Privacy Policy

last revised on June 07, 2018

Privacy Policy for PhraseApp – Dynport GmbH

  1. General information about the collection of personal data
  2. Contact data
  3. Notes on legitimateness and period of storage
  4. Your rights
  5. Visits to our website and creation of log files
  6. Registration and login
  7. Contact form
  8. Newsletter
  9. Use of cookies
  10. To what extent is website analytics carried out on the PhraseApp website?
  11. Social media plug-ins
  12. Use of Google Maps
  13. Disclosure of data to third parties
  14. Security standards
  15. Changes to this policy

1. General information about the collection of personal data

PhraseApp is a product from Dynport GmbH (referred to in the following as "Dynport“). Dynport attaches great importance to the protection of your personal data. This Privacy Policy describes how Dynport (also referred to in the following by the words "we“, "us“ und "our“) uses and protects personal data collected at www.phraseapp.com ("PhraseApp Website“).

Personal data are all data which refer to you personally, including for example your form of address, name, address, e-mail address, IP address, etc. We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation ("GDPR“) and other provisions of European and applicable national data protection law.

Personal data are only collected and used on a regular basis with your consent or if the processing of such data is permitted by law. The following provisions provide information about the type, scope and purpose of the collection and processing of your personal data.

In the event that we make use of the services of commissioned service providers (third parties) for the purpose of providing specific functions for our offer or of our services or if we use your data for marketing or analysis purposes, we will also inform you in detail in the following about the data processing taken. We also provide information about the stipulated criteria for and the period of storage. We also inform you about your rights with regard to each data processing activity.

This Privacy Policy refers exclusively to our PhraseApp website. If links on our webpages take you to third-party websites, please take the time to find out how your data are used at such websites.

2. Contact data

2.1. Name and address of the person responsible for data processing

Dynport ("Controller“) is responsible for data protection within the meaning of the GDPR and under all other applicable EU data protection law. If you have any questions, suggestions or criticisms relating to data protection and our website, please contact:

Dynport GmbH
ABC-Straße 4
20354 Hamburg
E-Mail: privacy@phraseapp.com

2.2. Name and address of the data protection officer

Any data subject (anyone affected of data processing activities) can contact our data protection officer with questions and suggestions directly at any time. He can be contacted as follows:

Dynport GmbH
Data Protection Officer
Tobias Mauß
Mauß Datenschutz GmbH
Neuer Wall 10
20354 Hamburg/Germany
E-Mail: mauss@dsbhh.de

3. Notes on legitimation of the processing and period of storage

3.1. Legitimation of the processing of personal data

Our processing of your personal data is legitimate if you have given your consent as stipulated in Article 6 (1) sentence 1 a) GDPR.

Under Article 6 (1) sentence 1 b) GDPR, the processing of your personal data is legitimate if such processing is necessary for the performance of a contract with you or your company. This also applies to all processing operations which are relevant prior to entering into a contract.

Under Article 6 (1) sentence 1 c) GDPR, the processing of your personal data is legitimate if such processing is necessary for compliance with one of our legal obligations.

Under Article 6 (1) sentence 1 d) GDPR, the processing of your personal data is legitimate if such processing is necessary in order to protect your vital interests or those of another natural person.

Under Article 6 (1) sentence 1 f) GDPR, the processing of your personal data is legitimate if such processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

3.2. Period of storage and erasure of data

Any personal data which we collect, process and store will only ever be kept by us for as long as there is a specific purpose for such storage. Your data will be erased or its processing will be restricted as soon as the specific purpose for which they were stored no longer applies or they are not subject to contractual or legal retention obligations.

It is possible, however, that European regulations, applicable national laws or other rules may require us to store data which we have processed for a longer period of time. We will erase or restrict the processing of your data when these statutory data retention periods have expired.

4. Your rights

For the purposes of the GDPR you are the "data subject" of any of your personal data which we process. As a data subject you have the following rights with regard to Dynport:

4.1. Right to request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data are being processed.

4.2. Right to rectification

You have the right to obtain from Dynport the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed.

4.3 Right to restriction of processing

In certain circumstances you have the right to restrict the processing of your personal data.

4.4 Right to erasure

In certain circumstances you have the right to obtain that Dynport erase personal data concerning you without undue delay. The right to erasure does not apply if processing is necessary.

4.5 Right to be informed

If you have asserted your right to rectification, erasure or restriction to Dynport, Dynport must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

4.6 Right to data portability

You have the right to receive, in a structured, commonly used and machine-readable form, any personal data concerning you which you have provided to Dynport. In certain circumstances you also have the right to transmit those data to another company without hindrance from Dynport to which the personal data have been provided.

4.7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you based on Article 6 (1) sentence 1 f) GDPR. Dynport may then no longer process the personal data relating to you unless Dynport demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

If the personal data relating to you are processed for the purposes of engaging in direct marketing, you have the right to object at any time to the processing of your personal data for such advertising purposes. You can inform us of such objection by contacting us as follows:

Dynport GmbH
ABC-Straße 4
20354 Hamburg, Germany
E-Mail: privacy@phraseapp.com

4.8. Right to withdraw the data protection declaration of consent

If you have given your consent you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. The data subject shall have the right to withdraw his or her consent at any time.

4.9. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

5. Visits to our website and creation of log files

Our system automatically collects data and information from your computer system every time you visit our PhraseApp website. The following data may be then collected:

  • Information about the type of browser you are using
  • Information on the operating system you are using
  • Your IP address
  • The date and time of your visit to our website
  • Information about the website from which your system has reached our website

The data which we collect on you are stored in our system's log files. As a rule, these data are not stored with other personal data. One exception to this rule is the information collected by us about your browser settings.

The temporary storage of data and log files is legitimate under Article 6 (1) sentence 1 f) GDPR. We have a legitimate interest in collecting and temporarily storing the data referred to, as the IP address must be stored temporarily by the system in order to provide the website to your computer. We also use the geoinformation to display an appropriate country website (e.g. for France: phraseapp.com/fr).

Data are stored in log files to ensure the functioning of the website. This information is also used to optimise our website and to guarantee the security of our information technology systems. Your log files are not assessed for marketing purposes.

