Zum Hauptinhalt springen
Kostenlos testen Login
Kostenlos testen Login

Privacy Policy

We Take the Protection of Your Personal Data Extremely Seriously

The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP address of your internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of your visit as standard. This information is essential for the technical transmission of the web pages and secure server operation. A personalised evaluation of this data does not take place.

If you send us data via contact form, this data is stored on our servers in the course of data backup. Your data will only be used by us to process your request. Your data will be treated strictly confidential. Your data will not be passed on to third parties.

Responsible department:

DRACOON GmbH
Galgenbergstraße 2a
93053 Regensburg

Phone: +49 (941) 7 83 85 - 0
Email: info@dracoon.com

Personal Data

Personal data are data about your person. This includes your name, your address and your email address. You do not have to disclose any personal data to visit our website. In some cases, we need your name and address and other information in order to provide you with the requested service.

The same applies if we supply you with information material on request or if we answer your inquiries. In these cases we will always point this out to you. Furthermore, we only store the data that you have automatically or voluntarily provided us with.

If you use one of our services, we generally only collect the data that is necessary to offer you our service (the scope of validity of the following regulations regarding automatically stored data and cookie settings applies to all applications provided by DRACOON). It is possible that we may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to offer you our service or to pursue our commercial goals.
For further informations about all data collected and stored by us, which we receive from you in the course of initiating or processing a contract, please visit: Affected Rights

Automatically Stored Data

Server Log Files 

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requestingcomputer
  • Data volume transferred

This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 Para. 1 letter f GDPR on the basis of our justified interest in improving the stability and functionality of our website.   

For reasons of technical security, in particular to ward off attempts to attack our web server, this data is stored by us for a short period. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. In anonymised form, the data is also processed for statistical purposes; it is not compared with other data sets or passed on to third parties, even in part.



Cookies

When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an internet server to your browser and stored on its hard disk. Without your consent, only the Internet Protocol address is stored, but no other personal data. This information, which is stored in the cookies, makes it possible to automatically recognize you the next time you visit our website, which makes it easier for you to use it. The legal basis for the use of cookies is the legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

Of course you can also visit our website without accepting cookies. If you do not want your computer to be recognised on your next visit, you can also refuse the use of cookies by changing the settings in your browser to "refuse cookies". You will find the respective procedure in the operating instructions of your browser. If you refuse the use of cookies, however, there may be restrictions in the use of some areas of our website.

Here you can adjust the cookie settings: Adjust Cookie Settings

 

Google Tag Manager

This website uses Google Tag Manager. The Tag Manager does not collect any personal information. The tool will trigger other tags that may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain disabled for all tracking tags implemented with Google Tag Manager. Google's privacy policy regarding this tool can be found here: https://www.google.com/analytics/terms/tag-manager/


Google Analytics with Anonymization Function

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google" on our website. Google-Analytics uses so-called "cookies", text files that are stored on your computer and thereby enable an analysis of your use of the website.

The information generated by these cookies, for example time, place and frequency of your website visit including your IP address, is transferred to Google in the USA and stored there.

We use Google Analytics with the addition "_gat._anonymizeIp" on our website. In this case, your IP address is already truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area and is thus rendered anonymous.

Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

Google will, according to its own information, under no circumstances connect your IP address with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.

Furthermore, Google offers a deactivation add-on for the most common browsers, which gives you more control over which data is collected by Google for the websites you visit. The add-on informs the JavaScript (ga.js) of Google Analytics that no information about the website visit should be transmitted to Google Analytics. However, the Google Analytics browser disablement add-on does not prevent information from being sent to us or to other web analytics services we may use. For more information on how to install the browser add-on, please click on the link below: https://tools.google.com/dlpage/gaoptout?hl=en

If you visit our site from a mobile device (smartphone or tablet), you must delete instead, the opt-out cookie will also be deleted, so you will have to click the link again.

If you have agreed to have Google link your web and app browsing history to your Google Account and use information from your Google Account to personalize ads, Google will use your information along with Google Analytics data to create audience lists for cross-device remarketing. Google Analytics first collects your Google-authenticated ID linked to your Google Account (i.e., personal information) on our website. Google Analytics then temporarily links your ID to your Google Analytics data to optimize our target audience.

