long will it be stored?

Avangate/2Checkout has to collect this data to process the payment in accordance with European business legal requirements for proper accounting.

According to these legal requirements, the transaction data has to be stored for 10 years beginning with the year after the transaction was completed.

We will store your name, contact details, company affiliation and license details in our customer database. We will use the information to provide product support and to contact you with information regarding our product, including but not limited to information about support contract expiry.

You purchase Ivercy directly with us.

If you purchase Ivercy licenses directly with us, we are your counterparty of the financial transaction.

What data is collected?

We will ask you to provide your company name and full physical address. Additionally, you may provide additional information, such as a VAT- or GST-Id, your purchase order id and related information required to conduct the transaction in compliance to your company policies.

Where is the data stored?

This data will be stored on our own servers in Germany will be transferred to our partners for accounting services and document storage. All data centers storing the data are located inside the EU and the companies managing these data centers are GDPR compliant data processors.

For what purposed do we collect the data and for how long will it be stored?

We have to collect this data to create an invoice and process the payment in accordance with European business legal requirements for proper accounting.

According to these legal requirements, the invoice and transaction data has to be stored for 10 years beginning with the year after the transaction was completed.

We will store your name, contact details, company affiliation and license details in our customer database. We will use the information to provide product support and to contact you with information regarding our product, including but not limited to information about support contract expiry.

You send an email to Ivercy Support

What data is collected?

Obviously, we will store your email address and the content and attachments (if any) of your email message, whatever they may be.

If your email included information about your technical environment, like the used source code control system, operating system, Microsoft Access versions and other information relevant to the use of Ivercy in your organization, we may store this information in a structured and query-able way.

For what purposed do we collect the data and for how long will it be stored?

Foremost we use the information you provided to answer your inquiry.

Beyond that we may store any information you provide for future reference. Particularly to be able to answer future inquiries from you or someone else in your organization more efficiently and specifically tailored to the environment Ivercy is used in your organization.

We may use the information you provide to improve our product(s), improve existing or create new content on this website.

By default, your email will be stored according to German laws for business correspondence for 6 years beginning with the year after your email was received.

If your email was related to a financial transaction, e.g. a request for a quotation, a purchase order or an inquiry regarding an invoice, we might be required to store your email for 10 years beginning with the year after your email was received, according to German laws for proper business accounting.

You can request deleting your email any time. However, upon receiving such a request we need to assess whether we can immediately comply and delete the email correspondence or if we are required by law to keep it according to the above outlined legal requirements.

Responsible Person for Data Protection

I, Philipp Stiefel as the business owner, am personally responsible for data privacy and data protection according to the GDPR. You can send any inquiries regarding data privacy and data protection to info@ivercy.com. This includes any request for a copy of your personal data we have got on record as well as a request for erasing your personal data.

Responsible Regulatory Authority

If you have any concerns regarding data privacy, data protection and our handling of your personal data, I ask you to contact us first and allow us to answer your questions and address your concerns.

However, if you feel we are not dealing with your requests in an appropriate and timely manner, you can contact the regulatory authority responsible for our business.

The responsible regulatory authority is:

Der Hessische Datenschutzbeauftragte
Prof. Dr. Michael Ronellenfitsch
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany

Phone: + 49 (611) 14 08-0
Fax: + 49 (611) 14 08-900
E-Mail: poststelle{at}datenschutz.hessen{dot}de (PGP Key)
Homepage: http://www.datenschutz.hessen.de