The data will be erased or altered in a way that prevents them being assigned to you as soon as they cease to be necessary for the purposes referred to here. Data which are stored in log files are erased after seven days.

6. Registration and login

6.1. Registration for the trial version of PhraseApp

To use PhraseApp, you must register using a form provided directly on the PhraseApp website. When you register you will be required to provide certain mandatory data in addition to voluntary information; these types of data are identified separately. They are in particular:

  • Your user name
  • Your name
  • Your address
  • Your country of origin or that of your company
  • Your e-mail address
  • Your password

We process your data in this step in order to be able to provide you with translation management as software as a service ("SaaS“) on the PhraseApp website. Processing of these data is necessary in order to establish, define the contents of or amend the contractual relationship between you and Dynport as well as for claiming and settling the relevant services.

6.2. Login to the demo version of PhraseApp

Registration is not required if you decide to use the demo version of PhraseApp. The PhraseApp demo version runs exclusively on a PhraseApp test account of the company's own.

To use the demo version, you are asked for the following data in particular:

  • Your name
  • Your company
  • Your e-mail address
  • Your request

The purpose of collecting your data is to enable you to try out PhraseApp.

6.3 Login for customers

If you register as a user with PhraseApp, you can store the following data, for example, in your user account:

  • Your name (mandatory)
  • Your e-mail address (mandatory)
  • Your user name (mandatory)
  • Your nickname (mandatory)
  • Your company (mandatory only for Master Users)
  • Address of the invoice recipient (mandatory only for Master Users)
  • E-mail address of the invoice recipient (mandatory only for Master Users)
  • Your address (optional)
  • Your telephone number (optional)
  • Your payment data (optional)
  • The final four numbers of your credit card (if you pay by credit card)
  • The expiry date of your credit card (if you pay by credit card)

We use, store and process your data in this step in order to be able to provide you with the translation management SaaS on the PhraseApp website. Processing of these data is necessary in order to establish, define the contents of or amend the contractual relationship between you and Dynport as well as for claiming and settling the relevant services.

6.4. Legitimation, erasure

Such processing of data by Dynport is legitimate under Article 6 (1) sentence 1 b) and f) GDPR.

We erase your data if they are no longer needed for the purpose, i.e. performance of the contract, and if they are not subject to contractual or legal retention periods. If you wish to erase your data yourself, you can do so at any time under "My Profile" – "Delete User Profile" on the PhraseApp website. The individual data are then anonymised so that they can no longer be assigned to you or your deleted user profile. Project data not containing personal data are retained, unless there are contractual obligations to erase them. Your (personal) data are no longer stored if there are statutory obligations to retain them.

7. Contact form

You can make contact with us by electronic means using the contact form on our PhraseApp website. If you wish to contact us in this way, the data which you enter will be sent to us and stored. This applies to the following data in particular:

  • Your full name
  • Your e-mail address
  • as well as any data you may enter in the form

The processing of these data is legitimate under Article 6 (1) sentence 1 a), b) or f) GDPR. We only process any personal data which you enter to deal with your request. The following data are also stored at the time you send your message:

  • Your IP address
  • The date and time at which you have made contact

The data are erased as soon as they are no longer required for the purpose for which they have been collected and provided that they are not subject to any contractual or legal archiving obligations. The conversation has come to an end when it is apparent from the circumstances that the matter being discussed has been finally clarified.

Disclosure to third parties – Intercom

In some cases, we pass on a limited part of your data to Intercom, Inc., 98 Battery Street, Suite 402, San Francisco, CA 94111 USA (“Intercom”) for the purpose of customer administration (chat requests as part of customer support, answering customers' questions, etc.).

We use Intercom for additional data analyses, such as obtaining information on the time of registration or user activity as part of customer support. Intercom can also be used as a communications medium, for e-mails or messages within the PhraseApp application. Intercom gathers publicly available information, such as a user's company, job title, website, social network handle and physical addresses, so that we gain a better understanding of our user base. Contact profiles are created in Intercom. To enable that, PhraseApp supplies Intercom with data on the activities of end users and of company accounts, as well as details on the operating system of end users.

Your data are transmitted by Intercom to the USA. Intercom is subject to the EU-US Privacy Shield in order to offer an appropriate level of data protection: https://www.privacyshield.gov/EU-US-Framework.

We do the above to improve our service and be able to deal with your support requests faster and more efficiently. There are legitimate grounds for that under Article 6 (1) sentence 1 f) GDPR. The use of Intercom also helps us improve performance of contracts, so such processing is therefore also legitimate under Article 6 (1) sentence 1 b) GDPR. The use of Intercom is covered by Article 6 (1) sentence 1 a) GDPR provided you have given your consent. You may withdraw your consent at any time with effect for the future. We erase the data collected using cookies if they are no longer required to achieve the above purpose. Retention and storage periods must also be complied with.

More information from Intercom about data protection is available at: https://www.intercom.com/en/terms-and-policies

8. Newsletter

8.1 Mailing of newsletters

You can subscribe to a free newsletter on the PhraseApp website. Our newsletter provides you with information on the PhraseApp software and translation solutions, new possible uses of them, changes to our services, or related services of Dynport for PhraseApp.

The data which you enter when subscribing to the newsletter are transmitted to us. These data are usually:

  • Your e-mail address
  • Optionally other data if you disclose it

We need your e-mail address in order to send you the newsletter and to identify and check that you have given your consent. Any other information you provide is given voluntarily.

We use the double opt-in procedure for subscription to our newsletter. This means that, after you have subscribed, we will send an e-mail to the e-mail address given by you asking you to confirm that you wish to receive the newsletter. We also store your IP addresses and the time of your subscription and confirmation. The purpose of this procedure is to demonstrate that you have subscribed and to clarify any possible misuse of your personal data.

After receiving your confirmation, we store your e-mail address and possibly other data for the purpose of sending the newsletter. This processing is legitimate under Article 6 (1) sentence 1 a) GDPR, since you have consented to receiving the newsletter. We erase your data as soon as you or we have ended the subscription for the newsletter. The subscription process is logged on the basis of our legitimate interests in accordance with Article 6 (1) sentence 1 f) GDPR. Our interests here are to have a user-friendly, secure newsletter system which promotes our business interests, meets users' expectations, and also allows us to document declarations of consent.

