Privacy Policy

1. An overview of data protection

General

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Definitions

Capitalized terms used in this Policy and not otherwise defined shall have the meanings provided below:

Products
MyDataMerge

Relevant Data
Personal Data and Special Categories of Data are the Relevant Data covered by this policy and as defined in the Data Protection Legislation.

Personal Data
any information relating to an identified or identifiable natural person.

Special Categories of Data
Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data and data concerning health or a person’s sex life or sexual orientation.

Processing/Processed
any operation on personal data, whether automated or not.

2. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Who is responsible for the data collection on this website and in products?

ToolboxCode UG (haftungsbeschränkt)
Blütenäcker 15
71332 Waiblingen
Email: info@toolboxcode.com

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

What do we use your data for?

We use, process, and store your information as necessary to perform our contract with you and for our legitimate business interests, in operating our website and product, and business including:

• to help us administer our Sites and/or Products, authenticate users for security purposes, provide personalised user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Sites and/or Products
• As required by applicable law, legal process or regulation
• to calculate aggregate statistics on the number of unique devices using our Sites and/or Products
• to send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Products, our Products offerings, and important Products-related notices, such as security and fraud notices. These communications are considered part of the Products and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about ToolboxCode. We will only send you marketing information if you consent to us
• for billing, account management and other administrative matters. ToolboxCode may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments. This includes supporting you or legitimate others of your company to access products/activation
• to investigate and help prevent security issues, fraud and abuse.

If information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, ToolboxCode may use it for any business purpose.

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect by opting out or writing an informal email. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

3. Data collection on our website

How do we collect your data?

Some data are collected when you provide it to us. This happens if you:

1. Use any kind of contact forms
2. Register an account
3. Post in the support forum
4. Purchase a product
5. Accept analytics tools in the privacy settings

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

The website will inform you on the first visit about all cookies used. Find a list about the currently used cookies below. You can opt in to or opt out of functions and cookies at any time by clicking the following button:

Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

Currently active cookies:

Payments Information

Payments information provided by you will be stored and processed by Paddle.com Market Limited and any other third party service providers as designated by us from time to time. We will collect certain information required for Paddle.com Market Limited and such third party services providers to process payments, including credit / debit card numbers, security numbers and other related payment information. All such information is subject to the privacy policy of Paddle.com Market Limited (available here https://paddle.com/privacy ) or any other third party service provider as applicable.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fullfill a contract or for measures preliminary to a contract.

Contact form / Registration form / Support forum

Should you send us data via a form (contact form, registration form or post in the support forum), we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions and to manage your account properly. We do not share this information without your permission.

Information entered in the support forum will be publicily visible to help others with the same questions to find answer quickly. If you want to hide private information from public, the forum offers a privacy option below the posting form.

We will, therefore, process any data you enter onto the forms only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the forms until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Analytics

If you have given your voluntarily and explicite consent, an analytics tool is used. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyse a user’s activities across devices.

Website analytics and purposes of processing

The analytics tool uses local storage, which is saved in a database or in text files on your computer (depending on the browser you are using), to help the website analyse how users interact with the site. The information generated by the storage about your use of this website is usually transferred to a ToolboxCode server in Germany and stored there. No IP address is stored. No personal data is stored.

Data collected by the analytics tool contains:

• Visited pages
• Session
  • This tracks the beginning and the end of the website usage and is necessary for the function of the analytics tool
• Information if delivered by the browser including: Browser name, version, OS name, version, location

4. Data collection by our products

Data Processed by Third Parties

Our products do not pass on any personal data to third parties and are completely free of advertising. However, some functionalities can only be provided by using external data sources, frameworks or operating system services, which in turn process data and are subject to a separate privacy policy:

