Privacy Policy

1. General information on the processing of personal data

Protecting your personal data is particularly important to us. Therefore, we hereby wish to inform you in detail which personal data are processed when you use our websites and services.

Data controller according to GDPR:

Ninox Software GmbH
Managing directors: Frank Böhmer, Daniel Kronberger and Jürgen Thiel

Monbijouplatz 5
10178 Berlin
Germany

Email: support@ninox.com
Internet: https://ninox.com

More detailed information can be found in our Imprint.

Designated Data Protection Officer according to Art. 37 ff. General Data Protection Regulation ("GDPR") is:

Berit Schubert
DataSolution LUD GmbH
Isarstr. 13, 14974 Ludwigsfelde, Germany
Phone: +49 3378 205 729
Email: dpo@ninox.com

We only process personal data in strict accordance with the pertinent data protection provisions. That means that the data are only processed when doing so is legally permissible. That means especially: when processing the data is necessary in order for us to fulfil our contractual obligations and provide our online-services; is legally required; consent has been given; due to our legitimate interests (i.e. interests in the analysis, optimization, economic operation and security of our online-services pursuant to Art. 6 Para. 1 lit. f. GDPR, especially in the context of reach measurement, the creation of profiles for promotion and marketing purposes as well as the collection of access data and the use of third-party services).

The legal basis for consent is provided in Art. 6 Para. 1 lit. a and Art. 7 GDPR, the legal basis for data processing for purposes of fulfilling our services and contractual measures is Art. 6 Para. 1 lit b GDPR, the legal basis for processing data in order to meet our legal obligations is Art. 6 Para. 1 lit. c GDPR, and the legal basis for processing data with a view to upholding our legitimate interests is provided by Art. 6 Para. 1 lit. f GDPR.

2. Your rights

You have the following rights in relation to us with regard to the personal data concerning you:

  • Right of access (Art. 15 GDPR),
  • Right to rectification and erasure (Art. 16 and 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object processing (Art. 21 GDPR),
  • Right to data portability (Art. 20 GDPR).

Furthermore, you have the right to complain to a supervisory authority for data protection about the processing of your data by us.

We would like to point out that any possible consent you have given pertaining to data protection can be revoked at any time, effective immediately. The same applies when you have given consent to be approached in a promotional manner. To do so, please contact us informally via e-mail at: info@ninox.com. Such revocation can result in our services no longer being available at all, or only with restrictions.

Insofar as we base the processing of your data on a balancing of interests (Art. 6 Para. 1 Sent. 1 lit. f GDPR), you can object to such processing. In exercising such an objection, we kindly ask that you present the reasons why we should not process your data in the manner in which we have processed them. Should you voice a justified objection, we examine the factual circumstances of the matter and will then either cease processing of your data, modify how your data are processed, or illustrate the compelling legitimate grounds on basis of which we will continue to process your data.

3. Transmission of data to third parties and third party providers

We only pass your data on to third parties if doing so is necessary for contractual purposes pursuant to Art. 6 Para. 1 lit. b GDPR or can be justified on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR.

In the event that we employ subcontractors in order to provide our services, we shall take appropriate legal precautions and corresponding technical and organisational measures in order to ensure that your personal data are protected in accordance with the applicable statutory provisions.

Where third-party providers are stated in this privacy statement and the stated registered offices of those third party providers are situated in a third country, it should be assumed that data are transferred to the countries in which the third party providers have their registered offices. We only process your data in third countries: if doing so is necessary in order for us to meet our (pre)contractual obligations (Art. 6 Para. 1 lit. a GDPR); on the basis of your consent (Art. 6 Para. 1 lit. a GDPR), due to a legal obligation (Art. 6 Para. 1 lit. c GDPR), or; on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR). The same applies for the processing of data by third parties on our behalf, the disclosure of your personal data to third parties and their transmission to third parties.

4. Data erasure

The data we store shall be deleted as soon as they are no longer needed for the purpose for which they are being stored and the law does not prescribe a statutory duty for the data to be retained. In the event that data are not deleted on grounds that they are still required for other or legally admissible reasons, their processing shall be restricted. This means that the data shall be blocked and shall not be processed for other purposes. This applies, for instance, for data that have to be kept for reasons pertaining to trade or tax law.

