Zum Hauptinhalt springen
Kostenlos testen Login
Kostenlos testen Login

Privacy Policies

We take data protection seriously


The protection of your privacy when processing personal data is an important concern for us. When you use our service, our web servers store the IP of your Internet service provider, the application from which you are visiting us, the specific pages you visit on our site and the date and duration of your visit as standard. This information is essential for the technical transmission of data and secure server operation. There is no personalized evaluation of this data.

If you send us data via the Support-Portal, this data will be stored on our servers in the course of data backup. Your data will only be used by us to process your request. Your data will be treated as strictly confidential. It will not be passed on to third parties.



Galgenbergstraße 2a
93053 Regensburg


Phone: +49 (941) 7 83 85 - 0

Email: privacy@dracoon.com
Internet: www.dracoon.com


Personal data

Personal data is data about your person. This includes your name, your address, your e-mail address and your IP address.

The same applies in the event that we supply you with information material on request or when we answer your enquiries. In these cases, we will always point this out to you. Furthermore, we only store the data that you have transmitted to us automatically or voluntarily.

When you use one of our services, we generally only collect the data that is necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to be able to offer you our service or to pursue our commercial objectives.


Automatically stored data

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Date and time of the request
  • Name of the function used and references to retrieved objects
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requesting computer
  • data volume transferred

 This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our service.  

For reasons of technical security, in particular to defend against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is also processed in anonymised form for statistical purposes; it is not compared with other data or passed on to third parties, not even in extracts.



We only use technically necessary cookies in our product on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with §25 para. 2 TTDSG. The cookies only contain references to existing sessions of registered users and are only evaluated for this purpose. 



We use the service of Usersnap GmbH, Industriezeile 35, 4020 Linz, Austria in our product. This is a service that enables the user to submit satisfaction feedback to DRACOON. If you voluntarily submit your feedback, Usersnap stores the following information of the requesting computer: IP address, browser user agent and screen resolution. You can find Usersnap GmbH's privacy policy here: https://usersnap.com/privacy-policy

The legal basis for data processing is your consent (in the form of voluntary use) in accordance with Art. 6 para. 1 lit. a GDPR to provide you with a problem-free product experience. You can withdraw your consent at any time with effect for the future.

If you do not complete and submit the feedback form, no data will be transferred to Usersnap.



We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are bound by the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection statements are constantly being revised. Please ensure that you have the latest version.


What data are processed and from which sources do these data originate?

We process the personal data that we have received as part of the use of the product.


Personal data includes: 

First name, last name, email address, username, telephone number and IP address.


For what purposes and on what legal basis are the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018, as amended:

  • for the fulfilment of (pre-)contractual obligations (Art. 6 para. 1lit.b DS-GVO):

Your data is processed for the purpose of processing contracts online or in one of our branches, for the purpose of processing contracts for your employees in our company. The data is processed in particular when initiating business and when executing contracts with you. 

  • for the fulfilment of legal obligations (Art. 6 para. 1 lit.c DS-GVO):

Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.

  • to safeguard legitimate interests (Art. 6 para. 1 lit.f DS-GVO):

Based on a balancing of interests, data processing may take place beyond the actual fulfilment of the contract in order to protect the legitimate interests of us or third parties. Data processing for the protection of legitimate interests takes place, for example, in the following cases: Error messages, bug fixes, innovations and updates

  • within the scope of your consent (Art 6 para. 1lit.a GDPR):

If you have given us consent to process your data, e.g. to send you email notifications based on your user preferences.


Processing of personal data for advertising purposes

You can consent to the use of your personal data for advertising purposes as a whole or for individual measures at any time.

If you agree to the use for advertising purposes, you will receive product recommendations from us.

If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form is sufficient for this. Of course, every e-mail always contains an unsubscribe link.


Who receives my data?

If we use a service provider in the sense of commissioned processing, we still remain responsible for the protection of your data. All commissioned processors are contractually obliged to treat your data confidentially and to process it only in the context of providing the service. The processors we commission receive your data insofar as they require the data to fulfil their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns. You can view our technology partners here: https://cloud.support.dracoon.com/hc/en-us/articles/360011917220-SaaS-Technology-Partners

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit agencies and service providers may be recipients of your personal data for the purpose of initiating and fulfilling contracts.


How long will my data be stored?

We process your data until the end of the business relationship or until the expiry of the applicable statutory retention periods (such as from the German Commercial Code, the German Fiscal Code or the German Working Hours Act); furthermore, until the end of any legal disputes in which the data is required as evidence.


Is personal data transferred to a third country?

In principle, we do not transfer any data to a third country outside the European Union. A transfer takes place in individual cases only on the basis of an adequacy decision of the European Commission, standard contractual clauses, appropriate guarantees or your express consent.


What data protection rights do I have? 

You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.


Right to information:

You can request information from us as to whether and to what extent we process your data.


Right of rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.


Right to erasure:

You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect. 



Right to limitation of processing:

You can request us to restrict the processing of your data if

  • you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and instead request restriction of the use of the data,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data.


Right to data portability:

You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

  • we process that data on the basis of consent given by you, which may be revoked, or for the performance of a contract between us; and
  • this processing is carried out with the aid of automated procedures.

If technically feasible, you can request us to transfer your data directly to another data controller.


Right to object:

If we process your data for legitimate interests, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims. You can object to the processing of your personal data for the previously agreed purpose of direct advertising at any time without giving reasons.


Right of appeal:

If you are of the opinion that we are violating German or European data protection law when processing your personal data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to exercise any of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.


Am I obliged to provide data?

The processing of your personal data is necessary for the conclusion or fulfilment of the contract you have entered into with us. If you do not provide us with this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and consequently have to terminate it. However, you are not obliged to give your consent to data processing with regard to personal data that is not relevant for the performance of the contract or that is not required by law.


Changes to this privacy policy 

We reserve the right to change our privacy policy if necessary due to new technologies. Please ensure that you have the latest version. If any material changes are made to this privacy statement, we will post those changes on our website.

You can reach us for data protection issues at:

Mr. Christian Volkmer
Projekt 29 GmbH
Ostengasse 14
93047 Regensburg


Phone:  0941 2986930
Fax:  0941 29869316

Internet: www.projekt29.de