Thank you for your interest in snapADDY Assistant. Since we take the protection of your personal data very seriously, we would like to inform you about how and for what purpose your data is processed when using snapADDY Assistant.
On your first login to snapADDY Assistant we ask for some permissions in order to access your account. We will discuss these in more detail below.
View your basic profile
Based on your Outlook profile, snapADDY Assistant will identify you and load your individual user profile. This serves a smooth and secure login process.
Read user mail
The core function of snapADDY Assistant is the recognition of contacts in the signatures of incoming e-mails. Therefore it is necessary to grant the software read access to your e-mails.
Our intelligent contact recognition algorithm automatically generates contact suggestions from e-mails without human intervention. No content of your e-mails is stored on our servers except for the contact data found.
Send mail as a user
In order to keep updated about new contact suggestions, snapADDY Assistant regularly sends you a summary e-mail.
This e-mail will be sent from your account to you; snapADDY Assistant will never send e-mails on your behalf to a third party.
Full access to user contacts
For its core functionality snapADDY Assistant requires read and write access to your contacts. This is required to
- Detect updates for existing contacts,
- ensure that no existing contacts are suggested; and
- automatically transfer contact suggestions to your address book.
No contacts are added or changed in your address book without your manual intervention (e.g. by accepting a contact suggestion). Likewise, no copies of contacts from your address book are stored on our servers.
Access your data anytime
To ensure that your contacts are continuously updated, snapADDY Assistant works in the background (even when you are currently not using Outlook).
In this process, incoming e-mails are processed, contact suggestions are generated and the summary e-mail is regularly sent. In particular, no contact data from your address book will be changed without your intervention and no copies of your e-mails or contacts will be stored on our servers.
Read all users' basic profiles
When showing new contact suggestions, snapADDY Assistant automatically tries to find a suitable profile pictures. One source for such images are the profiles of your colleagues in your organization. To access these images, snapADDY Assistant requires read permissions for the basic profiles of the users in your organization.
Profile information from your organization is of course only visible to you and will never be displayed outside your organization.
We welcome you to our website. We would like to inform you about the management of your personal data in accordance with Art. 13 General Data Protection Regulation (GDPR).
Our data protection guidelines
- 1.1. Registration process and further information on use.
- 1.2. Contract for order processing according to § 28 GDPR
- 1.3. Information on the use of other services on the website
- 2. Procedure directory of snapADDY GmbH
- 2.1. Name or company of the responsible body
- 2.2. Owners, directors, managing directors or other managers appointed in ac-cordance with the constitution of the company and the persons entrusted with the management of data processing
- 2.3. Address of the responsible body
- 2.4. Purposes of data collection, processing or use
- 2.5. Description of the groups of persons concerned and the relevant data or data categories
- 2.6. Recipients or categories of recipients to whom the data may be communicat-ed
- 2.7. Standard periods for the deletion of data
- 2.8. Planned data transmission to third countries
- 3. Rights as a User
- 3.1. Right of access (Art. 15 GDPR):
- 3.2. Right to rectification and erasure (Art. 16 and 17 GDPR):
- 3.3. Right to restriction of processing (Art. 18 GDPR):
- 3.4. Right to data portability (Art. 20 GDPR):
- 3.5. Right to object (Art. 21 GDPR):
- 3.6. Right to lodge a complaint with a supervisory authority
- 4. Contact Details of the Data Protection Officer
We appreciate your interest in our products and know that data protection is important. We treat your data with great care. We collect, store and use data exclusively in accordance with the legal requirements. Personal data will of course be treated confidentially and will not be passed on for advertising purposes without your authorization. We would like to point out that we reserve the right to transfer personal data to third parties if this is necessary for the fulfilment of the contract or if you expressly request it.
The protection of your personal data has top priority at snapADDY GmbH (hereinafter referred to as provider or organization). For the use of our services, in some cases you will be asked for personal data (data by means of which you can be identified directly, such as your name in combination with your address).
The following data protection declaration in section 2 informs you about your rights and our obligations in handling your personal data. Some services require active consent from you. The assigned consents are listed in section 3 "Consent clauses". Contact information is given under 4 "Contacts". In accordance with the requirements (Art. 15 GDPR), you may request information.