In accordance with the pertinent legal provisions, such data shall be stored for 6 years pursuant to Section 257 Para. 1 German Commercial Code (commercial books, inventories, opening balance sheets, annual financial statements, trade letters, accounting records, etc.) and ten years pursuant to Section 147 Para. 1 of the German Fiscal Code (accounts, records, situation reports, accounting records, trade or business letters, documents relevant for taxation, etc.).

5. Data processing activities when you visit our websites

If you use our websites for informational purposes only, i. e. if you do not lodge a request or query, do not log in or otherwise provide us with personal information, we process such data that your browser transmits to our server and which are technically necessary in order for us to display our websites to you and to guarantee stability and security:

  • IP-address,
  • Date and time of the request,
  • Duration of visit to the website
  • Time zone difference to Greenwich Mean Time (GMT),
  • Content of the request (specific site/page),
  • Access status/HTTP-status code,
  • Respective data amount transferred,
  • Website that the request is coming from,
  • Which webpages you visit when on our website,
  • Internet service provider,
  • Browser type,
  • Server Log Files,
  • Operating system and its interface,
  • Language and version of the browser software.

The legal basis is Art. 6 Para. 1 Sent. 1 lit. f GDPR, namely our legitimate interest in displaying the websites that are called up.

6. Data processing activities via the use of cookies

In addition to the aforementioned data, cookies are saved to your device when you use our websites. Cookies are small text files which are saved on your hard drive and associated to your browser and which provide us with information. They serve to make our web-services more user-friendly and efficient. The legal basis is provided in Art. 6 Para. 1 Sent. 1 lit. f GDPR, namely our legitimate interest in improving the user-friendliness of our web-services and to evaluate our online marketing activities.

You can configure your browser settings to meet your preferences, for instance by refusing to accept cookies. We do point out that if you do so, you may not be able to use all of the functions and features of our websites.

Your consent applies to the following domains: ninox.com

Your current state: Deny.

Your consent ID:

Consent date: Tuesday, December 28, 2021, 07:59:42 PM GMT+1

Change your consent

Cookie declaration last updated on 27/12/2021 by Cookiebot:

Necessary (6)

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.



Name Provider Purpose Expiry Type
__cf_bm [x2] Crowd
Hubspot
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. 1 day HTTP Cookie
_ce.cch Crazyegg Stores the user's cookie consent state for the current domain Session HTTP Cookie
ce_asset_waiting ninox.com This cookie is part of a bundle of cookies which serve the purpose of content delivery and presentation. The cookies keep the correct state of font, blog/picture sliders, color themes and other website settings. Session HTML Local Storage
connect.sid ninox.com The cookie is necessary for secure log-in and the detection of any spam or abuse of the website. 6 days HTTP Cookie
CookieConsent Cookiebot Stores the user's cookie consent state for the current domain 1 year HTTP Cookie

Preferences (3)

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Name Provider Purpose Expiry Type
lang [x2] LinkedIn Remembers the user's selected language version of a website Session HTTP Cookie
locale Personio The cookie determines the preferred language and country-setting of the visitor - This allows the website to show content most relevant to that region and language. Session HTTP Cookie

Statistics (15 )

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Name Provider Purpose Expiry Type
_ce.s ninox.com Collects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner. 1 year HTTP Cookie
_CEFT ninox.com This cookie is used by the website’s operator in context with multi-variate testing. This is a tool used to combine or change content on the website. This allows the website to find the best variation/edition of the site. 1 year HTTP Cookie
_clck Microsoft Collects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner. 1 year HTTP Cookie
_clsk Microsoft Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. 1 day HTTP Cookie
_cltk Microsoft Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Session HTML Local Storage
_dc_gtm_UA-# Google Used by Google Tag Manager to control the loading of a Google Analytics script tag. 1 day HTTP Cookie
_ga Google Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 years HTTP Cookie
_gat Google Used by Google Analytics to throttle request rate 1 day HTTP Cookie
_gid Google Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 1 day HTTP Cookie
AnalyticsSyncHistory LinkedIn Used in connection with data-synchronization with third-party analysis service. 29 days HTTP Cookie
ce_clock ninox.com Sets a timestamp for when the visitor entered the website. This is used for analytical purposes on the website. Persistent HTML Local Storage
collect Google Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Session Pixel Tracker
https://#.#/ Leadfeeder Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. Session Pixel Tracker
mp_#_mixpanel cdn4.mxpnl.com Pending 1 year HTTP Cookie
YSC YouTube Registers a unique ID to keep statistics of what videos from YouTube the user has seen. Session HTTP Cookie

Marketing (34)

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.


