Share this on

Privacy Policy


You are here: InLoox Privacy Policy

For EU GDPR Data Subjects

For Non-GDPR Subjects 


 

 

Data privacy statement for EU GDPR Data Subjects

If you are residing in the European Union or are subject to the GDPR, the following policy is effective:

Any collection, processing and use (hereinafter "use") of data is solely for the purpose of providing our services. The services of InLoox GmbH have been designed to use as little personal information as possible. For that matter, "personal data" is understood as all individual details about a person or factual circumstances of an identifiable natural person (so-called "affected person").The following statements on data protection describe what types of data are collected when accessing our website, what happens with these data and how you may object to data usage.

Responsible within the meaning of the EU General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG) is:

InLoox GmbH („InLoox“)

Address:        Walter-Gropius-Strasse 17, 80807 Munich, Germany

Phone:           +49 (0) 89 3589988-0

Email:             info@inloox.com

Homepage:    https://www.inloox.de

Data security officer:

Kemal Webersohn of WS Datenschutz GmbH

WS Datenschutz GmbH        
- Datenschutz -
Meinekestraße 13                                                              
D-10719 Berlin

https://ws-datenschutz.de         

Data privacy email address: dataprotection@inloox.com

I. Protection of your data

We have taken technical and organizational measures to ensure that the requirements of the EU General Data Protection Regulation (GDPR) are met by us, as well as, by external service providers working for us. If we work with other companies to provide our services, such as email and server providers, this will only be done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in terms of technical and organizational data protection skills. This selection procedure will be documented in writing and an agreement on the order processing of data (order processing contract) will only be concluded if the third party complies with the requirements of Art. 28 GDPR. Your information will be stored on specially protected servers. Access to it is only possible for a few specially authorized persons. Our website is SSL/TLS encrypted, as can be seen by the https:// at the start of our URL. This also involves e-mail communications, which is encoded via SSL certificate.

We process personal data only if necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

 

II. Use of data on this website and in logfiles

I. Scope of processing personal data

When visiting our website, our web servers temporarily store every access in a log file. The following data is collected and stored until automated erasure:

  • IP-address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Transmitted amount of data
  • Message if the retrieval was successful
  • Detection data of the browser and operating system used
  • Website from which access is made
  • Name of your Internet access provider

II. Legal basis for processing personal data

The legal basis for the temporary storage of the data and log files is Art. 6 para. 1 s. 1 lit. f) of the GDPR. Our legitimate interest is to make our website accessible for you.

III. Purpose of data processing

The processing of this data serves: the purpose of enabling the use of the website (connection establishment), system security, the technical administration of the network infrastructure, as well as to optimize the website. The IP address is evaluated only in case of attacks on our network infrastructure or the network infrastructure of our internet provider. Furthermore, no input of your personal data is required to use our website.

IV. Duration of storage

As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out. This happens as soon as you close our website. Our hosting service might use data for statistical purposes. Any personal data will be anonymized for this. Our hosting service will delete this data after a period of 90 days.

V. Right of objection and erasure

The data processing is necessary in order to present the website and to ensure the website’s operation. Therefore, objecting is impossible.

  

III. Use of cookies

I. Description and scope of data processing

Our website uses cookies that are stored on your computer when you use your website. Cookies are small text files that are stored on your hard drive, assigned to the browser you use, and by which InLoox or the body that sets the cookie, certain information flows: 

  • Frequency of website visits
  • Which functions of the website are used by you
  • Search terms used
  • your cookie setting
  • your language setting
  • Your shopping cart content  

Cookies cannot run programs or transmit viruses to your computer. When visiting a website, a cookie banner refers to the privacy policy.

II. Legal basis for data processing

This processing is legally based on Art. 6 para. 1 s. 1 lit. f) GDPR.

III. Purpose of data processing

Our legitimate interests are to provide you with a working website connection and to ensure a comfortable use of this website. Also, we need to process your personal data to solve occurring safety and security issues, as well as to ensure system stability. The data processing takes place to make a statistical evaluation of our website possible.

IV. Duration of storage

This website uses the following types of cookies. The extend and function of each are being explained below:

Transient cookies are automatically deleted when you close the browser. This is especially true for session cookies which store your session ID, with which various requests from your browser can be assigned to your session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.

V. Right to objection and erasure

You can delete the cookies in the security settings of your browser at any time. Please be aware that you may not be able to use all features of this site, when deleting the cookies from your browser history. The use of cookies can be prevented by appropriate browser settings at any time.

 

IV. Contact

I. Description and scope of data processing

Via the website it is possible to contact us via e-mail or a contact form. This will require different data to answer the request, which will be automatically saved for processing. The following data will be collected at least (marked as required) within the contact form: the first name, the last name and the e-mail address. You can also voluntarily provide information on the phone number and the address (if requesting documents) and leave a comment / message text. We will only process your data in accordance with the contractual obligations of the concluded contract and send it to the following categories of external recipients:

  • external reseller partners, who are bound to a data protection and confidentiality agreement by InLoox. 

II. Legal basis for data processing

The legal basis depends on Art. 6 para. 1 s. 1 lit. b) GDPR.

III. Purpose of data processing

The processing of personal data from the input form is used solely handling the contact request.

IV. Duration of storage

Your data will be deleted by us immediately after 180 days, unless official, statutory or contractual retention periods are opposed to deletion.

V. Right to objection and erasure

The user has the right to withdraw their consent to the processing of personal data at any time. If the user contacts us, they can object to storage of their personal data at any time. In such cases, the conversation cannot be continued. All personal data that has been stored in the course of the contact will be deleted.  

 

V. Freshdesk

I. Description and scope of data processing

For your support requests, we use the Freshdesk Customer Support software provided by Freshworks Inc., 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, USA. 

