Privacy and Security Hub

Data protection

The use of snapADDY software is safe in terms of data protection and the General Data Protection Regulation (GDPR). This applies as long as the processes in your company are well regulated and the necessary framework conditions – such as the conclusion of an Order Processing Agreement with snapADDY – have been adhered to.

Thanks to snapADDY's solutions, your company's staff record or enrich contact data with accessible information to them (such as business cards, email signatures) or public sources (such as websites, Google Maps, business networks), creating new contacts, updating, or completing existing contacts in your CRM system.

snapADDY solutions process personal contact data that would be available to your company's staff (in unstructured form) even without using the snapADDY software. For example, data from sources that are only accessible to your company (e.g., business cards, email inboxes) as well as public data sources (e.g., legal notice pages, business networks).

The snapADDY solutions facilitate and partially automatize the recording of contact data from such sources for your staff. snapADDY does not use any internal database of contact data beyond the external sources mentioned above for enriching or adding contact information.

Data sources and related uses:

  • Email signatures
  • Websites & legal notices
  • Google Maps
  • Business cards
  • Business networks

The data storage and business logic of our software solutions are performed at Amazon Web Services (AWS) in Frankfurt am Main, Germany. Consequently, personal data processing takes place exclusively in the EU or Germany and such data will always remain within the European Union. We have concluded all contracts required for the GDPR with AWS as a subcontractor; furthermore, our hosting provider is ISO-certified.

No, your customer data and the contacts you record will not be shared with other companies or used to create a contact database. All contact data you record is accessible only to your company.

In general, contacts captured by our customers are not stored long-term in snapADDY solutions but are exported to a CRM system (or Excel, etc.) after being processed. Once the data has been deleted from the snapADDY software, it is permanently deleted from our systems after the backup deadlines expire.

As an administrator, you can set in the snapADDY software that all recorded data is automatically deleted from snapADDY DataQuality after being exported.

Besides the Order Processing Agreement, there are technical and organisational measures (TOMs) to ensure data security. These measures meet the standards required by the GDPR.

You can download an overview of our TOMs here:

We use the cloud hosting provider Amazon Web Services (AWS) as a subcontractor for deploying our products and Google's Cloud Vision service for the text recognition (OCR) of business cards.

You can find a full list of subcontractors in our Order Processing Agreement:

Order Processing Agreement

The use of snapADDY software does not change your current procedures and requirements for creating new contacts or leads in your CRM or other systems. Only the previously manual creation of a new contact will be partially automated.

Of course, your staff and CRM users must comply with applicable law when using the software and, if necessary, obtain the consent of the individuals being processed.

For example, if there is a current business opportunity and your staff creates a lead in the CRM system for legitimate interest, then snapADDY only automatizes this manual step. If your staff store any contact data in the CRM without the consent of the concerned person, this action would not be GDPR compliant, regardless of whether snapADDY software is used or not.

By generating updated suggestions for contacts based on sources available to you or public sources (business cards, email signatures, business networks), the principles of the GDPR (e.g., the principle of accuracy of stored data) are also positively applied.

Since snapADDY solutions process personal data, you must conclude an Order Processing Agreement with snapADDY according to Art. 28 of the GDPR.

All important rights and obligations for you as a client and us as a contractor are specified in this agreement. Please use our sample agreement for this purpose, sign it and send it back to .

Individual Order Processing Agreement

It is also possible to fill in and sign a customized order processing form that you have created. However, we will have to charge you for the cost of legal review of your documents.

When data is transferred to a third country, comprehensive data protection measures must be taken, such as the conclusion of standard contractual clauses and the performance of a data transfer impact assessment to check whether data processing in the third country is permissible. In the case of data processing in the USA, there is the "Data Privacy Framework" adequacy decision, which applies if a service provider is certified under this. At snapADDY, we use the hosting provider Amazon Web Services (AWS) to store data. All data is processed in a data center in Frankfurt am Main and therefore does not leave the European Union.

snapADDY's solutions do not create a copy of the data in your CRM system but are based on bidirectional interfaces that retrieve the information required for the respective action directly from your CRM system. For example, this includes the automatic duplicate check that searches in real-time for possible duplicates of a contact in your CRM system.

We assigned the SiDIT GmbH as external data protection representative. This is the contact information:

Phone: +49 931 78 08 77 0



Do you have any questions?

We hope there are no more questions! If you do, please feel free to contact us at the email address below:

Data protection