Name Provider Purpose Expiry Type
__mpq_#_# static.ninoxdb.de Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. Persistent HTML Local Storage
_ce.gtld Crazyegg Pending Session HTTP Cookie
_fbp Facebook Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. 3 months HTTP Cookie
_lfa sc.lfeeder.com Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes. 2 years HTML Local Storage
_lfa_expiry sc.lfeeder.com Contains the expiry-date for the cookie with corresponding name. Persistent HTML Local Storage
_lfa_test_cookie_stored sc.lfeeder.com Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes. 1 day HTTP Cookie
_session_id Crowd Stores visitors' navigation by registering landing pages - This allows the website to present relevant products and/or measure their advertisement efficiency on other websites. 13 days HTTP Cookie
_uetsid Microsoft Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement. 1 day HTML Local Storage
_uetsid_exp Microsoft Contains the expiry-date for the cookie with corresponding name. Persistent HTML Local Storage
_uetvid Microsoft Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. 1 year HTML Local Storage
_uetvid_exp Microsoft Contains the expiry-date for the cookie with corresponding name. Persistent HTML Local Storage
ads/ga-audiences Google Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. Session Pixel Tracker
ANONCHK Microsoft Registers data on visitors from multiple visits and on multiple websites. This information is used to measure the efficiency of advertisement on websites. 1 day HTTP Cookie
bcookie LinkedIn Used by the social networking service, LinkedIn, for tracking the use of embedded services. 2 years HTTP Cookie
bscookie LinkedIn Used by the social networking service, LinkedIn, for tracking the use of embedded services. 2 years HTTP Cookie
ce_successful_csp_check ninox.com Pending Persistent HTML Local Storage
clid Google Tag Manager Pending Persistent HTML Local Storage
fr Facebook Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. 3 months HTTP Cookie
lidc LinkedIn Used by the social networking service, LinkedIn, for tracking the use of embedded services. 1 day HTTP Cookie
MUID [x2] Microsoft Used widely by Microsoft as a unique user ID. The cookie enables user tracking by synchronising the ID across many Microsoft domains. 1 year HTTP Cookie
NID Google Registers a unique ID that identifies a returning user's device. The ID is used for targeted ads. 6 months HTTP Cookie
SM Microsoft Registers a unique ID that identifies the user's device during return visits across websites that use the same ad network. The ID is used to allow targeted ads. Session HTTP Cookie
SRM_B Microsoft Tracks the user’s interaction with the website’s search-bar-function. This data can be used to present the user with relevant products or services. 1 year HTTP Cookie
tr Facebook Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. Session Pixel Tracker
UserMatchHistory LinkedIn Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. 29 days HTTP Cookie
VISITOR_INFO1_LIVE YouTube Tries to estimate the users' bandwidth on pages with integrated YouTube videos. 179 days HTTP Cookie
yt-remote-cast-available YouTube Stores the user's video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-cast-installed YouTube Stores the user's video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-connected-devices YouTube Stores the user's video player preferences using embedded YouTube video Persistent HTML Local Storage
yt-remote-device-id YouTube Stores the user's video player preferences using embedded YouTube video Persistent HTML Local Storage
yt-remote-fast-check-period YouTube Stores the user's video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-session-app YouTube Stores the user's video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-session-name YouTube Stores the user's video player preferences using embedded YouTube video Session HTML Local Storage

Unclassified (4)

Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

Name Provider Purpose Expiry Type
__mplss_q0chakxw ninox.com Pending Persistent HTML Local Storage
__mplss_qknuzr32 ninox.com Pending Persistent HTML Local Storage
__mplss_vy07mjc3 ninox.com Pending Persistent HTML Local Storage
c.gif Microsoft Pending Session Pixel Tracker

6.1 Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics also uses cookies. The information generated by the cookie regarding your use of our websites is usually transmitted to and stored on a Google server in the USA.