You can cancel the newsletter subscription at any time by withdrawing your consent with effect for the future. There is a link in every newsletter sent to you which you can click to automatically unsubscribe. Alternatively, you can send an e-mail to privacy@phraseapp.com or a message to the controller referred to above in this Privacy Policy.

8.2. Transmission of data to third parties

Our newsletter is sent by the e-mail marketing service provider MailChimp, a newsletter mailing platform of the U.S. provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA ("MailChimp“). We use the order processing services of MailChimp.

MailChimp can use the data of the recipients in pseudonymised form, i.e. the data are not assigned to a specific user, to optimise or improve its own services, such as to technically optimise mailing and for the presentation of the newsletters or for statistical purposes. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to transmit the data to third parties.

MailChimp also processes your personal data in the USA and is subject to the EU-US Privacy Shield for this purpose (https://www.privacyshield.gov/EU-US-Framework) and so offers a safeguard that it complies with a European level of data protection.

We use MailChimp on the basis of our legitimate interests in accordance with Article 6 (1) sentence 1 f) GDPR. If you end your subscription or withdraw your consent to receive the newsletter, we instruct MailChimp to erase your data.

You can find MailChimp's Privacy Policy at: https://mailchimp.com/legal/privacy/.

9. Use of cookies

Whenever you use our PhraseApp website different types of cookies are used and stored on your computer in addition to the data referred to above. Cookies are small text files which are stored on your computer or mobile device whenever you visit our PhraseApp website. These cookies send us various types of information.

We use the following types of cookie:

  • Cookies are sometimes necessary for the proper functioning of our website. By setting cookies we can determine, for example, that you have visited our website.
  • Cookies enable us to provide you user-friendlier services which it would simply be impossible to offer without setting cookies.
  • Cookies allow the information and offers on our website to be optimised to meet the needs of the user. As already stated, cookies allow us to recognise you when you return to our website. This in turn enables us to make it easier for you to use our website.
  • Cookies can also be used to analyse the way the website is used. It is then possible, for example, to determine how many users visit the website and what parts of the website could be improved. However, analyses of this kind do not establish any kind of connection between you and the statistics compiled on the basis of the data which are collected. We will inform you if cookies are used to analyse websites.

We use the data collected by cookies for as long as required for the purpose for which they have been collected.

Cookies will be stored on your computer. You can decide whether you want to erase the cookies from your computer at any time. You can change the settings in your browser to determine yourself whether the transmission of cookies from your computer to us should be disabled, restricted or whether the cookies should be completely erased. If you disable all the cookies from our website, you may no longer be able to use all the website functions in full.

The following list provides further information about disabling cookies or managing your cookie settings in the browser which you are using:

  • Safari: http://help.apple.com/safari/mac/8.0/#/sfri11471
  • Google Chrome: https://support.google.com/chrome/answer/95647?hl=en
  • Internet Explorer / Edge: http://windows.microsoft.com/en-GB/windows-vista/Block-or-allow-cookies
  • Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-Webseite-preferences

You can also change your cookie settings on our website. Please refer to our cookie policy.

10. To what extent is website analytics carried out on the PhraseApp website?

10.1. Principles

Dynport performs various types of analyses on the PhraseApp website. The use of the analytical tools is covered by Article 6 (1) sentence 1 a) GDPR where consent is obtained in advance. If you have given your consent you have the right to withdraw your consent at any time.

To the extent that we did not ask for your consent, the use of analytical tools is legitimate as Dynport has a legitimate interest in using the various tools according to Article 6 (1) sentence 1 f) GDPR. However, you have a right to object at any time. We want to get to know you better so we can offer you exactly the service you want. We constantly want to improve our offers and measure the success of our marketing activities. We will only process your data for as long as it is necessary to fulfil the purpose for which they have been collected and if they are not subject to contractual or legal retention obligations.

10.2. Google Analytics

Our PhraseApp website uses Google Analytics, a web analytics service of Google. Google can be reached at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies. The information about the way you use the PhraseApp website created by the cookie is usually sent to and stored on a Google server in the USA. IP address anonymisation is performed on the PhraseApp website so that your IP address is truncated beforehand by Google within Member States of the European Union or in other countries which are parties to the agreement on the European Economic Area ("EEA"). Only in exceptional cases is the full IP address sent to and only then truncated on a Google server in the USA. Google uses this information on behalf of PhraseApp's website operator to evaluate the way you use our website, to collate reports on website activities and to provide Dynport other services related to website and Internet use. The IP address sent by your browser by Google Analytics is not combined with other data held by Google.

In exceptional cases in which personal data are sent to the USA, Google is subject to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework

We use Google Analytics to analyse the use which is made of our website and to improve it on a regular basis. We will only process your data for as long as is necessary to fulfil the purpose for which they have been collected (in this case for creating and evaluating statistics). The data that we send and that are linked with cookies, user identifiers (e.g. a user ID) or advertising IDs are therefore automatically erased after 38 months. Data whose retention period has ended are erased automatically once a month. You can find more information on the terms of service and data privacy at: https://www.google.com/analytics/terms/us.html.

You can change your browser settings to prevent cookies from being stored; however, you should realise that, in these circumstances, you may find that you are unable to make full use of functions on the website. You can also prevent the data (including your IP address) relating to your use of the website which are captured by the cookie being sent to or processed by Google by downloading and installing the browser plug-in from the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent cookies being set by using an opt-out cookie. Click here if you wish to prevent cookies being set the next time you visit this PhraseApp website: https://tools.google.com/dlpage/gaoptout?hl=en.

10.3. Google Adwords conversion

We use the offering from Google AdWords ("AdWords“), a marketing tool from Google. Google can be reached at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. AdWords is used to attract attention to PhraseApp's offerings by means of advertising (termed "Google AdWords") on external websites. We can thus determine and see how successful the individual promotional measures are in relation to the data for the campaigns. Our interest in doing that is to display advertising that appeals to you. AdWords also enables us to make our PhraseApp website more interesting for you. AdWords allows us to ascertain which campaigns you like. Ultimately, using this tool enables us to achieve fair charging for advertising and so use it as cost-effectively as possible.

