Privacy Policy

We (Datasophie GmbH, “DS”) are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at contact@datasophie.de.

When you visit our websites (https://datasophie.com, https://datasophie.de, https://pergola.cloud), we refer to them collectively in this privacy policy as “Website” or “Websites”), and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our websites and our services.

This privacy policy applies to all information collected through our Websites, and/or any related services, sales, marketing or events (we refer to them collectively in this Privacy Policy as the “Services”).

1 INTRODUCTION

The data controller in respect of any Personal Data that you submit to us via the Services (or otherwise) is

Datasophie GmbH
Roßtränke 4
94032 Passau
Germany

contact@datasophie.de

The Personal Data you submit to us via the Services (or otherwise) will be processed by us or by data processors appointed by us to undertake processing on our behalf.

DS respects your privacy rights and recognizes the importance of protecting the information collected about you. We have adopted this Privacy Policy to explain how we collect, use and store your Personal Data and Non-Personal Data.

If you want to know what Personal Data or Non-Personal Data we hold about you or if you have any other queries in relation to this Privacy Policy, please contact us by emailing us at contact@datasophie.de. We will require you to verify your identity before releasing any information to you.

2 WHAT IS PERSONAL AND NON-PERSONAL DATA?

“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.

“Non-Personal Data” means information that we have collected from you which is not Personal Data, i.e. cannot be used by us to identify you.

3 WHICH DATA DOES DS COLLECT AND USE AT WHICH STAGE?

3.1 Use of Our Website

3.1.1 General

If you access or use our Website we may collect the following Personal Data and Non-Personal Data:

  • Request (Name of the requested file)
  • Browser type/version (e.g.: Firefox v123)
  • Browser language (e.g.: English)
  • Operating System (e.g.: Windows)
  • Resolution of the Browser window
  • Screen resolution
  • Javascript active
  • Java On / Off
  • Cookies On / Off
  • Color settings
  • Referral URL (the previously visited page)
  • Time of Access
  • Clicks

DS also may maintain log files that contain IP addresses. An IP address is a numeric address that may be assigned to your computer by your Internet Service Provider and can, in certain circumstances, amount to Personal Data. In general, we use log files to monitor traffic on our Website and to troubleshoot technical problems. In the event of user abuse of our Website, however, we may block certain IP addresses.

We use the information set out in this Section 3.1.1 to optimize your experience of the Services. The collection of the information set out in this Section 3.1.1 is mandatory. DS is not able to properly provide you with the Services without this basic information.

3.1.2 Cookies and Tracking Technologies

We may use various tracking technologies to automatically collect the types of information set out in Section 3.1.1 above, including:

Cookies, which are small data files stored on your device that act as a unique tag to identify your browser. We use several types of cookies, including session cookies and persistent cookies. Session cookies make it easier for you to navigate our website and expire when you close your browser. Persistent cookies help with personalizing your experience, remembering your preferences, and supporting security features. Persistent cookies may remain on your device for extended periods of time, and generally may be controlled through your browser settings.

Pixels (also known as web beacons), which are code embedded in a website or email that sends information about your use to a server. There are various types of pixels, including image pixels (which are small graphic images) and JavaScript pixels (which contains JavaScript code). When you access a website or email that contains a pixel, the pixel may permit us to drop or read cookies on your browser. Pixels are used in combination with cookies to track activity by a particular browser on a particular device.

For an exhaustive outline regarding DS’s use of cookies, types of cookies, which exact cookies DS stores and for how long as well as how you can opt out of the use of cookies please see our cookie settings:

Change privacy settings

Privacy settings history

Revoke consents

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track”, visit allaboutdnt.com.

3.2 ACCOUNT REGISTRATION AND COMMERCIAL TRANSACTION

You will need to register for an account in order to access and use some of the Services (“Account”). If you register for an Account, in addition to the information we collect under Section 3.1 above we will also collect the following Personal Data:

  • Account ID
  • Login ID
  • Display name
  • Password
  • Email address
  • Avatar or profile picture
  • Creation date

If you conduct and carry out commercial transactions via any of the Services, in addition to the Personal Data set out above, we may also collect the following Personal Data and Non-Personal Data:

  • First name
  • Last name
  • Billing address (including street, ZIP code, country)
  • Shipping address for physical goods (including street, ZIP code, country)
  • Telephone number
  • Date and data of transaction
  • Object acquired
  • Value
  • Confirmation email address

We use this Personal Data and Non-Personal Data to:

  • fulfill our contractual obligations and comply with applicable law;
  • track the transactions you have made via the Services;
  • remember which products you have added to your basket;
  • provide customer service to you in relation to your use of the Services, to deal with enquiries and complaints relating to the use of the Services and to notify you about any changes to the services that we provide via the Services;
  • send you reminder and verification notifications such as password reminders.

We are obliged by applicable law to identify our commercial customers for purposes of enabling our contractual relationships with them. We are also obliged by applicable law to collect and store detailed information regarding all commercial transactions, especially for accounting and tax purposes.

The collection of the information set out in this Section 3.2 is mandatory. DS is prohibited by law from providing you with commercial services without collecting such information. For legal reasons this information will be stored as long as your account remains open and thereafter for the retention periods set forth by law for accounting and tax purposes.