1.1. Registration process and further information on use.
In order to use the provider's applications, you must register. Therefore, you will be asked to provide certain personal information such as name, e-mail or telephone number via the registration form. When registering, you have the option of subscribing to a newsletter (see Newsletter). After a free trial period, you can convert your account into a paid account. For this purpose, payment information is requested for the payment methods.
1.2. Contract for order processing according to § 28 GDPR
As the client, you must place the request for order data processing in writing. In order to offer you the best possible service, the provider offers a template for order data pro-cessing. You can use this template to fulfill the legal obligation according to § 28 GDPR. To do so, you must sign this form in duplicate and send it by post to snapADDY GmbH, Haugerkirchgasse 7, DE-97070 Würzburg or digitally by e-mail to firstname.lastname@example.org. Further information on the applications, the contractual provisions and the processing or security measures can be found in the provider’s general terms and conditions, the contract for order data processing, the public procedural directory or the further information on the applications on the website.
1.3. Information on the use of other services on the website
Below you find more information on the respective services:
On our website we provide the opportunity to subscribe to our newsletter. If you consent to this processing separately, this processing is pursuant to Art. 6 para. 1 s. 1 lit. a GDPR. This is also only permitted with your consent. Your consent can be withdrawn at any time without affecting the lawfulness of the prior processing. If consent is withdrawn, we will stop the corresponding data processing.
You may unsubscribe from the newsletter at any time, e.g. via an email sent to email@example.com or via the link to unsubscribe from the newsletter, which you will find in every newsletter email.
1.3.2. Making contact via a form, a blog or the feedback button
The provider offers you to contact us via the website using various online forms and ser-vices. The data collected will only be used for the purpose for which it was collected and stored in accordance with statutory retention regulations or deleted after expiry (e.g. commercial letters; legal retention period of 6 years). The legal basis for processing is Article 6 Para 1 lit. f GDPR. Your data will only be used to answer your inquiry. The data will not be passed on to third parties. You can contact us via these forms to ask us questions as a customer or future contractual partner via a contact form, e.g. to arrange product presen-tations or to receive information on the product and to provide us with feedback on our products or the website.
1.3.3. Social Media Plugins
For reasons of data protection, we do not integrate any social media plugins directly into our website. Therefore, when you access our pages, no data is transferred to social media services such as Facebook, Twitter, XING or Google+. A profiling by third parties is thus impossible.
However, you still have the option of sharing selected pages by clicking on the Facebook, Twitter, XING or Google+ buttons and you can see how often a page has been shared in the past. We use the so-called Shariff solution developed by the German c't Magazine to offer a data protection compliant alternative to the classic social plugins.
What's behind it? The Shariff solution means that as a first step, all the data and functions required to display Facebook, Twitter, XING or Google+ buttons are provided by our web server. Only when you decide to share a post via the corresponding button and click on it, does a data transfer to the operator of the respective social media service takes place.
The processing of technically necessary cookies is based on § 26 para. 2 of the German Telecommunications-Telemedia Data Protection Act (abbreviated TTDSG) as well as Art. 6 para. 1 lit. f of the GDPR and on the interest of enabling user guidance and ensuring the presentation of our website.
1.3.5. Web analysis
Some of our services allow you to share your personal information with other users. Please handle this possibility responsibly.
We use Google Analytics to create pseudonymous user profiles for improving and design-ing our website on demand. Google Analytics uses “cookies”, which are text files placed on your device and can be read by us. In this way, we are able to recognize and count return-ing visitors. This data processing is carried out on the basis of Art. 6 para. 1 s. 1 lit. f GDPR and in the interest of finding out how often our website is viewed by different users.
The information generated by the cookies about your use of the website will be transmit-ted to and stored by Google on its servers in the United States. We have activated IP-anonymization on this website , your IP address will be truncated within the area of Member States of the European Union. Only in exceptional cases is the whole IP address transferred to a Google server in the USA and truncated there. We have also concluded a contract with Google Inc. (USA) for order processing pursuant to Art. 28 GDPR. Accordingly, Google will solely use collected data for the purposes intended, which are to evaluate the use of the website and to compile reports on website activities.