The advertising is delivered by means of ad servers. As part of that, Google uses ad server cookies which allow the success of advertising to be measured on the basis of specific parameters, such as how often they are displayed or clicked on by users. If you access our website after clicking on a Google ad, AdWords stores a cookie on your PC. This cookie usually becomes invalid after 30 days and is not used as a means of identifying you personally. The following are usually stored and analysed with this cookie:

  • The unique cookie ID
  • The number of ad impressions per placement (frequency)
  • The last impression (relevant for post-view conversions), and
  • The opt-out information (indication that the user no longer wishes to be addressed).

This cookie allows Google to identify your location and recognise your web browser. If users only visit certain pages of an AdWords customer's website and the cookie stored on their computer has not expired, Google and the customer can see that the users have clicked on the ad and have been forwarded to that page. A different cookie is assigned to each AdWords customer. That means cookies cannot be traced back by means of the websites of AdWords customers. If you have registered with a Google service, Google can assign information gathered from you to your account. Even if you have not registered with Google or are not logged in, Google may be able to find out and store your IP address. We ourselves do not collect or process personal data as part of these advertising measures. Google merely provides us with statistical analyses.

You can prevent your participation in this tracking method by

  • making the appropriate setting in your browser software. If you suppress third-party cookies, that means in particular that you will no longer receive any ads from third-party providers.
  • by disabling the cookies responsible for conversion tracking. To do that, set your browser so that cookies from the domain "www.googleadservices.com" are blocked. You can make this setting at: https://www.google.de/settings/ads. If you delete your cookies, this setting is deleted.
  • disabling cookies permanently in your Firefox, Internet Explorer or Google Chrome browser under the link http://www.google.com/settings/ads/plugin. You should realise that, in these circumstances, you may find that you are unable to make full use of functions on the PhraseApp website.

Google may transfer your data to the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.

We store the data collected by Google for 18 months.

More information from Google about data protection is available at: http://www.google.com/intl/en/policies/privacy and https://services.google.com/sitestats/en.html.

10.4. DoubleClick

The PhraseApp website uses DoubleClick by Google, an online marketing tool from Google. Google can be reached at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("DoubleClick“). DoubleClick uses cookies to place ads of relevance to users, improve reports on campaigns' performance, or to avoid users seeing the same ad several times. Google uses a Cookie ID to record which ads are placed in which browser and so can prevent them being displayed multiple times. In addition, DoubleClick can record conversions relating to ad requests with the aid of cookie IDs. That is the case when, for example, a user sees a DoubleClick ad and later calls the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal information.

As a result of the marketing tool used, your browser automatically establishes a direct connection to the Google server. Integration of DoubleClick means that Google is notified that you have called the part of our PhraseApp website in question or have clicked on an ad from us. If you have registered with a Google service, Google can assign your visit to your account. Even if you have not registered with Google or are not logged in, Google may be able to find out and store your IP address.

You can prevent your participation in this tracking method by

  • making the appropriate setting in your browser software. If you suppress third-party cookies, that means in particular that you will no longer receive any ads from third-party providers.
  • disabling the cookies responsible for DoubleClick. To do that, set your browser so that cookies from the domain are blocked. You can make this setting at: https://www.google.de/settings/ads. If you delete your cookies, this setting is deleted.
  • disabling cookies permanently in your Firefox, Internet Explorer or Google Chrome browser under the link http://www.google.com/settings/ads/plugin. You should realise that, in these circumstances, you may find that you are unable to make full use of functions on the PhraseApp website.

Google transfers your data to servers in the USA. Google is subject to the EU-US Privacy Shield for that purpose: https://www.privacyshield.gov/EU-US-Framework.

The cookie is deleted after 2 years.

You can find more information on DoubleClick by Google at https://www.doubleclickbygoogle.com und http://support.google.com/adsense/answer/2839090.

More information from Google about data protection in general is available at: https://www.google.com/intl/policies/privacy.

10.5. AdRoll

We use the services of AdRoll Advertising Limited, Level 6, 1, Burlington Plaza, Burlington Road, Dublin 4, Ireland ("AdRoll”) to optimise the display of advertising for visitors.

Our PhraseApp website uses the retargeting and prospecting functions from AdRoll. AdRoll displays advertising campaigns based on your browsing behaviour in the Internet. That means that, after you visit the PhraseApp website, ads for PhraseApp may also be displayed on other third-party sites.

When you visit the PhraseApp website, a cookie is placed in your device's browser by AdRoll (please refer to our comments on cookies above). AdRoll uses the data it stores to selectively display PhraseApp advertising based on your previous online behaviour.

AdRoll records the following types of information and uses them for the purposes explained below:

  • Your activity on our website, such as your surfing behaviour, when you called which site, and what articles you placed in your online shopping cart
  • Device and browser information, such as your device's IP address, cookie string data and (in the case of mobile devices) your device type and your device's unique identifier (such as the Apple IDFA or Android Advertising ID)
  • Your location
  • Data about the online ads served to you, such as where and how many times an ad has been served to you and whether you interacted with it
  • Data from digital advertising partners, such as pseudonymous advertiser identifiers, your "customer ID" or an identifier associated with a not-readable version of your e-mail address
  • AdRoll uses this information to help its advertisers tailor their ads so that they are more relevant for you personally. AdRoll also uses these data to operate, improve and enhance its own services.

In some circumstances, AdRoll may also transfer the information to countries outside the EEA. AdRoll will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If AdRoll sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer if this is necessary.

You can prevent storage of cookies for displaying relevant ads by changing your browsing settings (opt-out). You can also prevent the data created by the cookies and relating to your use of the websites, as well as prevent processing of these data by AdRoll, by disabling the AdRoll cookies as follows:

Please note that, if you delete the cookies on your device, you will need to opt out again the next time you use it. If you use multiple browsers or devices you will need to execute this opt out on each browser or device.

More information from AdRoll about data protection is available at https://www.adroll.com/about/privacy.