Freshworks assures that it has taken appropriate technical and organizational measures to protect the data. Contractually regulated is the use of a data center in Frankfurt am Main, Germany and a data protection compliant data processing agreement: https://www.freshworks.com/privacy/

II. Legal basis of data processing

The legal bases of the processing of data are Art. 6 (1) sentence 1 lit. b) and lit. f) GDPR and takes place for the purpose of examining and answering inquiries, in particular also for the implementation of pre-contractual measures. For this purpose, results our legitimate interest as well as from the need for direct customer communication.

III. Duration of storage

We only process your data to process your contact request.

IV. Right to objection and erasure

You can revoke your consent to data processing at any time. For this please contact our data protection officer.

 

VI. Registration on the website

I. Description and scope of data processing

You can register on our website. For this it is necessary that the data subject enters personal data in the registration mask. The following data is collected at least: your last name, the username and the e-mail address. In addition, the first name can be optionally specified. We will only process your data in accordance with the contractual obligations of the concluded contract and send it to the following categories of external recipients:

  • external reseller partners, who are bound to a data protection and confidentiality agreement by InLoox. 

II. Legal basis for data processing

If the data subject enters mandatory personal data in the registration form, the legal basis of the data processing is based on Art. 6 para. 1 s. 1 lit. b) GDPR. However, if the user also enters personal data in the optional input field, the data processing is based on Art. 6 para. 1 s. 1 lit. a) GDPR.

III. Purpose of data processing

The processing of personal data is used solely for us to finish your registration and organize your website-account.

Duration of storage

The data are deleted as soon as the purpose of storage is no longer required. This is the case if you delete your account and no statutory or regulatory retention periods of erasure contradict.

IV. Right to objection and erasure

During and after the registration, the data subject is free to change, correct or delete their personal data.

 

VII. Data processing for applications

I. Description and scope of data processing

Via our website it is possible to apply via e-mail (bewerbung@inloox.com). For this purpose, personal data are processed and stored for further processing for the respective application process.

II. Legal basis for data processing

Data processing will be based on Art. 88 GDPR and § 26 BDSG (2018).

III. Purpose of data processing

We process your data exclusively for the purpose of carrying out the application process.

IV. Duration and storage

In case of successful application and employment, the personal data is stored in accordance with the legal requirements. In case of unsuccessful application, the data will be deleted in accordance with the rules of the local erasure concept. In doing so the provisions of the AGG (German Employment Law), especially the existing evidence pursuant to § 22 AGG, are considered.

This does not apply if we are obliged to any legal erasure periods or if you have given consent to store your data for further communication with us (e.g. we have another suitable job in the future). If you have given consent the legal basis for further storage of your data is Art. 6 para. 1 s. 1 lit. c) or lit. a) GDPR.

V. Right to objection and erasure

You can contact us at any time and object to further processing of your data. All personal data of the application process will be deleted in this case.

 

VIII. Newsletter

I. Description and scope of data processing

On our website visitors can subscribe to our newsletter. When signing-up to receive a newsletter, we ask for your email address. This data is necessary to send the newsletter to its recipients. The newsletter will be sent via email after the sign-up process on our website is completed. In order to meet the requirements of the GDPR, we use DOI (Double Opt.-In). If you sign up for our newsletter, we will send a confirmation email to the address you provided us with. This email contains a confirmation link that you must click to complete the sign-up process. Following this procedure, the IP address, date and time of login are stored. This is done to prevent abuses. We won’t transfer the data to third parties.

II. Legal basis for data processing

This processing is legally based on Art. 6 para. 1 s.1 lit. a) GDPR, thus your consent. Existing customers may also receive our newsletter without having given their explicit consent. This is carried out only within the strict boundaries of § 7 para.3 UWG (German Act against unfair Competition) and in accordance to Art. 95 GDPR. This equals the legal basis of Art. 6 para. 1 s.1 lit. f) GDPR. Our legitimate interests are to provide information about our products through promotional e-mails to our existing customers and thereby keep in contact with these customers.

III. Purpose of data processing

The newsletter has the functions of informing the affected parties about offers and news at a regular basis.

IV. Duration of storage

We process personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

V. Right to objection and erasure

The consent to receiving the newsletter can be revoked by you at any time. For this purpose, you can click the integrated link in each newsletter to unsubscribe. It is also possible to inform us about the revocation of the consent in any other way, e.g. via mail or email. 

VI. Mailchimp

a. Description and scope of data processing

The newsletter is sent via "Mailchimp", an online marketing platform. The data of the newsletter recipient is stored on Mailchimp servers in the USA. Mailchimp uses this information for sending and evaluating the newsletters on our behalf as well as for optimizing or improving our own services, e.g. for the technical optimization of the shipping, the presentation of the newsletter, for economic purposes or to determine from which countries the recipients come. However, Mailchimp does not use the data to write it down or to pass it on to third parties. The newsletters contain a so-called "web beacon", i. a pixel-sized file that is retrieved from the Mailchimp server when the newsletter is opened. The following technical information will be collected as part of this retrieval: information about the browser and your system, your IP address, time of retrieval, if and how often the newsletter was opened, and which links are clicked. It is neither our desire nor that of Mailchimp to observe individual users. You can view the privacy policy of Mailchimp at https://mailchimp.com/legal/privacy/

Data processing is performed by: Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA.

b. Legal basis for data processing

This data processing is legally based on our legitimate interests in efficiently and safely sending our newsletter, Art 6 para. 1 s. 1 lit. f) GDPR.

c. Purpose of data processing

We use Mailchimp as our sub- processor to ensure an efficient management of our mailing list and to send newsletters to stay in touch with you.

d. Duration of storage

Mailchimp claims to keep your personal data only as long as we use it for sending newsletters. When we delete you from our mailing list, Mailchimp will delete this data as well.

e. Right to objection and erasure

You can object to the processing of your data by Mailchimp. We will take your objection into consideration and will notify you if and why we continue the processing. You are also free to use the „opt out“-link in the footer of each e-mail. If you do so, we will delete your e-mail address from our mailing list which in turn will prompt Mailchimp to stop processing your personal data. This will not have any effect on other mailing lists (e.g. by other companies) managed through Mailchimp.