If IP-anonymisation is activated, within member states of the European Union and other parties to the Agreement on the European Economic Area Google shortens your IP-address prior to transmission to the USA. In highly exceptional cases, the full IP-address is transmitted to a Google server in the USA and shortened there. IP-anonymisation is activated in our web service. Upon our request, Google shall use this information to analyse the use of our websites, to compile activity reports and to provide us with other services related to the use of our websites and the internet.

According to Google, the IP-address that your browser passes on to Google Analytics is not combined with any other Google data. We complementarily refer to Google’s data protection policy. You can prevent Google from capturing and subsequently processing the data generated by the cookie and which refer to your usage (including your IP-address) by downloading and installing a browser-plugin.

6.2 Google AdWords Conversion Tracking

We use the online advertising program “Google AdWords”, and within Google AdWords we use the Conversion Tracking feature. Google Conversion Tracking is an analytical service provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). If you click on an ad placed by Google, a conversion tracking cookie is stored to your device.

If you visit certain pages on our website and the cookie has not yet expired, both we and Google can see that you clicked on the ad and were subsequently redirected to the webpage. Every Google-AdWords customer has a different cookie. Cookies can, therefore, not be tracked or traced via the websites of AdWords-customers. The information gathered by the conversion cookie is used to compile conversion statistics for AdWords customers who use Conversion Tracking. Customers who do can see the total number of users who have clicked on their ads and been redirected to webpages outfitted with a Conversion Tracking tag. They do not, however, receive any information that could serve to personally identify users.

Further information is available here and in Google’s data protection policy.

6.3 Google Dynamic Remarketing

We use the remarketing or “Similar Audiences” function provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) on our websites. Using this function, we can address you, as a visitor of our websites, with targeted advertising by displaying personalized, interests-based ads when you visit other websites that are also part of the Google Display Network.

Google uses cookies in order to conduct the website-usage analyses that constitute the foundation for providing interests-based advertising. To do so, Google saves a small file containing a numerical sequence in your browser. Via this number, visits to the website as well as anonymised website usage data are collected. No personal data of visitors to the website are stored. Should you visit another website that belongs to the Google Display Network, ads will be displayed that are very likely to reflect product and information categories that you have previously visited.

You can permanently deactivate the use of cookies by Google by downloading and installing a browser-plugin. Further information on Google Remarketing can be found in Google’s data protection policy.

6.4 Doubleclick

Doubleclick by Google is a service provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Doubleclick by Google uses cookies in order to show you ads that are of relevance for you. To do so, your browser is assigned a pseudonymous identification number (ID) in order to determine which ads have been displayed in your browser and which ads were clicked on. The cookies contain no personal information. Use of the Doubleclick-cookies only enables Google and its partner-websites to display ads on the basis of previous visits to our website or other websites on the internet.

The information generated by the cookies is transmitted by Google to a server in the USA for analysis and storage. Google only transfers data to third parties when so required by law or in the context of commissioned data processing. Google shall under no circumstances combine your data with other data collected by Google. By using our websites, you declare that you accept that Google processes the data collected about you, the fashion in which they are processed described above, and the purpose for which they are collected and processed.

You can prevent that the website-usage data are collected by the cookies and that these data are processed by Google by downloading and installing the DoubleClick deactivation expansion browser-plugin.

6.5 Facebook-Marketing-Services

Within our online offer, due to our legitimate interests in the analysis, optimization and economic operation of our web services and for these purposes, we use the so-called "Facebook-Pixel" of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are an EU resident, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

On the one hand, the Facebook-Pixel enables Facebook to identify users of our online services as the target group for the display of advertisements (so-called “Facebook-Ads”). Accordingly, we use the Facebook-Pixel to ensure as far as possible that the Facebook-Ads we have placed are only displayed to those Facebook-Users who have expressed an interest in our online services or who exhibit certain criteria or attributes (f. ex. interests in certain topics or products as ascertained based on the websites the user has visited) that we transmit to Facebook (so-called “Custom Audiences”). By using the Facebook-Pixel, we furthermore aim to ensure that our Facebook-Ads correspond to the potential interests of the users and do not come across as disturbing, harassing or annoying. Moreover, using the Facebook-Pixel helps us to understand the effectiveness of Facebook-Ads for statistical and market research purposes, in that we can see whether users are directed to our website after clicking on a Facebook-Ad (so-called “Conversion”).