You can withdraw your consent to the processing at any time. Please use one of the following options:
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=en).
1.3.6. Retargeting Google
We use Google's retargeting technologies in order to offer you advertising, on other websites, that is tailored to your interests. Data processing is carried out on the basis of Art. 6 para. 1 s. 1 lit. a GDPR.
When you visit our website, recognition features of your browser or end device are retrieved, your IP address is evaluated or a recognition feature is stored as a small text file (e. g. so-called third-party cookie) on your end device. Furthermore, it is possible that Google connects your visit of our website with your usage behavior which is recorded when you visit various websites. The characteristics are designed pseudonymously. If you are logged in with your Google account, these features can be assigned directly to your profile. Google can link and store your visits to our web pages with your features to display target-ed advertising on other Internet sites. The aforementioned recognition features are pseudonymous and we can use Google to recognize your end device on other internet pages. Your device and your browser will be recognized by Google, e.g. when you visit a page that displays advertisements on Google's behalf.
We can add so called remarketing tags to our website. We may add keywords to our webpages that contain statements about the content of the website, such as offered products. Google receives these keywords which contain neither personal nor sensitive information. When you visit a page with certain keywords related to products, Google stores them and assigns them to your pseudonymous recognition features. Google can use this link to determine whether and, if so, which of our advertisements will be displayed to you.
Cross Device Remarketing
We can therefore commission Google to place advertisements on other websites based on the pages you visited. If you visit another website that participates in Google's display network, Google can use recognition features and keywords stored for this purpose to deter-mine whether and, if so, which of our ads should be displayed.
For more information on how Google Remarketing technologies work, visit https://www.google.com/policies/technologies/ads/.
What does cross-device remarketing mean?
If you sign in to Google services with your own credentials or use one or more of your own Google accounts, Google may link the recognition features of different browsers and de-vices. So once Google has created a unique identifier for the laptop, desktop, smartphone or tablet you are using, you can associate those identifiers with one another by using or having used your sign-in information to use a Google service. In this way, Google can also play our advertising campaigns beyond the end device in a targeted manner. However, Google will only do this if you have agreed to this data processing in your dealings with Google.
You Have the Option to Define Advertising Settings
You can object to this form of advertising at any time. To do this, please visit https://support.google.com/ads/answer/2662922 and deactivate personalized advertising. Please note that these settings may not affect all devices and browsers. Further infor-mation is also available at https://support.google.com/ads/answer/2662922.
1.3.7. Chat & Support via Intercom
To improve the user experience in our applications, we use the Intercom service of Intercom Inc. for sending messages by e-mail and for live chats. We will transmit your e-mail address and your name to Intercom as personal data.
Intercom, Inc. has joined the "Safe Harbor" program, which aims to achieve a higher level of data protection for non-EU companies. You will find further information on data protection at Intercom at http://docs.intercom.io/privacy.
You can prevent Intercom from collecting your data by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website: Disable Intercom
Information you submit to take part in a sweepstake or surveys will only be used in order to identify and contact the winner (Art. 6 para. 1 s. 1 lit. f GDPR). The winners will be notified in writing. We will not use your data for advertising purposes. Relevant data will be deleted immediately after the prize is handed over or if you withdraw your consent to processing of your personal data. If you consent, we will transfer your personal data, provided within the framework of a sweepstake, to our co-operating partners.
2. Procedure directory of snapADDY GmbH
2.1. Name or company of the responsible body
snapADDY GmbH, Umsatzsteuer-ID gemäß § 27 a Umsatzsteuergesetz: DE 189 243 380
2.2. Owners, directors, managing directors or other managers appointed in ac-cordance with the constitution of the company and the persons entrusted with the management of data processing
- Roland Hötzl
- Sebastian Metzger
- Jochen Seelig
Head of data processing:
- Sebastian Metzger
2.3. Address of the responsible body
Telefon: +49 931 466212 00
2.4. Purposes of data collection, processing or use
Data is collected, processed or used for the following purposes:
- Development of software applications and the associated sale of products and associated services, in particular training, service, support and other ancillary business.