 

XI. Blog

I. Description and scope of data processing

We run a blog.

II. Legal basis of data processing

This data processing is legally based on our legitimate interest Art. 6 para. 1 s.1 lit. f) GDPR) in enabling our users to participate in an active and fair community.

III. Purpose of data processing

The collection of data is intended to ensure the stability and usability of this website and the blog. Also, it is necessary to prevent misuse.

IV. Duration of storage

We process personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

V. Right to objection and erasure

As far as our data processing is based on our legitimate interest, you have the possibility of objecting to data processing (see Art. 21 GDPR and “Your rights”). In the event of a disagreement, we please provide us with the reasons why we should not process your personal data as we have done. We will then examine the situation and either discontinue or adjust the data processing or will tell you based on which reasons we have to continue this processing.

 

X. Online shopping

I. Description and scope of data processing

When you order from InLoox, we will process the name, address, telephone number and e-mail address of you.

II. Legal basis for data processing

The legal basis for this data processing is Art. 6 para. 1 s.1 lit. b) GDPR. We are processing your data for the fulfilment of purchase contracts and supply agreements.

III. Purpose of data processing

We process your data in order to conclude the purchase contract with you and to process the invoice by e-mail or post and payment receipt and to inform you of any changes. We pass your data on to our service providers, so that they can process the purchase and communicate with you if necessary.

IV. Duration of storage

Your data will only be stored as long as this is necessary for the fulfilment of the purpose and as long as we are obliged by law to store your data.

V. Right to objection and erasure

The data processing is necessary in order to be able to process your purchase contract, which is why it cannot be waived. There is therefore no option to object.

VI. Credit Card

a. Description and scope of data processing

If you want to pay for your order via our online shop with your credit card, we need the following data to process the payment: name, address, e-mail address, credit card number, name of the credit card holder, period of validity of the credit card. Our service manager Braintree check the entered data together with the data of your order.

Braintree is a PayPal company: PayPal (Europe) S.à r.l. et Cie, S.C.A .; 22-24 Boulevard Royal; L-2449 Luxembourg.

And handles credit card payments. Your personal data will be passed on to Braintree solely for the purpose of processing the online order.

Braintree's privacy policy can be found at: https://www.braintreepayments.com/legal/braintree-privacy-policy

b. Legal basis of data processing

The legal basis for the data processing is Art. 6 para. 1 s. 1 lit. b) GDPR. The processing of your data is required for payment by credit card.

c. Purpose of data processing

The transmission of the data is necessary to prevent any possible misuse and use the data after successful verification to process the agreed payment by credit card.

d. Duration of storage

We process personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

e. Right to objection and erasure

Data processing is mandatory in order to process your payment, so it cannot be waived if you have chosen this payment method. Therefore, objecting is impossible.

VII. Direct debit

a. Description and scope of data processing

If you opt for the direct debit procedure, the name of the account holder, the IBAN, the order number, the invoice amount will be processed. InLoox does not process the payment data itself, but these are processed directly by the service provider who processes the payment. The service provider cannot assign this information to other information (such as your address or e-mail address). Please note the privacy policy of the service provider: https://www.sskm.de/de/home/toolbar/datenschutz.html?n=true&stref=footer

b. Legal basis of data processing

The legal basis for data processing is Art. 6 para. 1 s. 1 lit. b) GDPR.

c. Purpose of data processing

The processing of the data is required for payment by direct debit and thus for the execution of the contract.

d. Duration of storage

We process personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

e. Right to objection and erasure

Data processing is mandatory in order to process your payment by direct debit, which is why you cannot waive it if you have chosen this payment method. There is therefore no option to object.

VIII. PayPal

a. Description and scope of data processing

We offer PayPal as a possible payment service. PayPal is a virtual account model and means of payment. To use the payment service, you must first register with PayPal. If you use PayPal as a means of payment, the following personal data will be transmitted to PayPal: first name, surname, address, e-mail address, IP address, telephone number, possibly mobile number and other data required for the final payment transaction , In addition to the transfer of data to credit bureaus, it is also possible that PayPal may transfer the personal data to affiliated companies, including subcontractors or order data processors, as far as this is necessary to fulfill the contractual obligations. For the privacy policy of PayPal, please refer to the following link: https://www.paypal.com/en/webapps/mpp/ua/privacy-full 

The data processing is carried out by: PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

b. Legal basis of data processing

The legal basis for the data processing is Art. 6 para. 1 s. 1 lit. b) GDPR.

c. Purpose of data processing

The transmission of the data is necessary to prevent any possible misuse. We inform you that PayPal may transfer your personal information to credit bureaus. This is because PayPal reserves its right to verify the identity and creditworthiness of the user.

d. Duration of storage

We process personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, erasure of the data is carried out according to the standards of the erasure concept, unless legal or contractual regulations oppose this.

e. Right to objection and erasure

Data processing is mandatory in order to process your payment through PayPal, so it cannot be waived if you have chosen this payment method. Therefore, objecting is impossible or would lead to withdrawal from the contract.

 

XI. Social media on our website

I. Description and scope of data processing

InLoox has integrated Facebook, Instagram, LinkedIn, Pinterest, Twitter, Xing and YouTube through links on this website. If you click on a social media link, the web page of the respective social media service is called up. By calling up the respective social media service via our website, you will be sent to the respective social media service where you have visited our website. Data processing is carried out by:

Facebook:     Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA; Outside the US or Canada: Facebook Ireland Ltd., 4 Grand Canal Squa-re, Grand Canal Harbor, Dublin 2, Ireland.

Instagram:     Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA as a product of Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.

LinkedIn:       LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA; Outside of the US or Canada: LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Pinterest:       Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA.

Twitter:          Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

Xing:              XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany.