If you do not agree to this, you can opt-out by changing the settings in the "My Account" section of your Google Account.

 

Facebook "Sign in with Facebook"

We use components of the provider Facebook.com on our site. Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.

We use the function "Facebook Connect", which is offered by Facebook.

If you want to use this function, you will first be redirected to Facebook. There you will be asked to log in with your user name and password. Of course we do not take note of your login data. If you are already logged in to Facebook, this step will be skipped.

Afterwards, Facebook will tell you which data will be transmitted to us (public profile, friends list, email address and current place of residence). You confirm this with the "OK" button. With the transmitted data, we will create your customer account. Of course, we will not save your friends list. A permanent link between your customer account and your account on Facebook will not take place.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights and setting options for the protection of your privacy, please refer to the Facebook privacy policy



Facebook Custom Audiences Pixels

To present interest-based advertisements to visitors to our website during their visit to Facebook, we use custom audience pixels from Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). For this purpose, we have implemented a Facebook pixel on our website, which establishes a direct connection to the Facebook servers when you visit our website. In doing so, it is transmitted to the Facebook server that you have visited our website and Facebook assigns this information to your personal Facebook user account. You can find more information on the collection and use of data by Facebook and on your rights and options for protecting your privacy in this regard in Facebook's data protection information at https://www.Facebook.com/about/privacy/. 

If you wish to object to the described connection with Facebook, you can do so by clicking on this Link.


LinkedIn Conversion Tracking

We use conversion tracking components of the LinkedIn network on our page. LinkedIn is a service of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.  It allows you to see relevant advertising based on your interests. LinkedIn also provides us with aggregated and anonymous reports of advertising activity and information about how you interact with our site.

For details about LinkedIn's information collection practices, including your rights and preferences, please see LinkedIn's privacy policy. You can find this notice at http://www.linkedin.com/legal/privacy-policy.

You may opt-out of LinkedIn's analysis of your usage patterns and the display of interest-based recommendations by clicking on the "Opt-out" box for LinkedIn members or "Opt-out" box for other users at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

HubSpot

For the creation of our website we use HubSpot, a software of HubSpot Inc, 25 First Street, 2nd FloorCambridge, MA 02141, USA. In the context of using this software, so-called inbound marketing is carried out. The software helps us to optimize our marketing strategy by means of statistical analysis and evaluation of the logged user behavior. HubSpot uses cookies for this purpose. Of course, you can prevent the storage of cookies by adjusting your browser settings accordingly or delete the cookies already stored. Please note that in this case you may not be able to use the full range of services provided on our website. Further information about HubSpot can be found in the terms of use and privacy policy of HubSpot Inc. at http://www.hubspot.com/terms-of-service and http://www.hubspot.com/privacy-policy. HubSpot is subject to the EU-US Privacy Shield.

Disable HubSpot Cookies  


Newsletter

We use the so-called double opt-in procedure for sending the newsletter, i.e. we will only send you a newsletter by email if you have expressly confirmed to us beforehand that you want us to activate the newsletter service. We will then send you a notification email and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this email. When you register for our newsletter, we will save your IP address and the date of registration. This storage is solely for the purpose of proof in the event that a third party misuses your e-mail address to register you for the newsletter without your knowledge or authorization. If you do not wish to receive newsletters from us at a later date, you can object to this at any time without incurring any costs other than the transmission costs according to the basic rates.

 

Microsoft Clarity

This website uses Clarity. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA98052-6399 (USA), https://docs.microsoft.com/en-us/clarity/ (hereinafter referred to as "Clarity").
 
Clarity is a tool for analysing user behaviour on this website. In particular, Clarity records mouse movements and creates a graphical representation of which part of the website users
website users scroll particularly frequently (heat maps). Clarity can also record sessions so that we can view page usage in the form of videos. We also receive information about general user behaviour within our website. 
Clarity uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or the use of device fingerprinting). Your
personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.
 
The use of Clarity is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective user analysis. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time. Further details on Clarity's data protection can be found here: https://docs.microsoft.com/en-us/clarity/faq.
 