- The administration of personnel, suppliers, prospective customers, partners or customers can be understood as secondary purposes.
- To guarantee data security, technical data is collected by analysis services, which may also contain IP addresses, in order to prevent misuse of the website or IT sys-tems and to guarantee data security.
- Personal data is collected, processed and used for the performance of services within the corporate relationship.
- Data is collected, processed and used to carry out lotteries and invitations to tender.
- Data is collected, processed and used to optimize services and products through feedback.
2.5. Description of the groups of persons concerned and the relevant data or data categories
Data from the following groups of persons is collected within the scope of fulfilling the business purpose:
- Employees, trainees, interns, former employees (contract, master and accounting data, details of private and business address, area of activity, salary payments, name and age, wage tax data, bank account data, entrusted assets, details of pro-fessional career, training and further education, qualifications, routing slip includ-ing user accounts), appointment management and correspondence.
- Customer data (master and contract data, correspondence (e.g. feedback and product comments, support requests, product interest), application usage data, IP addresses and other technical data when using the web service, customer ac-count and payment information)
- Parties interested in the contract (master and contract data, correspondence (e.g. feedback and product comments, product interest), offer data, IP addresses and other technical data when using the web service)
- Applicants (cover letter, application data, correspondence, IP addresses and other technical data when using the web service)
- Sales representatives and agencies (address, business and contract data as well as contact information, employee functions, communication information, IP address-es and other technical data when using the web service)
- Suppliers (contract and master data, cost and performance accounting data, schedule management data)
- Business partner (contract and master data, correspondence, appointment man-agement data)
- Third parties (IP addresses and other technical data when using the web service)
2.6. Recipients or categories of recipients to whom the data may be communicat-ed
We transmit your data to service providers who support us in operating our websites (e.g. hosting at AWS in Frankfurt) and the associated processes within the framework of order processing in accordance with Art. 28 GDPR. Our service providers are strictly bound to our instructions and are contractually bound accordingly.
2.7. Standard periods for the deletion of data
The legislator has enacted a variety of storage obligations and periods. After expiry of these periods, the corresponding data is routinely deleted if it is no longer necessary to fulfil the contract. Thus, the commercial or financial data of a closed fiscal year are deleted in accordance with legal regulations, unless longer retention periods are prescribed or required for legitimate reasons. Shorter cancellation periods are used in special areas. If data are not affected by this, they will be deleted when the purposes mentioned under 2.4 cease to apply.
2.8. Planned data transmission to third countries
In some cases, we transfer personal data to a third country outside the EU. We have always ensured an appropriate level of data protection:
In the case of Google Analytics (USA), an appropriate level of data protection follows from the corresponding participation in the Privacy Shield Agreement (Art. 45 para. 1 GDPR).
3. Rights as a User
As a website user, the GDPR grants you certain rights when processing your personal data.
3.1. Right of access (Art. 15 GDPR):
You have the right to obtain confirmation at to whether or not personal data concerning you is being processed, and, where that is the case access to the personal data and the information specified in Art. 15 GDPR.
3.2. Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer necessary for the intended purpose.
3.3. Right to restriction of processing (Art. 18 GDPR):
If one of the conditions set forth in Art. 18 GDPR applies, you shall have the right to restrict the processing of your data to mere storage, e.g. if you revoke consent, to the processing, for the duration of a possible examination.
3.4. Right to data portability (Art. 20 GDPR):
In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.
3.5. Right to object (Art. 21 GDPR):
If the data is processed pursuant to Art. 6 para. 1 s. 1 lit. f GDPR (data processing for the purposes of the legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process personal data, unless there are demonstrably compelling legitimate grounds for pro-cessing, which override the interests, rights and freedoms of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.
3.6. Right to lodge a complaint with a supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory au-thority if you consider the processing of the data concerning you infringes data protection regulations. The right to lodge a complaint may be invoked in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.
4. Contact Details of the Data Protection Officer
Please contact our data protection officer if you have any further questions, suggestions or wishes regarding data protection:
Dr. Christian Borchers
datenschutz süd GmbH
Telephone: +49 931 466 212 00