10.6. HubSpot

Dynport uses HubSpot, a product from HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, United States ("HubSpot“) so as to tailor communication with visitors and users of the PhraseApp website. We have an interest in analysing your use of our PhraseApp website so that we can keep on improving it and making it more attractive. The cookies collect data on how visitors use our PhraseApp website. These data are included in analyses and help us to improve our PhraseApp website. The cookies collect anonymised data, such as the number of visitors to the PhraseApp website, how they reached the PhraseApp website, and which websites they previously visited. If visitors to the PhraseApp website actually become a customer of Dynport, we use the data collected by HubSpot so as to be able to recognise them when they next visit the site and so directly offer them the service they wish whenever they visit the PhraseApp website. HubSpot is therefore also used to optimise the care and support we give customers.

HubSpot stores your data in the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.

HubSpot places persistent cookies, which are not deleted as soon as you end your visit to our PhraseApp website. If you do not become a customer after visiting the PhraseApp website, we delete a cookie 2 years after your last activity on PhraseApp.com. However, if you are a PhraseApp customer, the cookies are retained and are deleted 2 years after your business relationship with PhraseApp ends.

You can find more information on the HubSpot cookies in the HubSpot Privacy Policy: https://legal.hubspot.com/privacy-policy.

10.7. Hotjar

The PhraseApp website uses the Hotjar analytics service of Hotjar Ltd. Hotjar, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta (“Hotjar”) to improve its user-friendliness and the customer experience.

That permits tracking of the various ways in which visitors interact with the PhraseApp website so that it can then be optimised for the user. Hotjar also enables visitors to give feedback on the website's content: A small window is opened on pages of the PhraseApp blog and users are asked for their feedback on the blog article in question. Users can ignore this window or choose one of two response options and then leave a personal comment in a free-text field, which is then processed along with the response by Hotjar on behalf of Dynport. In some circumstances, Hotjar may also record your mouse clicks, mouse movements and scrolling. Keyboard strokes on PhraseApp's websites may also be recorded. However, the recordings are not carried out in a personalised manner and so remain anonymous. Hotjar uses a tracking cookie to collect and transfer your data. During your visit to a PhraseApp website, the tracking cookie automatically collects your activity data and stores them on the Hotjar servers. The Hotjar servers are located exclusively in Ireland.

If you wish to object to collection of your data by Hotjar (opt-out), please click here: https://www.hotjar.com/opt-out.

The purpose of data processing by Hotjar is to optimise the PhraseApp website offering. We erase the data collected using cookies if they are no longer required to achieve the above purpose. The cookie itself is deleted after 12 months.

More information from Hotjar about data protection is available at: https://www.hotjar.com/legal/policies/privacy.

10.8. Mixpanel

We use the tracking tool Mixpanel, a web analytics service from the provider Mixpanel Inc., 405 Howard St, Floor 2, San Francisco, CA 94105, USA ("Mixpanel“), to understand how our customers use our applications and to keep on improving them. The Mixpanel service is used to analyse the PhraseApp website by customers at the feature level. Mixpanel is used to gather information on which features of the PhraseApp website are used by customers and to what extent. Such an analysis offers a means to control planning as part of product development, since it enables the specific demand for features to be taken into account. The results of an analysis are therefore directly incorporated in the further development of the platform.

Mixpanel collects and stores usage data in pseudonymous profiles. The pseudonymous user profiles are not collated with personal data of the person associated with the pseudonym. We use Mixpanel cookies for our products in order to record your browser type, operating system, language settings, the search terms you enter and your IP address. Dynport receives your IP address from Mixpanel in an anonymised form only in order to ensure your privacy is protected.

Mixpanel stores the data it collects in the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.

You can object to collection and storage of your data for the purpose of web analysis at any time with effect for the future by disabling the Mixpanel cookie by clicking on "Yes, I would like to opt out" on the website: https://mixpanel.com/optout/. Please note that this means an opt-out cookie is placed on your device. You should therefore not delete this opt-out cookie. If you do not wish to consent to your data being collected in this way, we also ask you to read our instructions on disabling cookies in the section "Use of cookies".

More information about Mixpanel's privacy policy is available here: https://mixpanel.com/terms.

10.9. AskNicely

The PhraseApp website uses AskNicely, a product from AskNicely Limited, Lvl 1, 63 Ponsonby Rd, Ponsonby 1011, Auckland, New Zealand ("AskNicely“), for technical recording of customer and user feedback. When feedback functions are used, a connection to AskNicely's IT systems is established and the entered data are stored there. AskNicely is used to automatically send survey request e-mails in order to obtain ratings and other feedback from customers. To enable that, AskNicely is provided with us with customer information such as your name, e-mail address and customer number. When customers reply to such a request, information such as their e-mail address is used to contact them and, for example, to reply to a rating or feedback. The feedback and data provided are not published, but are used solely to improve the PhraseApp website.

If users do not wish to give any feedback, they can click on the unsubscribe button located at the bottom of the e-mail that they received. If users specify an existing Facebook or Google account when they log on to feedback functions, a connection to the Facebook server or the Google or Google mail server is established and the data required for identification are exchanged. If the user is logged on to Facebook as a member, Facebook assigns this information to the user's personal Facebook account. That can only be prevented if the user logs out of Facebook before using the feedback function. The same applies to Google.

Dynport has a legitimate interest in obtaining feedback from customers in order to be able to tailor and improve its product range.

AskNicely will store your data on servers in New Zealand. According to the EU Commission, New Zealand is a third country that offers an appropriate level of data protection commensurate to that under EU data protection law. AskNicely is also subject to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TNQvAAO.

More information from AskNicely about data protection is available at https://www.asknicely.com/privacy and http://help.asknice.ly/frequently-asked-questions/asknicely-and-the-general-data-protection-regulation-gdpr.

10.10. Jetpack from Wordpress

The PhraseApp website uses the plug-in Jetpack from Wordpress ("Jetpack“), , a tool for statistical analysis of access by visitors to our PhraseApp blog, from Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA (“Automattic”), which uses the tracking technology from Quantcast Inc., 201 3rd St, Floor 2, San Francisco, CA 94103-3153, USA. The purpose of Jetpack is to analyse the number of visitors to the PhraseApp blog, create anonymised, aggregate access statistics, and to enable technical support for the search function in the blog (Elasticsearch) and SEO support. Whenever a data subject calls one of the individual pages on the PhraseApp website which is operated by Dynport and on which a Jetpack component has been integrated, the web browser on the data subject's information technology system is automatically prompted by the Jetpack component to transmit data to Automattic for the purpose of analysis.