YouTube:       YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, as a subsidiary of Google LLC., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA; Google Ireland Limited, Gordon House, Barrow Street, Dub-lin 4, Ireland.

 

For more information, please refer to the following data guidelines:

Facebook:     https://de-de.facebook.com/about/privacy/

Instagram:     https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/

LinkedIn:       https://www.linkedin.com/legal/privacy-policy

Pinterest:       https://policy.pinterest.com/en/privacy-policy

Twitter:          https://twitter.com/privacy?lang=en

Xing:              https://www.xing.com/privacy

YouTube:       https://www.google.com/intl/en/policies/privacy/

II. Legal basis of data processing

The legal basis is based on Art. 6 para. 1 p. 1 lit. f) GDPR. Our legitimate interest results from the advertising function of social media. We use these to increase the degree of familiarity of our company.

III. Purpose of data processing

We use social media to promote our company. We also want to give you the opportunity to interact with social media through our website.

IV. Duration of storage

Facebook and Instagram: According to your information, your data is stored for a period of 90 days. At the end of the 90 days, the data will be anonymized so that they cannot be further associated with you.

LinkedIn: According to LinkedIn, the service deletes all personal information when you delete your account from the service. Data can be stored longer under special circumstances. However, these are only processed in anonymized or  agglomerated form.

Pinterest: As long as you have an account with Pinterest or Pinterest needs the data for the purposes for which it was collected, the data will be stored. As soon as Pinterest no longer uses the data and does not oppose any statutory or official retention periods, Pinterest deletes or de-personalizes the data as it says it does.

Twitter: According to Twitters, collected data will be deleted, obfuscated or aggregated after a maximum of 30 days. Twitter does not endeavor to collect data from browsers Twitter believes are in the European Union or in European Free Trade Association (EFTA) countries.

Xing: Xing deletes all data concerning you as soon as you delete your user account.

YouTube: YouTube (Google) deletes the data after 9 or 18 months.

V. Right to objection and erasure

Settings and disagreements on the use of data for advertising purposes are possible within the social media profile settings or via the US page or the EU side of the social media service. The settings are platform independent, i. they are adopted for all devices, such as desktop computers or mobile devices.

VI. Video

a. Description and scope of data processing

YouTube Video: When you visit some pages of our website with embedded videos, your IP address will be sent to YouTube and cookies will be installed on your computer. We incorporated your YouTube videos with the enhanced privacy mode. In this case, YouTube still contacts the Google Ad Manager service - formerly Double Click - from Google, but according to Google's privacy policy, personal information is not evaluated. As a result, YouTube does not store any information about the visitors unless they watch the video. If you click on the video, your IP address will be sent to YouTube and YouTube will know that you have watched the video. If you are logged in to YouTube, this information will also be assigned to your user account. InLoox has no knowledge or influence about any collection and use of your data by YouTube. For more information, see the YouTube / Google data policy: https://www.google.com/intl/en/policies/privacy/  

The data processing is performed by: YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Flowplayer: The service makes it possible to upload, manage and publish videos on your own website or on third-party websites. In order to use certain functions of the website, you may be required to provide personal information: name, mailing address, telephone number, e-mail address, computer type, screen resolution, operating system version, browser type, IP address. For more information, please refer to FlowPlayer's Privacy Policy: https://flowplayer.com/privacy-policy  

The data processing is performed by: Flowplayer AB, Mäster Samuelsgatan 36 111 57, Stockholm, Sweden.

b. Legal basis of data processing

The legal basis is based on Art. 6 para. 1 p. 1 lit. f) GDPR. It is in our legitimate interest to give you a pleasing use of our website.

c. Purpose of data processing

The purpose of the data processing is to make our website as appealing as possible in order to give you a positive user experience, including the possibility to provide you with videos.

d. Duration of storage

YouTube Video: Data collected by YouTube (Google) through plug-ins and advertisements will be deleted after 9 or 18 months of storage.

Flowplayer: The data are deleted if the purpose of the data processing is fulfilled and no legal, contractual or official retention periods preclude a deletion.

e. Right to objection and erasure

YouTube Video: You have the option to log out of YouTube before accessing our website and to delete all cookies from your browsing history. Other settings and disagreements on the use of data for promotional purposes are possible within the YouTube profile settings.

The settings are platform independent, i. they are adopted for all devices, such as desktop computers or mobile devices.

Flowplayer: The setting of cookies can be prevented at any time by appropriate settings in your Internet browser. The already set cookies can also be deleted in the settings of the Internet browser. We express our concern that the inability to set cookies may result in not all features being unrestrictedly available. If you no longer wish to receive marketing-related emails from Flowplayer, you can unsubscribe by following unsubscribing instructions in the latest message you have received, or by contacting legal@flowplayer.com.

 

XII. Third-party tools

I. eTracker

a. Description and scope of data processing

We use eTracker. The website uses technologies from eTracker GmbH (www.etracker.com) to collect and store data for marketing and optimization purposes. From this data, usage profiles can be created under a pseudonym. Cookies can be used. (for further information, please refer to the section “cookies” above). The collected data will not be used to personally identify the visitor of this website without the separately granted consent of the affected person and will not be combined with personal data about the bearer of the pseudonym. The data collection and storage can be objected at any time with effect for the future. 

For more information about eTracker's privacy policy, see the following Internet address:

https://www.etracker.com/en/data-privacy/

b. Legal basis of data processing

Legal basis for processing data is Art. 6 para. 1 s. 1 lit. f) GDPR.

c. Purpose of data processing

We process your data to continue the optimization of our website. This also explains our legitimate interest in data processing.

d. Duration of storage

The data will be deleted as soon as they are no longer needed for our recording purposes.

e. Right to objection and erasure

In order to object to data collection and storage of your data in the future, you can use the following link to obtain an opt-out cookie from eTracker, which ensures that no visitor data from your browser will be collected and stored by eTracker in the future: http://www.etracker.de/privacy?sid=6b97bbfb30119fa7957b126d8d002b70&id=privacy&et=V23Jbb&languageId=2. The opt-out cookie is named "cntcookie" and is set by "eTracker". Please do not delete this opt-out cookie as long as you wish to maintain your objection.