The Facebook-Pixel is immediately integrated when one of our web pages is opened, and can store a so-called cookie, i. e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our online service is assigned to your profile. The data collected which pertain to you are anonymous to us, and thus do not allow us to infer the identity of users. The data are, however, stored and processed by Facebook, so that they could be linked to the respective user profile and used by Facebook or for our own market research and advertising purposes. In the event that we should transfer data to Facebook for matching purposes, such data are locally encrypted by the browser and are only then transferred to Facebook via a secure https-connection. This is done solely for the purpose of making a comparison with the data that have likewise been encrypted by Facebook.

Facebook processes the data in accordance with Facebook’s Data Usage Policy. Special information and details on the Facebook-Pixel and how it works can be found in Facebook’s help section.

You can opt out of your data being collected by the Facebook-Pixel and used to display Facebook-Ads. In order to customize which types of advertisements are displayed for you within Facebook, you can open the respective page provided by Facebook and follow the instructions for setting up use-based advertising.

7. Data processing when you contact us

When you contact us via E-mail, telephone or a contact form, we process the data you provide (f. ex. E-mail address, name, telephone number, or the content of the request) in order to respond to your questions and/or to process your requests. The legal basis is provided by Art. 6 Para. 1 lit. b GDPR.

To best organise and process our customer support, we use software from FrontApp Inc., 550 15th St., CA 94103 San Francisco, USA, ("FrontApp"). As a customer, you have the possibility to contact us via various channels with enquiries, such as e-mail, Facebook or Twitter.

FrontApp channels all customer enquiries in one application and helps us to organise the customer enquiries with flags (e.g. processed or solved) in order to be able to solve your enquiry as quickly as possible.

8. Data processing during the performance of contract

If you use our application, we process your contact and payment data as well as your communication, contract and usage data in order to fulfil, process and invoice the contractual services described in our General Terms and Conditions. All aforementioned types of data, with the exception of communication and usage data, are necessary for the conclusion of the contract. Without them, the contract cannot be concluded. For the aforementioned purpose, your data may be transferred to service providers (hosters, operators of communications applications and other service providers) who support us with our business, who we have of course selected with the utmost care and diligence and who are bound to our instructions. Such service providers include, in particular, providers of technical services who support us in rendering our services.

The existing contractual relationship constitutes the legal basis (Art. 6 Para. 1 Sent. 1 lit. b. GDPR).

9. Newsletter

We send out e-mails and other electronic notifications with promotional information (hereinafter: “newsletter”) only with your consent or when we are legally permitted to do so. The newsletters contain information about our products, services, campaigns and our company. By subscribing to our newsletter, you declare your consent to receiving it.

The use of a delivery service provider, the conduction of statistical surveys and analyses as well as the logging of the registration process all occur on the basis of our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR. Our interest lies in providing a user-friendly and secure newsletter system that both serves our business interests and meets your expectations.

You can withdraw your consent to receive our newsletter at any time. A respective withdrawal link is provided at the end of each newsletter.

10. Final provisions

We employ technical and organizational security measures to protect the data we have gathered, especially against accidental or deliberate manipulation, loss, destruction or attack by unauthorized persons. Our security measures are subject to continuous improvement in line with technological advances and development.

Given the constant technical advances in our services, we shall update our privacy policy from time to time. Where the changes to our privacy policy do not affect the use of the data that we already have, the updated privacy policy shall take effect as of the date of its publication on our website. Changes to our privacy policy that affect our use of data that have already been collected are only permissible if they are reasonable and can be reasonably expected of you. In such cases, you will be informed in due time via E-mail, on our websites, in our application or via other means. You have the right to object to the new privacy policy within four weeks of being notified of its coming-into-force. Should you object to the new policy, we reserve the right to terminate the contractual relationship. You are assumed to agree with the new policy should you not state otherwise within the given time frame. When notifying you of the new privacy policy, we shall inform you of your right to object and of the relevance of the objection deadline.