A. Sentry

We use the service Sentry provided by Functional Software Inc., 132 Hawthorne Street, San Francisco, California 94107, to improve the technical stability of our service by monitoring system stability and detecting code errors. Sentry serves solely for these purposes and particularly does not evaluate any data for promotional purposes. The data about users, e.g. information about the device or the time of an error will be collected anonymously and will not be used for personal purposes and will subsequently be deleted. For more information, see the Sentry privacy policy: https://sentry.io/privacy/. The transfer is permitted under Art. 45 GDPR, because Functional Software Inc. is Privacy Shield certified and thus an adequate level of protection exists according to the Implementing Decision of the Commission (EU) 2016/1250 (http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016D1250&from=DE). The Privacy Shield notice can be accessed at https://www.privacyshield.gov/participant?id=a2zt0000000TNDzAAO&status=Active. The legal basis for the use of Sentry is a legitimate interest under Art. 6 (1) sentence 1 f DSGVO. Our legitimate interest is the user-friendly design of our services.

Crash Notifications

In order to improve usability and to maintain functionality, our products rely on crash notifications.

If the user voluntarily and explicitly agrees to the transmission of a crash report after a crash of the app, information about the crash (status of the app at the time of the crash) is transferred to the servers of Sentry and stored there for evaluation by ToolboxCode. If the user does not agree to the crash notification transmission, nothing will be sent. Crash reports usually do not contain any personal information. On macOS, they consist of:

• Bundle identifier, bundle version, and short bundle version string of the product.
• Device type, CPU architecture, and version of the operating system.
• Timestamp when the crash happened.
• A generated UUID to prevent duplicate crash reports.
• If an exception was thrown, the plain-text class name and message value of the exception.
• Low level crash data like instruction pointer, method or function names, signal data, pointer registers, and information about the loaded binary images.

The information is transferred to the servers of Sentry and stored there for evaluation by ToolboxCode. If the user does not agree to send a creash report, nothing will be sent.

User feedback

In order to improve usability and to improve specific function, our products rely on user feedback.

If the user voluntarily and explicitly agrees to the transmission of user feedback, the Feedback is transferred to the servers of Sentry and stored there for evaluation by ToolboxCode. If the user voluntarily and explicitly agrees to the submission of a System report along with his feedback, a log file is transferred to the servers of Sentry and stored there for evaluation by ToolboxCode. System reports usually do not contain any personal information. On macOS, they consist of:

• Bundle identifier, bundle version, and short bundle version string of the product.
• Device type, CPU architecture, and version of the operating system.
• Timestamp when the crash happened.
• A generated UUID to prevent duplicate crash reports.
• If an exception was thrown, the plain-text class name and message value of the exception.
• Low level crash data like instruction pointer, method or function names, signal data, pointer registers, and information about the loaded binary images.

The information is transferred to the servers of Sentry and stored there for evaluation by ToolboxCode. If the user does not start a Feedback process, nothing will be sent. Sentry’s Privacy Policy can be found at https://sentry.io/privacy/

B. Analytics

Products NOT using Analytics: MyDataMerge. For all others, the following applies:

If you have given your voluntarily and explicit consent, an analytics tool is used. This makes it possible to assign data, across multiple application launches to a pseudonymous user ID and thus analyse a user’s activities.

Products analytics and purposes of processing

The analytics tool uses text files on your computer to help the products analyse how users interact with them. The information generated by the analytics tool about your use of a product is usually transferred to a ToolboxCode server in Germany and stored there. No IP address is stored. No personal data is stored.

Data collected by the analytics tool contains:

• Product buttons clicked
  • ToolboxCode needs to find out which functions are used more than others to focus development on those to optimise your experience
• Duration of different tasks like “importing” or “exporting”
  • Duration of tasks in combination with macOS information tells us if we need to improve the product for specific macOS versions
• Session
  • This tracks the beginning and the end of product usage and is necessary for the function of the analytics tool
• macOS name, version
  • This information is helpful to focus development on specific macOS versions

5. Plugins and tools

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin and you have given your voluntarily and explicitly consent, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.