These data are primarily:

  • Your IP address
  • Your location
  • Your usage behaviour (page views and clicks)

You can change your browser settings to prevent cookies from being installed; however, you should realise that, in these circumstances, you may find that you are unable to make full use of functions on this PhraseApp website. You can object to collection and use of your data by Jetpack with effect for the future by clicking on the link http://www.quantcast.com/opt-out, which places an opt-out cookie in your browser. If you delete all the cookies on your computer, you have to set the opt-out cookie again.

The information on use of the PhraseApp website created by the cookies is stored on a server in the USA. The processed data can be used to create user profiles. Jetpack is subject to the EU-US Privacy Shield for this purpose and so offers a safeguard that it complies with European data protection law: https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active.

We have a legitimate interest in using it to constantly analyse and optimise our PhraseApp website and use it cost-effectively.We erase your data as soon as they are no longer needed for optimising the contract and processes and if they are no longer subject to contractual or legal retention obligations.

More information from Jetpack about data protection is available in the Automattic Privacy Policy (https://automattic.com/privacy/) and other statements by Jetpack on privacy: https://jetpack.com/support/privacy/ and on Jetpack cookies: https://jetpack.com/support/cookies/.

10.11. Zapier

Zapier is a service from Zapier Inc., 243 Buena Vista Avenue, Suite 508, Sunnyvale, CA 94086, USA ("Zapier“). . Zapier enables us to integrate the services of various applications used by PhraseApp in one application and to automate workflows in it. Payment data are not transmitted. Dynport has a legitimate interest in using Zapier, since Zapier is used to automate workflows from various services and to optimise processes.

Zapier stores your data in the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.

More information from Zapier about data protection is available at: https://zapier.com/privacy/ and at: https://zapier.com/privacy/ sowie hier: https://zapier.com/help/gdpr/.

10.12. Cloudflare

PhraseApp uses Cloudflare, a cookie technology from Cloudfare Inc., 101 Townsend St, San Francisco, CA 94107 ("Cloudflare“), to identify individual website visitors who operate behind a shared IP address. Cloudflare enables a visitor to be identified and security settings to be applied on a per-client basis. Among other things, Cloudflare can collect your IP address, your system settings and other information on your user behaviour, as well as the log files collected by Dynport. Cloudflare also uses these data to improve its own services, for example.

Dynport has a legitimate interest in using it, since identifying individual users behind a shared IP address is necessary for security purposes.

Cloudflare transfers your data to servers in the USA and is subject to the EU-US Privacy Shield for this purpose, so as to ensure a standard of data protection equal to that in the EU: https://www.privacyshield.gov/EU-US-Framework.

More information about Cloudflare's privacy policy is available here: https://www.cloudflare.com/privacypolicy/.

10.13. Facebook Conversion Pixel

We use the "Facebook conversion pixel" from Facebook. The Facebook conversion pixel is used by Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA ("Facebook“). The Facebook conversion pixel is not visible to normal visitors to our website. The Facebook conversion pixel is implemented in the AdRoll Smart Pixel and, after being created on the Facebook site, is then added to our PhraseApp website, on which the conversions are carried out.

By measuring conversion, we are able to track – across all devices – what actions people take after seeing our ads on Facebook. That gives us insights into who responds to our ads and what they do after clicking on an ad. The Facebook conversion pixel tracks user behaviour. We then obtain measurements as to the success of our ads and so can adjust our marketing measures to reflect that.

After you have consented to use of the Facebook conversion pixel by opting in, a connection is established between your web browser and the Facebook servers as soon as you visit the PhraseApp website. Facebook receives and stores data (including the IP address and conversions). This enables Facebook to recognise the PhraseApp website subpage you have accessed. The corresponding information is then sent to Facebook in the USA, where it is stored. If you are logged into Facebook at the same time, the transmitted data may be assigned to your Facebook account and linked to the data of that account. Facebook may use the data it collects on your user behaviour to place personalised advertising in your Facebook news feed. We point out that it is also possible for Facebook to collect your data even if you do not have a Facebook account.

Facebook may share your information internally within its company group or with third parties. Information which is collected within the EEA may thus be transmitted to countries outside the EEA for the purposes described in this Privacy Policy. Facebook states that it uses standard contractual clauses which have been approved by the European Commission, takes other measures in compliance with EU law and obtains your consent to legitimate the transmission of data from the EEA to the USA and other countries.

An overview of all Facebook plug-ins is available at: https://developers.facebook.com/docs/Plugins/?locale=en_US.

If you no longer want us to track your user behaviour using the Facebook conversion pixel, you can opt out using the cookie settings.

The type, scope, purposes and processing of the data by Facebook and the rights and settings options for the protection of the user's privacy are detailed in Facebook's data privacy statement (https://www.facebook.com/about/privacy).

10.14. Twitter

We use the Twitter tracking pixel of Twitter Inc., 1355 Market Street Suite 900 San Francisco, CA 94103 ("Twitter”). It is used to recognise visitors who access the PhraseApp website from ads on Twitter. Cookies are used by Twitter as part of that.

Twitter collects data such as:

  • The searches you conduct
  • The content you click on
  • The date and time of your visit
  • Your browser type and language setting
  • Information on the device you use
  • Your IP address
  • Your location
  • The website you visited before and visit after Twitter

Twitter transfers your data to servers in the USA.

More information about Twitter's privacy policy is available here: https://twitter.com/en/privacyhttps://twitter.com/privacy.

10.15. Quora

We use the Quora tracking pixel from Quora Inc., 650 Castro Street, Suite 450, Mountain View, CA 94041, USA („Quora“). It is used to recognise visitors who access the PhraseApp website from content marketing on the Quora.com website. Cookies are used by Quora as part of that.

Quora collects data such as:

  • The searches you conduct
  • The content you click on
  • The date and time of your visit
  • Your browser type and language setting
  • Information on the device you use
  • Your IP address
  • Your location
  • The website you visited before and visit after Quora

Quora transfers your data to servers in the USA.