II. Google

a. Description and data processing

Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ad Manager is used to display ads about products and services that may interest you.

Google Ads is an internet advertising service. If you have reached our website through a Google ad, Google will set a so-called conversion cookie on your system. It is used to create and analyze visit statistics. The IP address is processed for this. This data is stored in the US. It is possible that Google will share this information with third parties. Additional information about Google Ad Manager can be found at https://www.google.com/policies/technologies/ads/. Here are some pointers to what you can do to prevent the submitted information from being used by Google Ad Manager.

Google Remarketing allows you to display user-related ads (even when visiting other websites) that have previously registered on our website. A cookie will be set to help you recognize it if you visit a webpage that also uses Google Remarketing. As a result, Google can understand your IP address and browsing behavior.

Google Tag Manager is a solution that allows us to manage so-called web page tags via a user interface and so on. Include Google Analytics in our online offer. Google Tag Manager itself, which implements the tags, does not process personally identifiable information. Google Tag Manager's usage policies can be found here: https://www.google.com/intl/en/tagmanager/use-policy.html

Google Analytics uses cookies that enable us to analyze your use of our website. The information collected by means of a cookie is: IP address, access time, access time. These are transmitted to a Google server in the USA and stored there. The evaluation of your activities on our website is transmitted to us in the form of reports. Google may pass on the information collected to third parties, if required by law or as far as third parties process this data in the commission of Google. The Google tracking codes on our website use the function "_anonymizeIp ()", so that IP addresses are processed only shortened, in order to exclude any possible direct personal reference with you. Visit http://www.google.com/analytics/terms/en.html for more information on the Google Analytics terms of service.

Google Web Fonts allows the consistent presentation of fonts on our website. When a page is called up, your browser loads the required Web fonts into its browser cache in order to correctly display texts and fonts. For this, the browser you use must connect to Google's servers. As a result, Google learns that our website has been accessed via your IP address. If your browser does not support web fonts, a default font will be used by your computer. For more information about Google Web Fonts, visit https://developers.google.com/fonts/faq

Google Hosted Libaries are used on our website to load jQuery Javascript library. This can increase the loading speed of our site. Likely, you've already used jQuery on a different page from Google CDN, which makes use of the stored copy that is in the cache. Unless there is a copy in your cache, the file will be downloaded from the Google CDN by contacting the server you're using to Google's servers. This will transmit the IP address used to access our website. Another reason may require downloading the file. In these cases, data is transferred from your browser to Google. Google affirms that Google-hosted libraries limit their collection, storage, and use of end-user data to what is required for efficient provisioning of hosted libraries. For details on the terms and technical information of Google Hosted Libraries, please visit: https://developers.google.com/speed/libraries/terms; https://developers.google.com/speed/libraries/ 

For further privacy notices of Google refer to: https://www.google.de/intl/de/policies/privacy/

b. Legal basis of data processing

The data processing is based on Art. 6 para. 1 p. 1 lit. f) GDPR. Our legitimate interest in integrating Google marketing tools is to improve our level of awareness and to partner with other companies in order to participate economically. Our legitimate interest in incorporating Google analytics tools in enabling the on-demand and ongoing optimization of our website. Our legitimate interest in incorporating Google Web Fonts is to provide you with a visually interesting, user-friendly website. It is our legitimate interest to ensure the effectiveness of our services by using Google Hosted Libaries.

c. Purpose of data processing

We use Google advertising and marketing tools to place targeted advertisements on our company's search engine results, as well as provide us with user-friendly ads. We open up a wider audience through advertising. Through analysis tools we are able to compile information about the usage of the individual components of our web page and thus constantly improve the website.

d. Duration of storage

Google Ad Manager, Google Remarketing, Google Web Fonts, Google Hosted Libaries: The data will be deleted as soon as the purpose of the data processing is fulfilled and no legal, regulatory or contractual provisions oppose it.

Google Ads: The cookie expires 30 days after the conversion cookie has been set so that it can no longer be identified. Within these 30 days both InLoox and Google can understand which subpages have been accessed.

Google Analytics: The data collected by Google Analytics will be deleted 14 months after your visit to our website.

e. Right to objection and erasure

In the context of Art. 6 para. 1 p. 1 lit. f) DSGVO you have the option of objecting to the data processing. To do this, please contact our Privacy Officer or Google at the following contact form: https://support.google.com/policies/troubleshooter/7575787?visit_id=637030195540641936-3863549830&hl=en&rd=2. You can set your browser to not load the fonts from the Google servers. If your browser does not support Google Web Fonts or you block access to the Google servers, the text will be displayed in the system's standard font. The setting of cookies can be prevented at any time by appropriate settings in your Internet browser. The already set cookies can also be deleted in the settings of the Internet browser. This may mean that not all features are fully available. You may object to Google's consumer advertising at any time: www.google.com/settings/ads. Also, through browser extensions http://tools.google.com/dlpage/gaoptout?hl=de Google Analytics can be disabled and controlled. You can stop the tracking by clicking on this link:

Disable Google Analytics

III. Microsoft

a. Description and scope of data processing

Microsoft Azure: We have rented Micro-soft Azure data centers that meet certifications, including ISO 27001, for the provision of this site. They are located in the EU and in the US. Insofar as personal data is transferred outside the European Union, there is a recognition of the same level of protection.

