Privacy Policy

§ 1 Information about the collection of personal data

1.1 In the following we inform about the collection of personal data when using our website. Personal data are all data that are personally identifying you, e.g. name, address, e-mail addresses, identification number or an online identifier.

1.2 The person responsible according to Art. 4 para. 7 GDPR is Unsigned Integer UG (haftungsbeschränkt), Kottbusser Damm 79, 10967 Berlin, support@decksetapp.com.

1.3 When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, if applicable your name and your telephone number) will be stored by us in order to answer your questions. We delete the data arising in this context after the storage is no longer necessary, or limit the processing if statutory retention obligations exist.

1.4 If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We also specify the defined criteria for the storage period.

§ 2 Your rights

2.1 You have the following rights towards us with regard to personal data concerning you:

2.2 You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.

§ 3 Collection of personal data when you visit our website

3.1 When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you (legal basis is Art. 6 para. 1 point b GDPR):

Log file information is deleted immediately after the requested website content has been submitted. stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.

3.2 In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk in the browser you use and through which certain information flows to us. Cookies cannot run programs or transmit viruses to your computer. They serve to make our website more user-friendly and effective.

3.3 Use of Cookies:

a) This website uses the following types of cookies, the scope and functionality of which are explained below:

b) Temporary cookies are automatically deleted when you close the browser. This includes in particular the session cookies. These store a so-called session ID, with which different requests of your browser can be assigned to one session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.

d) You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. Please note that you may not be able to use all functions of this website. If you have the “Do Not Track” feature enabled in your browser, we of course will respect that.

§ 4 Further functions and services of our website

4.1 In addition to the purely informational use of our website, we offer various services that you can use if you are interested. As a rule, you must provide further personal data, which we use to provide the respective service and to which the aforementioned data processing principles apply.

4.2 In some cases we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked.

4.3 Furthermore, we may pass on your personal data to third parties if we offer competitions, contracts or similar services together with partners. You will find more information, when you provide your personal data or in the description of the service below.

4.4 If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.

§ 5 Right to object and withdrawal of consent

5.1 If you have given your consent to the processing of your data, you can withdraw this consent at any time. Such a withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

5.2 If we base the processing of your personal data on the weighing of interests, you may object to the processing. This is in particular the case if processing is not necessary to fulfil a contract with you, which is described by us in the following description of the services. When exercising such objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling reasons worthy of protection, on the basis of which we will continue processing.

§ 6 Special services implemented on our website

6.1 Hosting

6.1.1 The website is hosted and delivered by Amazon Web Services, Inc. (AWS), 410 Terry Avenue North, Seattle WA 98109, United States. AWS is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4). Further information can be found in the AWS data policy: https://aws.amazon.com/privacy/?nc1=h_ls

6.1.2 A CDN is a service with the help of which contents of our online offer, in particular large media files, such as graphics or scripts, are delivered faster with the help of regionally distributed servers connected via the internet. The processing of user data is carried out solely for the aforementioned purposes and to maintain the security and functionality of the CDN.

6.1.3 The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our online offer in accordance with Art. 6 para. 1 point f GDPR.

6.2 Google Analytics

6.2.1 This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with further services associated with website and internet use.

6.2.2 Google Analytics is integrated with Google Tag Manager, a solution with which we can manage so-called website tags via an interface (and thus integrate Google Analytics and other Google services into our online service). The Tag Manager itself does not process any personal data of the users. With regard to the processing of users’ personal data, reference is made to the following information on the Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.

6.2.3 We use Google Analytics in the “Universal Analytics” mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user’s activities across devices.

6.2.4 The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

6.2.5 You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

6.2.6 This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in abbreviated form, so that a personal relationship can be ruled out. As far as the data collected about you is personal, it will be excluded immediately and the personal data will be deleted immediately.

6.2.7 We use Google Analytics to analyse and regularly improve the use of our website. We can improve our web service and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI). The legal basis for the use of Google Analytics is Art. 6 Par. 1 point f GDPR.