3.3 User

If you upload and store Projects (as defined in the Term of Service) on Pergola, we will track and store usage metrics:

– for billing purposes;

– to secure proper functionality of Pergola;

– to detect data breaches and other illegal activities.

The collection of the information set out in this Section 3.3 is mandatory. We cannot provide the Pergola services without this use of your data.

3.4 Marketing Communications

Subject to your approval we will collect, transfer and process Personal Information and Non-Personal Information for performance marketing as follows:

DS will receive advertising data from our performance marketing partners, including Google. This data includes campaign, ad group and click IDs, keywords and placements. For more information on Google’s Ad Privacy Policies see here.

To ensure DS can report on the effectiveness of the advertising campaign DS will pass conversion data to our performance marketing partners, including when you register a new account or complete a commercial transaction. Included in the conversion data is a timestamp, conversion ID, revenue, SKU/product, new game package flag, credit/cash flag.

Conversion data is collected using cookies. Advertising data (clicks and impressions) is collected using cookies and (if applicable) Google signed-in data. For the retention period of the marketing cookies see our cookie declaration here.

Data collection on performance marketing is not mandatory. You have to actively opt-in using Real Cookie Banner to allow marketing cookies. You can opt-out of data collection using marketing cookies at any time using the Real Cookie Banner tool here.

Subject to your approval we may also use the information collected under Sections 3.1 to 3.3 to provide marketing information and special offers through communications to you (e.g. by email). This use of the information collected under Sections 3.1 to 3.3 is not mandatory. You must actively opt-in using Real Cookie Banner to allow this marketing information. You can opt-out of data collection for marketing information at any time using the Real Cookie Banner tool here.

3.5 Retention Periods

DS stores your Personal Information and Non-Personal Information for as long as this is necessary for the provision of the Services, including as required in accordance with contractual or statutory requirements (e.g. tax law, accounting law and guidelines or other commercial purposes such as invoices). See also Sec. 3.1-3.3 for further reference.

4 WILL DS SHARE MY INFORMATION WITH THIRD PARTIES?

Other than as expressly set out in this Privacy Policy, DS will never share your Personal Data with third parties without your consent.

DS may share your Personal Data:

  • with any of our affiliated companies or distributors, including brandcompete GmbH. The legal basis under GDPR is Art. 6 (1) lit. f GDPR with having organizational and financial requirements as legitimate interest.
  • third party service providers under our control (“Data Processors” under GDPR) and monitoring where such disclosure is necessary or helpful to enable us to provide you with any of the  Services and such third parties are contractually bound to process your Personal Information and/or Non-Personal Information under at least as protective as those set forth in this Privacy Policy (provided that we may permit them to use information that does not identify you for any purpose except as prohibited by applicable law). The legal basis under GDPR is Art. 6 (1) lit. b GDPR.
  • third party payment providers which are bound by strict privacy policies to carry out payment transactions with you. The legal basis under GDPR is Art. 6 (1) lit. b GDPR.
  • any person to whom disclosure is necessary to enable us to enforce our rights under this Privacy Policy (such as law enforcement authorities in case of fraud investigations). The legal basis under GDPR is Art. 6 (1) lit. f GDPR to with defending our rights as legitimate interest.
  • any authority to which we are obliged by law to disclose your Personal Information and Non-Personal Information (e.g. tax authorities for commercial transactions). The legal basis under GDPR is art. 6 (1) lit. c GDPR.
  • at your request or your direction.

5 HOW DOES DS PROTECT YOUR PERSONAL DATA?

The security of your Personal Data is important to us. We have implemented physical, electronic and managerial procedures in order to help safeguard and prevent unauthorized access, use, alteration, modification and/or disclosure of your Personal Data. We follow applicable law to protect the Personal Data submitted to us, both during transmission and in storage.

The Personal Data that you provide to us will be collected and processed by us or by data processors appointed by us to undertake processing on our behalf. Your Personal Data will be stored on servers which may be owned by data processors under contractual control by us. Any Personal Data that you provide to us in accordance with this Privacy Policy will be adequately protected by this Privacy Policy, our contract with  our data processors which implement data protection measures to address applicable law.

Despite these measures, transmission via the internet is not completely secure and we cannot guarantee the security of your Personal Data provided through the internet.

If you have any questions about security on our Website, please contact us at contact@datasophie.de.

6 DATA TRANSFER

We host our website and services on AWS. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter AWS).

When you visit our website, your personal data will be processed on AWS servers. Personal data can also be transmitted to the parent company of AWS in the USA. Data transfer to the USA is based on the EU standard contractual clauses. Details can be found here.

For more information, see the AWS privacy policy.

7 REVIEW, CORRECTION OF YOUR INFORMATION, REQUESTING REMOVAL FROM MAILING LISTS AND DEACTIVATING YOUR ACCOUNT

You can correct, update or delete your Account information at any time by logging on our Website and navigating to your Account settings. Should you be unable to log in your Account, please contact us at contact@datasophie.de. We will be happy to review, update or remove information as appropriate. If you wish to have your account deactivated, please contact contact@datasophie.de. Please note that we will retain and use information as set out in Sections 3.1 to 3.4.