Bing Universal Event Tracking (UET): On our website, Bing Ads processes data from which usage profiles are created using pseudonyms. This allows us to track user activity on our website when it has reached our website via ads from Bing Ads. When this happens, a cookie is set on your computer. Our website has a Bing UET tag integrated. This is a code used to store some non-personally identifiable information about the use of the Website in connection with the cookie. This includes e.g. the amount of time spent on the site, which parts of the site were accessed, and what ads brought users to the site. Information about your identity will not be recorded. For more information on Bing analytics services, visit the Bing Ads Web site: https://help.bingads.microsoft.com/#apex/3/en/53056/2.

Bing Ads: If you have reached our website through a Bing ad, Microsoft will set a so-called conversion cookie on your system. The conversion cookie is used to create and analyze visit statistics. The Conversion cookie stores the IP address when visiting the website. This data is stored in the US. It is possible that Microsoft will share this information with third parties.

The privacy policy can be found here: https://privacy.microsoft.com/en-us/privacystatement

The data processing is performed by: Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA and Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

b. Legal basis of data processing

The legal basis for data processing is Art. 6 (1) lit. f) GDPR. Our legitimate interest in Microsoft Azure's data processing is to ensure the operation and security of the Website, to investigate the way users use the Website, and to facilitate the use of the Website. It is our legitimate interest to review the effectiveness of our services through the inclusion of Bing Universal Event Tracking (UET) and Bing Ads.

c. Purpose of data processing

Microsoft Azure: The purpose of data processing is to enable connection, system security, technical administration of the network infrastructure and optimization of the Internet offer.

Bing Universal Event Tracking (UET): The data processing is used to understand the attractiveness of the website and thus to improve it constantly.

Bing Ads: The data processing allows user-specific advertisements, in the search engine results of Bing as well as on Microsoft websites targeted advertising of our company will place, which can lead to a larger group of users.

d. Duration of storage

Microsoft Azure: The data will be deleted if the purpose has been fulfilled and no contractual, official or legal regulations oppose it.

Bing Universal Event Tracking (UET): The collected information is transmitted to Microsoft servers in the US and stored there for a maximum of 180 days.

Bing Ads: One year after the conversion cookie has been set, the cookie is no longer valid and can no longer be identified. Previously, we and Microsoft can understand which subpages have been invoked.

e. Right to objection and erasure

Microsoft Azure: The collection and storage of data for the provision of the website in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.

Bing Universal Event Tracking (UET) and Bing Ads: You can prevent the collection and processing of data generated by the cookie and your use of the website by deactivating the setting of cookies. This may limit the functionality of the site. In addition, through cross-device tracking, Microsoft may be able to track your usage behavior across multiple of your electronic devices, enabling it to display personalized advertising on or in Microsoft websites and apps. This behavior can be disabled at http://choice.microsoft.com/en-us/opt-out. You can also disable behavioral targeting from third party sites, e.g. via https://www.networkadvertising.org/choices/ and https://www.aboutads.info/.

IV. SendGrid

a. Description and scope of data processing

We use SendGrid as a mail service provider. It can include your IP address, browser type, log files, other information about your system and connection, email deliverability metrics, and additional data if you're a SendGrid customer. SendGrid acts as a data processor and only processes such information on our behalf in accordance with our instructions. SendGrid data processing is necessary to provide us with the service, to remedy service and technical issues, and to respond to any support requests or instructions you may have. Please note that SendGrid uses web beacons to send emails to recipients via the SendGrid platform. These web beacons track how you have handled the emails sent through the SendGrid platform. This allows SendGrid to measure the performance of their customers' email campaigns, provide analytical information, and improve service effectiveness. For more information on privacy, see their privacy policy: https://sendgrid.com/policies/privacy/services-privacy-policy/ and the Terms of Use: https://sendgrid.com/policies/tos/ 

Data processing is performed by: SendGrid Inc. 1801 California St., Suite 500, Denver, Colorado 80202, USA.

b. Legal basis of data processing

The legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR. It is in our legitimate interest to offer you and us a comfortable way to get in touch.

c. Purpose of data processing

We use SendGrid to provide you with a low-threshold communication path. SendGrid processes data to provide services, to improve the content and functionality of the services and to facilitate the analysis of the services.

d. Duration of storage

SendGrid retains your personal information for the period for which our contract with SendGrid exists. Subsequently, the data will be deleted at our request or returned to us.

e. Right to objection and erasure

The contact via SendGrip can be stopped at any time and the data processing be contradicted. You may also opt out of the marketing emails by clicking the "unsubscribe" link at the bottom of the marketing communications or by emailing datasubjectrequests@sendgrid.com.

V. StackPath (Bootstrap CDN/ Max CDN)

a. Description and scope of data processing

Our website uses the services of StackPath (formerly Max CDN) to make our website fast and vivid by delivering collections of technical instructions (called libraries) to your browser. If you have not yet deposited a copy in the browser via another website, the file will be sent to you by calling our website, thereby processing your IP address. Further information on data protection can be found in the privacy policy at the following link: https://www.stackpath.com/legal/privacy-statement/ 

The data processing is performed by: StackPath LLC, 2021 McKinney Ave., Suite 1100, Dallas TX 75201, USA.

b. Legal basis of data processing

The legal basis is based on Art. 6 para. 1 sentence 1 lit. f) GDPR. It is our legitimate interest to ensure the effectiveness of our services.

c. Purpose of data processing

We use the Services to help you ensure efficient operations on our website by enabling faster and more reliable access to content.

d. Duration of storage

The data will be deleted if you are no longer required for the provision of services and no legal, contractual or official regulations oppose this.

e. Right to objection and erasure

The processing of data by cookies can be prevented by deactivating the setting of cookies. This may limit the functionality of the Website.