6.2.8 Third Party Information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

– User conditions: http://www.google.com/analytics/terms/de.html – Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html – Privacy Policy: http://www.google.de/intl/de/policies/privacy

6.2.7 Users’ personal data will be deleted or made anonymous after 14 months.

6.3 Twitter

6.3.1 We use the Twitter widget offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO). Twitter stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation takes place in particular (even for not logged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Twitter to exercise this right: https://twitter.com/personalization Find their privacy policy here: https://twitter.com/de/privacy

6.3.2 Twitter is a short message service. Such messages can be combined with various content such as pictures, videos etc. We use Twitter widgets to display selected tweets from real customers, serving as testimonials for Deckset.

6.3.3 The use is based on our legitimate interests, i.e. interest in showing real opinions of users about Deckset in order to give them an authentic impression. Legal basis is Art. 6 para. 1 point f GDPR.

6.4 Paddle

6.4.1 We use the services of Paddle.com Market Ltd, 15 Bermondsey Sq, London SE1 3UN, United Kingdom. You can find Paddle’s privacy policy at https://paddle.com/privacy-buyers/.

6.4.2 Paddle acts as a merchant of record, which means: When purchasing a Deckset license, you enter into an agreement with Paddle directly. As a consequence, Paddle collects your data autonomously.

6.4.3 Paddle collects buyer data during its checkout process for payment processing and order fulfilment purposes. These include name, location, contact details, and billing information. Legal basis is Art. 6 para 1 point b GDPR.

6.4.4 We have also implemented Paddle into our software, in order to i) verify the validity of your license and ii) to gain aggregated insights in your use of the application made available by Paddle. These insights consist of user usage of software, end user names, emails and sales data. i) The use for verification purposes is based on your existing contractual relation with Paddle and Paddle’s and our legitimate interest to validate your license. Legal basis are Art. 6 para. 1 point b and f GDPR. Our legitimate interest is fraud prevention. ii) Legal basis for processing the insights is Art. 6 para. 1 point f GDPR. Our legitimate interest is troubleshooting and to steadily improve Deckset, e.g. assess whether to drop support for an older version of macOS or which functions are popular and worth to be developed etc.

6.5 Imgix

6.4.1 We use Imgix, a service of Zebrafish Labs Inc., 423 Tehama St., San Francisco CA 94103, USA. Zebrafish Labs Inc. has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law. You can find their Privacy Policy at https://www.imgix.com/privacy.

6.4.2 Imgix helps us to optimize images specific to the context in order to display quickly and with high quality.

6.4.3 The use is based on our legitimate interest to improve your website experience. Legal basis is Art. 6 para. 1 point f GDPR.

6.6 Airtable

6.6.1 We use Airtable, a service by Formagrid, Inc., 799 Market St, Floor 8, San Francisco, CA 94103, USA. We have signed a Data Processing Addendum. In order to legitimate the processing of personal data in the USA, we have concluded EU Standard Contractual Clauses. You can find their Privacy Policy at https://airtable.com/privacy.

6.6.2 We use Airtable on the “Apply for an educational discount” (https://www.deckset.com/edu/) and “Request your free upgrade” (https://www.deckset.com/upgrade/) pages, in order to operate the forms to be found there.

6.6.3 The implementation is based on our legitimate interest to assess, whether you are eligible for an educational discount respectively free upgrade. Legal basis is Art. 6 para. 1 point f GDPR.

6.7 GSuite

6.7.1 We use GSuite, a service by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. We have signed a Data Processing Addendum, in order to legitimate transfers of personal data to Google Ireland Ltd. https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

6.7.2 We use GSuite as our email hosting service. The GSuite inbox for the email address support@decksetapp.com is synchronized with FrontApp.

6.7.3 The use is based on our legitimate interest to be able to communicate with our clients and other third parties via mail. Legal basis is Art. 6 para. 1 point f GDPR.

6.8 FrontApp

6.8.1 We use FrontApp, a service by FrontApp, Inc., 525 Brannan St, 300, San Francisco, CA 94107, USA. We have signed a Data Processing Addendum, in order to legitimate transfers of personal data to FrontApp, Inc. FrontApp has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TOmXAAW). FrontApp, Inc. may submit personal data to FrontApp SARL, 15 rue Gambetta, 91120 Palaiseau, France, for internal administrative purposes. You can find their Privacy Policy at https://frontapp.com/privacy-policy.