More information about Quora's privacy policy is available here: https://www.quora.com/about/privacy.

10.16. Bugsnag

We use the Bugsnag service from Bugsnag Inc. 939 Harrison St, San Francisco, CA 94107, USA ("Bugsnag“). This service enables us to quickly identify bugs in the PhraseApp software which have led to a disruption or crash and so to improve our offering. If a bug arises,

  • The IP address you used to call the website (in anonymised form)
  • The status of your device and its storage capacities
  • Your device type
  • The software you use
  • The data on your settings and details on the component of the PhraseApp software where the bug occurred
  • The data integrated there

are sent to Bugsnag – depending on the severity of the bug – so that the bug can be analysed.

In some circumstances, Bugsnag may also transfer the information to countries outside the EEA. Bugsnag will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If Bugsnag sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer if this is necessary. Bugsnag participates in the EU-US Privacy Shield Framework.

Dynport has a legitimate interest in using Bugsnag since it enables PhraseApp to identify and remedy bugs as efficiently as possible.

10.17. Bitbucket

We offer the synchronization of your PhraseApp account with Bitbucket („Bitbucket”) for you as an optional PhraseApp service. Bitbucket is a software for a collaborative versioning management offered by Atlassian Inc., 341 George Street, Sydney, NSW 2000, Australia.

The synchronization between PhraseApp and Bitbucket’s versioning management enables users to export localization files from the versioning management software into their PhraseApp accounts. After being processed in PhraseApp, these localization files can be imported automatically into Bitbucket’s versioning management.

Under your activated synchronisation of Bitbucket and PhraseApp and localization files being imported from PhraseApp into Bitbucket PhraseApp will create an alias consisting of your personal data and pass these on to Bitbucket. In order to create this alias we process:

  • your account name
  • your email address

Bitbucket will ask for this alias as soon as the import of localization files in to Bitbucket’s versioning management is initiated. A pull request assigned with the related alias will be created in the synchronized Bitbucket account in order to match all changes that have been made using the PhraseApp services with those changes made in the synchronized Bitbucket account.

We do the above in order to improve our services and the PhraseApp usability. There are legitimate grounds for that under Article 6 (1) sentence 1 f) GDPR. If you have activated the synchronisation of PhraseApp and Bitbucket in your PhraseApp account also helpus us to improve performance of contracts, so such processing is therefore also legitimate under Article 6 (1) sentence 1 b) GDPR.

In some circumstances, Bitbucket may also transfer the information to countries outside the EEA. Bitbucket will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained.

11. Social Media plug-ins

11.1. Principles

We currently use the following social media share buttons ("plug-ins“). Among other things, this enables you to share content directly from our website in your social media profile.

If you publish data when interacting with our website via social media sites, plug-ins or other applications, that data may be publicly available and we may also be able to see it, depending on your data privacy settings in the Internet. You can control which data you wish to release by altering the data privacy settings which are available on most social media platforms. More information about how you can change your data privacy settings and how external social media sites handle your personal identifiable data is provided in the help texts on data privacy, the privacy policies and terms of service.

We process your data to enable you to share our contents in social networks.

The processing of data via social media plug-ins is legitimate under Article 6 (1) sentence 1 a) GDPR. You may withdraw your consent at any time with effect for the future. In this case, data are also processed to enhance publicity for PhraseApp, which constitutes an overriding interest, and such processing is legitimate under Article 6 (1) sentence 1 f) GDPR.

We erase your data as soon as they are no longer required for the stated purpose and if they are not subject to contractual or legal retention obligations.

11.2. DISQUS

We use the DISQUS commenting system from DISQUS, Inc., 301 Howard St, Floor 3 San Francisco, California-94105, USA ("DISQUS“). DISQUS allows you to log on either using your own DISQUS user account or existing Facebook, Twitter and Google Plus user accounts. If you have logged on to the DISQUS function on our PhraseApp website using your social media accounts, the providers of those services will also collect and process information on your use of the DISQUS functions. Please take note of the privacy policies of the respective provider. You can also leave comments as a guest, but then some of the functions are not available.

DISQUS transmits the e-mail address of users, and the IP address used when a comment was entered, to Dynport. We need this information solely for contacting you in connection with your use of DISQUS, for example if we have to get back to you with questions on a user comment. This information is not transmitted to third parties without authorisation.

If users write a comment on a website on which DISQUS is integrated, the comment and their user data are transferred to the DISQUS in the USA. DISQUS is subject to the EU-US Privacy Shield for this purpose (https://www.privacyshield.gov/EU-US-Framework) and so offers a safeguard that it complies with a European level of data protection.

We erase your data if they are no longer required for the above purpose.

You can find the DISQUS Privacy Policy here: : https://help.disqus.com/terms-and-policies/disqus-privacy-policy

11.3. vimeo

We use the provider vimeo, which is run by Vimeo LLC, 555 West 18th Street, New York, New York 10011 („vimeo“), to integrate videos in the PhraseApp website.

When you call videos using vimeo on our PhraseApp website, a connection to the vimeo servers in the USA is established. Certain information is transferred to vimeo as part of that. It may include:

  • Your IP address
  • Your browser information, such as language settings
  • Information on vimeo cookies that have already been placed
  • Information on the website from which you call vimeo's site and which you visit after watching a video on vimeo.

vimeo stores cookies on your device, in particular the Google Analytics tracker (see section 10.2 of this Privacy Policy). This is tracking conducted by vimeo's itself and we have no control over it. You can prevent tracking by Google Analytics by using the deactivation tool Google offers for some web browsers. You can also prevent the data (including your IP address) created by Google Analytics and relating to your use of the website being recorded or processed by Google by downloading and installing the browser plug-in from the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

vimeo also allows you to use certain other functions, such as rating or sharing videos. These functions are offered solely by vimeo and the respective third-party providers and you should carefully read their privacy policies before using the functions. Dynport does not obtain any knowledge of the data collected by vimeo or the third-party providers and has no influence on how they are used. Information about which of our web pages you have visited is passed on to the vimeo server. If you are logged on to vimeo as a member, vimeo assigns this information to your personal account. When you use the plug-in, such as by clicking on the Start button of a video, this information is likewise assigned to your user account. You can prevent that by logging off from your vimeo user account and deleting the vimeo cookies before you use our website.

vimeo transfers your data to the USA.

vimeo may pass on your data to third parties. These are, for example, affiliated undertakings, business partners and advertising partners, who in turn use tracking technologies on the vimeo website.