VI. Feedback Nolt

a. Description and scope of data processing

We use the services of Nolt as a feedback system. The following data can be transmitted to Nolt and further processed: which Nolt pages you have accessed, the device and browser type, information that you send to Nolt (eg: email address), your IP address. For more information on data protection at Nolt, please refer to its privacy statement: https://nolt.io/legal#privacy  

The data processing is carried out by: Rebase GmbH, Vogelherdstrasse 7b, 9016 St. Gallen, Switzerland.

b. Legal basis of data processing

The legal basis is based on Art. 6 para. 1 sentence 1 lit. f) DSGVO with our legitimate interest in having our services evaluated in order to draw conclusions from them and thus constantly improve our services.

c. Purpose of data processing

The feedbacks allow us to draw conclusions about our offer and our services.

d. Duration of storage

The data will be deleted as soon as the purpose of the data processing is fulfilled and no legal, official or contractual regulations preclude a deletion.

e. Right to objection and erasure

You can exercise your rights by sending an e-mail request to hello@nolt.io. Your inquiries will be processed within 30 days.

VII. Crowdsignal

a. Description and scope of data processing

In surveys we use the crowd signal service. If a user participates in a survey, Crowdsignal receives information about participation: IP address, browser used, operating system, time and date. More information: https://automattic.com/privacy 

The data processing is performed by: Aut O'Mattic A8C Ireland Ltd., Business Center, No.1 Lower Mayor Street, International Financial Services Center, Dublin 1, Ireland. For some of the processing activities provided by the Aut O'Mattic A8C Ireland Ltd. Services provided is also Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA.

b. Legal basis of data processing

The legal basis is based on Art. 6 para. 1 sentence 1 lit. f) GDPR. It is our legitimate interest to have our performance evaluated in order to draw conclusions from it and thus constantly improve our offer.

c. Purpose of data processing

Our interest lies in having our services evaluated and thus constantly improving our services.

d. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose and no legal, official or contractual regulations oppose this.

e. Right to objection and erasure

The data will only be processed if you take the opportunity to participate in the survey. You can exercise your rights at any time.

  

XIII. Service providers from third countries

In order to protect your personal data even in the case of data transmission to a third country, we conclude contract processing contracts with every service provider. Our service providers from third countries have provided appropriate guarantees (Article 46 GDPR).

EU-US Privacy Shield: The Privacy Shield is an agreement between the United States of America and the European Union to ensure compliance with European privacy standards. For more information, see:

EU standard contract clauses: Our provider has submitted to the EU standard contractual clauses to ensure secure data transfer. For more information, see:

https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF

  • Instagram, Social media, USA, EU standard contract clauses
  • Microsoft, Hosting, USA, EU standard contract clauses

Binding Corporate Rules: Article 47 of the GDPR provides the possibility of ensuring data protection when transferring data to a third country via Binding Corporate Rules. These are examined and approved by the data security authorities within the framework of the consistency mechanism pursuant to Art. 63 GDPR. Further information can be found here:

 

XIV. Your rights

You have the following rights with respect to the personal data concerning you:

I. Right to withdraw a given consent (Art. 7 GDPR)

If you have given your consent to the processing of your data, you can withdraw it at any time. This will affect the admissibility of processing your personal data by us for the time after you have withdrawn your consent. To withdraw your consent, contact us personally or in written form.

II. Right of access (Art. 15 GDPR)

You have the right to obtain from us confirmation as to whether personal data concerning you are being processed, and, where that is the case, access to your personal data and the following information:

  • the purpose of processing;
    • the categories of personal data concerned;
    • the recipients or the categories of recipient to whom your personal data have been or will be disclosed, in particular recipients in countries outside of the EU or international organisations;
    • where possible, the envisaged period for which your personal data will be stored, or, if not possible, the criteria used to determine that period;
    • all available information on the source of your personal data;
    • the existence of automated decision-making, including profiling, referred to Art. 22 para. 1 and 4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

In the case of such a request, you must provide enough information about your identity to proof that the request concerns your own personal data.

III. Right to rectification and erasure (Art. 16, 17 GDPR)

You have the right to obtain from us without undue delay the rectification and completion of inaccurate personal data concerning yourself.

You may also request the erasure of your personal data if any of the following applies to you:

  • the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed;
  • you withdraw consent on which the processing is based according to Art. 6 para. 1 s.1 lit. a) or Art. 9 para. 2 lit. a) GDPR, and where there is no other legal ground of processing;
  • you object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or the you object to the processing pursuant to Art. 21 para. 2 GDPR;
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject;
  • the personal data have been collected in relation to the offer of information society services referred to in Art. 8 para. 1.

Where we made the personal data public and are obliged to erase the personal data pursuant to Art. 17 para. 1 GDPR, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

These rights shall not apply to the extent that processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the area of public health in accordance of Art. 9 para. 2 lit. h) and i) as well as Art. 9 para. 3 GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, in so far as the right referred to above is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
  • for the establishment, exercise or defence of legal claims.

IV. Right to restriction of processing (Art. 18 GDPR)

You shall have the right to obtain from us restriction of processing where one of the following applies:

  • the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  • we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
  • you have objected to processing pursuant to Art. 21 para. 1 GDPR pending the verification whether our legitimate grounds override yours.

Where processing has been restricted under the aforementioned conditions, such personal data shall, except for storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the limitation of the processing is restricted, you will be informed by us before the restriction is lifted.

V. Right to information (Art. 19 GDPR)

If you have asserted us your right to rectification, erasure or restriction of data processing, we will inform all recipients of your personal data to correct, delete or restrict the processing of data, unless this proves impossible or involves disproportionate effort.

You also have the right to know which recipients have received your personal data.

VI. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format. Also, you have the right to transmit those data to another controller, where

  • the processing is based on consent pursuant of Art. 6 para. 1 s.1 lit. a) GDPR or of Art. 9 para. 2 lit. a) GDPR or is based on a contract pursuant of Art. 6 para. 1 s. 1 lit. b) DS-GVO; and
  • the processing is carried out by automated means.

In exercising your right to data portability, you have the right to obtain that personal data transmitted directly from us to another controller, as far as technically feasible. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority that has been delegated to us.

