Privacy Policy
Your personal data (hereinafter only "data") will be processed by the operator (hereinafter also referred to as "we") only to the extent necessary and for the purpose of providing a functional and user-friendly CFactory application (hereinafter "App" or "Software" or "Website"), including the content contained therein and the services offered there.
With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others about the purposes and means of processing. In addition, we inform you in the following about the third-party components we use for optimization purposes and to increase the quality of use, insofar as other providers process data on their own responsibility.
Service provider and responsible person in terms of the GDPR
Lovelace Labs OÜ
Veskiposti 2-1002
Tallinn 10138
Harju maakond
Estonia
Email: 
Registration Number: 16661005
Represented by Steffen Keller
Information on the collection of personal data
(1) In the following, we provide information about the collection of personal data when using our software. Personal data is all data that can be related to you personally, e.g. Name, address, e-mail addresses, user behavior.
(2) When you contact us by e-mail or via a contact form, we will store your e-mail address and, if you have provided it, your name and telephone number to answer your questions. We delete the data arising in this context after storage is no longer necessary or - in the case of legal storage obligations - restrict processing.
(3) If we use contracted service providers for individual functions of our offer or wish to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also state the specified criteria for the storage period.
(4) In addition to the purely informational use of the App, we offer various services which you can use if you are interested. For this purpose, you usually must provide additional personal data which we use to provide the respective service and to which the aforementioned data processing principles apply.
(5) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are checked regularly.
Your rights
(1) You have the following rights with respect to the personal data concerning you:
- Right of information,
- Right of correction or deletion,
- Right to limit processing,
- Right to object to the processing,
- Right of data transferability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data in our company.
Collection of personal data when using our software
(1) When using the website or software, we collect the personal data described below, which is technically necessary for us to offer you the functions of our software and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access Status/HTTP Status Code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the above-mentioned data, cookies are stored on your end device when you use our website. Cookies are small text files that are stored in the device memory of your device and assigned to the browser you are using. Cookies allow certain information to flow to the party that sets the cookie (in this case: us). Cookies cannot execute programs or transfer viruses to your device. They serve to make websites more user-friendly and effective overall. This includes in particular the session cookies. These store a so-called session ID, which can be used to assign various requests to your browser. The session cookies are deleted when you log out.
Automated sending of e-mails
We use the service provider Mailgun Technologies Inc. to send our automatically generated information e-mails, such as account confirmation or to reset the corresponding password. In this respect, the e-mail address you provide in the context of user account management, as well as possibly your name, will be passed on to the provider by way of order data processing.
Third Party Information: Mailgun Technologies, Inc, 548 Market St #43099, San Francisco, California 94104 USA, Tel. (210) 464-8320, Terms and Conditions: https://www.mailgun.com/terms/ , Privacy Policy: https://www.mailgun.com/privacy-policy/ , and additional information on the processing of order data by the provider https://www.mailgun.com/gdpr/. We use Mailgun in order to guarantee you reliable account management by way of fulfilling the contractually owed services. When sending e-mail via Mailgun, the EU region is used, so that messages and linked metadata remain within the EU. For the exceptional cases in which personal data is transferred to Mailgun in the USA and, if necessary, US authorities can access the data stored with the provider, we have concluded a contract for commissioned data processing with the provider on the basis of the EU standard data protection clauses in accordance with Art. 46 Para. 2 Letter. c) GDPR concluded. The legal basis for the use of Mailgun is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.
User account
(1) If you want to use our applications, it is necessary for the conclusion of the contract that you provide your personal data. Mandatory information required for the processing of contracts is marked separately, further information is voluntary. We process the data provided by you to process your order. For this purpose, we may pass on your payment data to our house bank or to the respective payment service provider. The legal basis for this is Art. 6 para. 1 p. 1 lit. b) GDPR.
Information about your user account (e-mail address, customer name, company name, address) is stored in a database controlled by us at the provider MongoDB (see paragraph 10).
(2) We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, after two years we will restrict the processing, i.e. h. Your data will only be used to comply with the legal obligations.
(3) To prevent unauthorized access to your personal data by third parties, especially financial data, the ordering process is encrypted using TLS technology.
Use of MongoDB
As a central database we use the services of MongoDB Ltd. to provide technically error-free and highly available services. The data is stored on servers at Amazon Web Services in the data center in Frankfurt near MongoDB, while the database is technically managed by MongoDB Inc.
Third party information: MongoDB Ltd. 3 Shelbourne Building, Crampton Avenue Ballsbridge, Dublin 4, Ireland. Tel. +35319014654; Terms of Use: https://www.mongodb.com/cloud-terms-and-conditions , Privacy Policy: https://www.mongodb.com/legal/privacy-policy.
For the exceptional cases in which personal data is transferred from MongoDB to third countries and, if necessary, authorities could access the data stored with the provider, we have concluded a contract for commissioned data processing with the provider to ensure the appropriate level of protection. In addition, the Provider warrants that it will enter into contracts with its subcontractors in non-European foreign countries on the basis of the EU standard data protection clauses pursuant to Art. 46 (2) Letter. c) GDPR in order to guarantee the level of protection.
The legal basis for the processing is Art. 6 para. 1 sent. 1 lit. b) GDPR and for the use of MongoDB with the involvement of subcontractors by MongoDB Art. 49 para. 1 sent. 1 lit. b) GDPR. The use of MongoDB is necessary for the performance of the contract for the reliable provision of online services.
Use of Amazon Web Services (AWS)
As a central server for communication between the app and the databases we use the services of Amazon Web Services EMEA SARL. For the provision of technically error-free and highly available services, the use is required. The data is stored on servers at Amazon Web Services in the data center in Frankfurt, while the server is managed by us.
Third Party Information: Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg, Fax: + 352 2789 0057; Terms of Use: https://aws.amazon.com/de/agreement/ , Privacy Policy: https://aws.amazon.com/de/privacy/.
For the exceptional cases in which personal data is transferred from Amazon to third countries and, if necessary, authorities could access the data stored with the provider, we have concluded a contract for commissioned data processing with the provider to ensure an appropriate level of protection. In addition, the provider assures that it will conclude contracts with its subcontractors in non-European foreign countries on the basis of the EU standard data protection clauses in accordance with Art. 46 Para. 2 Letter. c) GDPR in order to guarantee the level of protection.
The legal basis for processing is Art. 6 Para. 1 S. 1 lit. b) GDPR and for the use of Amazon AWS with the involvement of subcontractors by Amazon in accordance with Art. 49 Para. 1 S. 1 lit. b) GDPR. The use of AWS is required for the fulfilment of the contract for the provision of a secure and highly available online service.
Objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you can revoke it at any time for the future. Such revocation will affect the permissibility of processing your personal data after you have given it to us. You can manage the respective consent via the application settings and revoke your consent at any time with effect for the future.
(2) Insofar as we base the processing of your personal data on the weighing of interests (Art. 6 para. 1 lit. f) GDPR), you may object to the processing. This is the case if the processing is in particular not necessary for the fulfilment of a contract with you, which is described by us in the following description of the functions. In the event of such an objection, we request that you explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the facts of the case and will either stop or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
(3) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection to advertising by using the settings function within the app.