There is a legitimate interest on the part of Dynport, as we wish to give a better understanding of PhraseApp's functions with the aid of integrated videos.

You can find more information on data processing by and the privacy policy of vimeo at https://vimeo.com/privacy.

12. Use of Google Maps

The PhraseApp website uses Google Maps API, a map service from Google Inc. (“Google”). Google can be reached at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. This enables us to display interactive maps directly on the website and makes it easy for you to use the map functions.

When you visit the PhraseApp website Google receives the information that you have accessed the corresponding subpage of our website. The following data are also sent to Google:

  • Your IP address
  • The date and time of your enquiry
  • The difference in time between your time zone and Greenwich Mean Time (GMT)
  • The content of the request (specific page)
  • Access status /HTTP status code
  • The amount of data transmitted
  • Website from which the request originates
  • Your browser type
  • The operating system you are using and its user interface
  • The language and version of your browser software

This is done regardless of whether Google has provided a user account for you to log in with or whether you don't have a user account. If you have logged in through Google, your data are assigned directly to your account. You must log out before activating the button if you do not wish Google to identify you with your profile. Google stores your data as user profiles and uses them for advertising, market research and/or web design purposes. Any such use is made in particular (including for users who are not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You are entitled to object to the creation of this user profile: this right must be asserted against Google directly.

It is simple to disable the Google maps service and so prevent data being transferred to Google by disabling JavaScript in your browser. However, we do point out that you will then no longer be able to use the map display function and the function of our website may be impaired.

Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.

The use of Google Maps is legitimate under Article 6 (1) sentence 1 a) GDPR provided you have given your consent. You may withdraw your consent at any time with effect for the future. The use of Google Maps API is legitimate under Article 6 (1) sentence 1 f) GDPR as processing is necessary for the purposes of the legitimate interests pursued by Dynport. We use Google Maps API to be able to offer you a map function. We will only process your data for as long as is necessary to fulfil the purpose for which they have been collected.

More information about the purpose and scope of data collection and the processing of such data by Google is provided in Google's privacy policy. This policy also provides more information about your rights and the settings which enable you to protect your privacy: https://policies.google.com/privacy?hl=en.

13. Disclosure of data to third parties

13.1. Principles

As a rule, we will only pass on your personal data in compliance with the applicable data protection laws to service providers, business partners, affiliated undertakings and other third parties.

We may disclose personal data to service providers working on our behalf and require them to perform services in our name (order processing). These service providers may be affiliated undertakings of Dynport or external service providers. In this context we comply with stringent national and European data protection regulations. These service providers are bound by our instructions and are subject to stringent contractual limitations on the processing of personal data. Accordingly, data may only be processed if this is necessary for the performance of services in our name or in order to comply with legal requirements. We stipulate precisely and in advance the rights and obligations of our service providers in relation to personal data.

We may disclose personal data to a third party if we are required to do so by law or in legal proceedings or in order to supply and manage our products and services. We may also be required to provide information to law enforcement agencies or other public authorities. We are also authorised to release data if the disclosure of information is necessary for the purposes of collaboration and thus of providing Dynport services to you or if you declare your consent to such disclosure. Disclosure can also rarely be avoided in the course of tax audits.

13.2. Web hosting

Our PhraseApp website and thus your data are hosted in Ireland by Amazon Web Services Inc., 410 Terry Avenue North, Seattle WA 98109, United States (in the following referred to as "Amazon“). Amazon darf auf die Daten nur im Rahmen unserer Weisungen zugreifen (Auftragsverarbeitung). Amazon may only use the data in accordance with our instructions (order processing). Amazon also adopts stringent technical measures to protect your personal data. Amazon does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if Amazon is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data provided for this purpose are kept to a minimum.

In some circumstances, Amazon may also store the information in countries outside the European Economic Area. Amazon will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If Amazon sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer if this is necessary. Amazon participates in the EU-US Privacy Shield Framework.

The processing of your data is legitimate under Article 6 (1) sentence 1 f) GDPR. The purpose of processing data is that Amazon enables us to use Amazon servers. We only store the data for as long as is necessary to achieve this purpose.

More information from Amazon about data protection is available at: https://aws.amazon.com/compliance/eu-data-protection/?nc1=f_ls.

13.3. Stripe

You can use our PhraseApp services to post payments. Where necessary to perform a contract, data are also transmitted to our payment service providers or the bank tasked with handling payment. The data are kept to the minimum necessary for the purpose for handling the contract.

If payment is made by credit card, that is handled by the payment service provider Stripe Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA ("Stripe“). Stripe may only use the data in accordance with our instructions (order processing). Stripe also adopts stringent technical measures to protect your personal data. Stripe does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if Stripe is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data provided for this purpose are kept to a minimum.

In some circumstances, Stripe may also store the information in countries outside the EEA, such as in the USA. Stripe will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If Stripe sends your data to the USA, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer if this is necessary. Stripe participates in the EU-US Privacy Shield Framework.

The processing of your data is legitimate under Article 6 (1) sentence 1 b) GDPR. The purpose for which the data are processed is for Stripe to handle payment services for Dynport if you wish to use PhraseApp. We erase your data if they are no longer needed for performing the contract and if they are not subject to contractual or legal retention obligations.

More information from Stripe about data protection is available at https://stripe.com/us/privacy.

14. Security standards

Dynport has implemented appropriate physical, technical and administrative security standards to protect personal data against loss, misuse, modification or destruction. Our service providers and associated undertakings are contractually committed to safeguarding the confidentiality of personal data. They are also prohibited from using data for purposes not approved by us.

15. Changes to this policy

We may update this Privacy Policy from time to time. We therefore recommend that you regularly read this Privacy Policy to ensure that you are familiar with our data protection practice. This Privacy Policy was last updated on June 7th 2018.