We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

 

Microsoft Advertising
 
We use the Microsoft Advertising service of the provider Microsoft Ireland Operations Limited (Ireland/EU) (formerly Bing Ads) on our website. Microsoft Advertising is an online marketing service that uses the Universal Event Tracking (UET) tool to help us display targeted adverts via the Microsoft Bing search engines. Microsoft Advertising uses cookies for this purpose. This involves processing personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about device and browser settings. 
Microsoft Advertising collects data via UET that we can use to track target groups thanks to remarketing lists. For this purpose, a cookie is stored on the end device used when you visit our website. This enables Microsoft Advertising to recognise that our website has been visited and to display an advertisement when Microsoft Bing or Yahoo is subsequently used. The information is also used to create conversion statistics, i.e. to record how many users have reached our website after clicking on an advert. This tells us the total number of users who clicked on our advert and were redirected to our website. However, we do not receive any information with which users can be personally identified.

Further information on these processing activities, the technologies used, stored data and the storage period can be found in the settings of our Consent Management Tool. Processing only takes place with your consent in accordance with Section 25 TDDDG or Art. 6 para. 1 lit. a GDPR. You can revoke your consent via our Consent Management Tool.
 
In the case of Microsoft services, the transfer of data to Microsoft Corp. in the USA cannot be ruled out. Microsoft is certified according to the Data Privacy Framework and thus fulfils the requirements of the adequacy decision of the USA by the EU Commission. Further information on data protection at Microsoft can be found in Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

 

YesWeHack

For your participation in our bug bounty program to identify vulnerabilities, we use the YesWeHack platform located at 14 rue Charles V, 75004 Paris, France. 

Your personal data in the form of your IP address is processed by YesWeHack as soon as you access security.dracoon.com to report a vulnerability. Further personal data is not processed automatically. You are therefore free to provide further personal data in the course of the vulnerability report.

The processing of your personal data via YesWeHack is therefore based on Art. 6 sec. 1 lit. b GDPR.

The data will only be used and stored to the extent necessary. The data collected will be deleted once it is no longer necessary.

Further details on YesWeHack's data protection can be found here: https://yeswehack.com/programs/dracoon-bug-bounty-program

 

Security

We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees as well as service providers working for us are bound to the valid data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transferred. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policy is constantly being revised. Please make sure that you have the latest version.



Rights of Data Subjects

You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing as well as a right to data transferability and to complain in accordance with the requirements of data protection law at any time.

Right to information:
You can demand information from us as to whether and to what extent we process your data.

Right of rectification:
If we process your data that are incomplete or incorrect, you can demand that we correct or complete them at any time.

Right to deletion:
You can demand that we delete your data if we process them unlawfully or if the processing interferes disproportionately with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal obligation to retain them.

Right to limitation of processing:
You can demand that we restrict the processing of your data if 

  • you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse to allow it to be deleted and instead demand a restriction on the use of the data,
  • we no longer need the data for the intended purpose, but you still need the data to assert or defend legal claims, or
  • you have lodged an objection to the processing of the data.

Right to data transferability:
You can demand that we provide you with your data that you have provided us with in a structured, common and machine-readable format and that you can transfer this data to another responsible person without hindrance from us, provided that

  • we process this data on the basis of a revocable consent given by you or for the fulfilment of a contract between us, and
  • such processing is carried out by means of automated procedures.

If technically feasible, you can request us to transfer your data directly to another responsible party.

Right of objection:
If we process your data out of a legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling reasons for processing that are worthy of protection, which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of appeal:
If you are of the opinion that we are processing your data in violation of German or European data protection law, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

You can find further information on your rights as a data subject here.




Changes to this Data Protection Declaration

We reserve the right to change our privacy policy if new technologies make this necessary. Please make sure that you have the latest version. If fundamental changes are made to this data protection declaration, we will announce these on our website.

All interested parties and visitors to our website can contact us regarding data protection issues at

Mr. Christian Volkmer
Project 29 GmbH
Ostengasse 14
93047 Regensburg

Phone:  0941 2986930
Fax:  0941 29869316
Email: anfragen@projekt29.de 
Internet: www.projekt29.de 

 

 

Your cookie setting