VII. Right to object (Art. 21 GDPR)

Where we based the processing of your personal data on a legitimate interest (Art. 6 para. 1 s. 1 lit. f) GDPR), you may object to the processing. The same applies if the data processing is based on Art. 6 para. 1 s. 1 lit. e).

In this case, we ask you to explain the reasons why we should not process your personal data. Based on this we will terminate or adapt the data processing or show you our legitimate reasons why we continue the data processing.

VIII. Right to lodge a complaint with supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you is against the infringes of the GDPR.

The supervisory authority to which the complaint has been submitted shall inform you of the status and results of the complaint, including the possibility of a judicial remedy according to Article 78 GDPR.

  

XV. How you perceive these rights

To exercise these rights, please contact our data security officer:

Kemal Webersohn from Webersohn & Scholtz GmbH

By email:         dataprotection@inloox.com

or by mail:     

WS Datenschutz GmbH        
Meinekestraße 13                                                              
D-10719 Berlin

 

XVI. Subject to change

We reserve the right to change this privacy policy in compliance with legal requirements. 

December 4th, 2019

 

 


Privacy Policy for Non-GDPR Subjects

If you are not residing in the European Union and are not subject to the GDPR, the following policy is effective.

What information do we collect?

The protection of personal data is the highest priority for InLoox, Inc. (hereafter “InLoox”).

When ordering or registering on our site, as appropriate, you may be asked to enter information like, including, but not limited to, your name, e-mail address, mailing address, phone number or credit card information.

We collect information from you when you register on our site, place an order, subscribe to our newsletter or fill out a form. When you register yourself in our personalized databases, you will be asked to furnish personal information. All data concerning your identity is stored on the server of InLoox and its business partners, but only when you expressly place this information at our disposal. This is done with your knowledge and only with your express permission.

You may, however, visit our site anonymously, without providing your personal information.

Like most websites, we use cookies and/or web beacons to enhance your experience, gather general visitor information, and track visits to our website. Data displayed in the opening of a page is not personal. We receive only technical data with the opening our webpages which is used exclusively for the generation of anonymous statistics to assist us in optimizing our products and services.

Please refer to ‘do we use cookies?’ section below for information about cookies and how we use them.

If you are using our products, we will gather anonymized usage statistics and error reports as part of the “Customer Experience Improvement Program” (CEIP). You can turn off this feature at any time. To learn more, go to www.inloox.com/ceip.

This website uses Google Analytics in combination with Google Remarketing for the Google Display Network. We use remarketing to show our ads on sites across the Internet. It lets us follow up with people who have already visited our website, and deliver ad content specifically targeted to the interests they expressed during those previous visits. This includes Google and other third-party websites. We analyze audience data (such as age, gender, and interests) with Google Analytics in an anonymized form. We also use Google Display Network Impression Reporting. We do this to improve the quality of our website, to provide a better user experience, and to create ads that are more relevant to you. To opt-out of Google Analytics for Display Advertising, go to the Ads Settings (https://www.google.com/settings/ads). You can also opt-out of Google Analytics using the opt-out browser add-on (https://tools.google.com/dlpage/gaoptout/).

This website uses etracker technology (www.etracker.com) to collect data on visitor behavior. The data is collected anonymously for use in marketing and optimization. All visitor data is saved using an anonymous user ID and can be used to aggregate a usage profile. Cookies may be used for this purpose. The data collected by the etracker technology will not be used to determine the personal identity of a website visitor, and will not be compiled with personal data relating to the person referred to by the pseudonym, unless agreed to separately by the person concerned. The collection and storage of data may be revoked at any time with respect to future services.

What do we use your information for?

Any of the information we collect from you may be used in one of the following ways:

  • To personalize your experience. Your information helps us to better respond to your individual needs.
  • To improve our website and our products. We continually strive to improve our offerings based on the information and feedback we receive from you.
  • To improve customer service. Your information helps us to more effectively respond to your customer service requests and support needs. We also use your personal information to communicate with you. We may send certain mandatory service communications such as welcome letters, billing reminders, information on technical service issues, and security announcements.
  • To process transactions. Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose or delivering the purchased product or service requested.
  • To send you notifications, newsletters or other information about products, services, and special offers that we think will interest you. We will provide an unsubscribe link within such emails.

How do we protect your information?

We implement a variety of security measures to maintain the safety of our personal information when you place an order or access your personal information.

We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

After a transaction, your private information (credit cards, financials, etc.) will not be kept on file for more than 60 days, except when your private information is collected by or through a third party such as a merchant, promotion website or an InLoox partner website for the purpose of processing your transaction. In these circumstances, the collection and use of your private information will also be governed by the privacy policy of the third party.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web Browser (if you allow) that enables the sites or service providers system to recognize your browser and capture and remember certain information.

We use cookies to help us remember and process the items in your shopping cart, understand and save your preferences for future visits, keep track of advertisements and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.

If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via our browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still place orders over the telephone or by contacting customer service.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. These parties have a data security and confidentiality agreement with InLoox. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

If you are an InLoox now! customer, you may, if you wish, nominate a distribution partner for your customer account. If you decide to do so, your customer information will be transmitted to the distribution partner. This information will include your company name, the products you have ordered, the initial purchase date and the term of the agreement with InLoox. We take particular care to ensure that only information, which is essential for the specific purposes of accounting and support, is transmitted to your distribution partner.

Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site, and welcome any feedback about these sites.

California Online Privacy Protection Act Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to third parties without your consent.

Children’s Online Privacy Protection Act (COPPA)

We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act). We do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Online Privacy Policy Only

This online privacy policy applies only to information collected through our website and not to information collected offline.

Your consent

By using our site, you consent to our web site privacy policy.

Changes to our Privacy Policy

If we decide to change or update our privacy policy, we will post changes on this page and/or update the Privacy Policy modification date below.

Contacting Us

We will delete you data immediately on request. Please go to www.inloox.com/company/contact to contact us any time if you have any questions, suggestions or comments about this privacy policy.

Date: 2018-05-09