6.8.2 We use FrontApp, a shared inbox for teams as our helpdesk software. All support requests to support@decksetapp.com are forwarded to FrontApp. It helps us to keep the overview of all your support requests and to be able to respond to your requests in a team structure.

6.8.3 The use is based on our legitimate interest to be able to respond comprehensively and in timely manner to your support requests. Legal basis is Art. 6 para. 1 point f GDPR.

6.9 Mailgun

6.9.1 We use Mailgun, a newsletter service by Mailgun Technologies, Inc., 535 Mission St., San Francisco, CA 94105, USA. We have signed a Data Processing Addendum, in order to legitimate transfers of personal data to Mailgun, Inc. Mailgun has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000PCbmAAG). In addition we have concluded EU Standard Contractual Clauses with Mailgun, in order to further safeguard the processing of personal data outside of the European Economic Area.

6.9.2 We use Mailgun to automatically send mails with education discounts resp. license keys to customers having applied for an education license or a free upgrade.

6.9.3 The implementation is based on our legitimate interest to efficiently submit the necessary information (discount codes, license keys) to you. Legal basis is Art. 6 para. 1 point f GDPR.

6.10 Newsletter

6.10.1 We use Campaign Monitor, a newsletter service by Campaign Monitor Pty Ltd., 201 Elizabeth St, Sydney, NSW, Australia. You can find their Privacy Policy at https://www.campaignmonitor.com/policies/#privacy-policy.

6.10.2 We use Campaign Monitor to help us send out our newsletter to all users who have subscribed to it. Campaign Monitor can use the recipient’s data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, Campaign Monitor does not use your personal data to send you mails or to pass the data on to third parties.

6.10.3 You can register for our newsletter by submitting your email address on our website. Upon registering, we will send you an automated mail with a link you have to click (double opt-in), in order to finalize the newsletter subscription. We log your subscription to our newsletter (IP, time, date). This is necessary to be able to prove that you have given us your consent.

6.10.4 Our newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file which is downloaded from Campaign Monitor’s server when you open our newsletter. In this context, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our endeavour, nor, if used, that of the shipping service provider, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.

6.10.5 A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled. You can find an unsubscribe link in every newsletter email. Upon your cancellation, we may store your subscription data for another three years to be able to prove that you had given us your consent, before we delete your personal data.

6.10.6 Legal basis for sending you newsletter emails and measure its performance is your consent, Art. 6 para. 1 point a, 7 GDPR Art. 6 para 1 point f GDPR. Legal basis for logging your subscription data is Art. 6 para 1 point f GDPR. Our legitimate interest is that we are legally obliged to prove that you have given us consent. To secure the processing of your personal data, we have concluded a data processing agreement with Campaign Monitor.

§ 7 Data processing when using our software application

7.1 Paddle

We use Paddle. For more details on this company, please refer to § 6.4.4 above.

7.2 HockeyApp

7.2.1 We use HockeyApp, a product by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. We have signed a Data Processing Addendum, in order to legitimate transfers of personal data to Microsoft. HockeyApp has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK). You can find their Privacy Policy at https://privacy.microsoft.com/de-de/PrivacyStatement.

7.2.2 We use HockeyApp to keep track of crash reports. Should the app crash for a user, upon reopening it, a dialog is shown asking users to submit a problem report for Deckset. Such reports contain an anonymized per-device identifier, which means: Two reports from the same device will contain the same identifier. Other than that, such reports do not contain personal data, unless you provide them (e.g. name, email address, comment) voluntarily. The data is then sent to Hockey where we can analyze it and cross-reference it with other crashes.

7.2.3 The use is based on our legitimate interest, to maintain a stable application, find bugs and being able to analyze them in order to fix them. Legal basis is Art. 6 para. 1 point b GDPR.

Sign up to receive updates, offers and beta
invites for upcoming releases.