Data Privacy Declaration

Introduction

This data privacy concept explains how personal data is processed at audriga GmbH when transferring emails, contacts and calendar data.

Lat update: 29.02.2012

Definitions of terms

The following terms are being defined here to understand the text:

Personal data

Personal data is data in the meaning of section 3 para. 1 German Federal Data Protection Act (BDSG).

User-related data

User-related data is the user’s data in the meaning of section 14 of the German Telecommunications Act (TMG) which is necessary for the creation, content design or amendment of the user agreement between audriga and the user regarding the utilisation of the service. User-related data includes, but is not limited to, the user’s name, contact data and bank account of the user.

Account data

Account data is login name, password and server name of the email account necessary for access to specific user-related data.

Content data

Content data is emails, contacts and calendars and their contents (e.g. file attachments) which are transferred from one email provider to another with the help of the service.

Log data

Log data is used to record selected important events in the transfer process. Log data generally consists of a time stamp, as well as a log message which describes the status of the system or of the transfer process.

Transfer process

The term transfer process covers all necessary steps which the Contractor and audriga GmbH (“audriga”) have to carry out to copy data of the client from the account with the original email provider to the account with the destination email provider.

User-relevant event

By user-relevant events we understand events during a transfer about which the user should be informed, in order to be able to understand the results of the transfer. This includes the recognition of duplicates and the unexpected occurrence of errors when transferring the user data. audriga can inform the user by email about user-relevant events.

Coded communication, transfer and storage

For the coded communication, transfer and storage of data, audriga uses standard procedures which correspond with the current state of the art. For example, account data is saved encoded with AES-256. Communication within the Cloud infrastructure of audriga is encoded using SSL. The same applies to communicating with the original and destination email provider, if and in so far as they support an encoded data transfer. It is the user’s own responsibility to check this.

Which data is processed?

User-related data

The user-related data transferred by the user is processed for executing and completing the transfer.

Account data

The user transfers account data of the original and destination email providers. This account data is needed so that the content data can be retrieved from the original email provider and stored with the destination provider.

Content data

For the transfer, content data from the account specified by the user is retrieved from the original email provider and stored with the destination provider in the account provided by the user.

Log data

In the course of the transfer, log data is generated to record user-relevant events. When recording user-relevant events, log data can contain fragments of content data in order to enable the user to clearly identify any problems.

How is the data processed?

audriga processes personal data of the users solely in the framework of the statutory provisions, especially the German Telecommunications Act (TMG) and the Federal Data Protection Act (BDSG).

User-related data

audriga only processes user-related data if this is necessary for the provision and invoicing of the service, including the proof of a correct provision of the service.

Account data

The account data transferred by the user for the original and the destination email providers is solely used for the transfer applied for by the user and is deleted after completion of the transfer (cf. fig. 5.2 of audriga’s Terms of Use). Account data is only stored encoded in the Cloud infrastructure of audriga.

Content data

During the transfer process, content data is retrieved from the original email provider and stored at the destination provider. At no time will content data be permanently stored on the data processing systems in the audriga cloud infrastructure. An exception shall only apply to such fragments of content data which serve the recording of user-relevant events (see above).

Log data

audriga stores log data for the purpose of eliminating errors and for the proof of a correct service provision for one year after the completion of the transfer (cf. fig. 5.2 of audriga‘s Terms of Use) and deletes it automatically after the end of this period, unless audriga needs this data for the above mentioned purposes (e.g. in the context of a court case) for a longer period and the user has agreed to said data being stored for longer or this is permissible in accordance with the statutory provisions.

Passing on data to third parties

To provide the service, audriga currently uses the infrastructure of a European cloud supplier, currently Amazon Web Services LLC, Ireland, and a German cloud supplier, currently domainfactory GmbH. An agreement has been entered between audriga and the cloud suppliers concerning the processing of the order data which in particular ensures that the data is only processed within the European Union. Personal data is only passed on to third parties in the meaning of the data privacy regulations if the user has agreed to said data passing on or audriga is forced by mandatory statutory regulations or due to a decision by the courts or the authorities to surrender data.

Miscellaneous

The website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses cookies, i.e. text files which are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your utilisation of this website is generally transferred to a Google server in the USA and stored there.

In the event of rendering the IP on this website anonymous, your IP address will however first be shortened by Google within the member states of the European Union or in other contractual states of the EEA Agreement. Only in exceptions will the full IP address be sent to a Google server in the USA and shortened there. IP anonymisation is active on this website. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to generate reports about the website activities and to provide the website operator with additional services connected with the use of the website and the Internet.

The IP address determined by Google Analytics from your browser will not be added to other data by Google. You can prevent the cookies being saved through a corresponding setting of your browser software; we would however like to point out that in this case you might not be able to fully use all functions of this website. You can additionally prevent the recording of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout.