You can download our data protection certificate as a PDF here.
Home » Data privacy
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
It is generally possible to use our website without providing personal data. If personal data (e.g. name, address or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Data protection officer: Henning Welz ([email protected]), Gesellschaft für Datenschutz Mittelhessen mbH
When you access our website, your location is analysed on the basis of your IP address and browser settings. The result is used to direct you to one of our company subpages that is responsible for your country location. The legal basis for this is Art. 6 para. 1 lit f. GDPR. Our overriding legitimate interest lies in targeted customer and prospect support.
Each time a user accesses a page on our server and each time a file is retrieved, access data about this process is also stored in a log file. Such a data record contains
The stored data is analysed exclusively for statistical purposes. It is not passed on to third parties for commercial or non-commercial purposes.
Where it is possible to enter personal or business data (e-mail addresses, names, addresses), the disclosure of this data by the user is expressly voluntary. In this context, too, all data is treated confidentially and not passed on to third parties.
You have the option of obtaining information about the personal data stored about you free of charge at any time. In addition, you naturally have the right to correct, block and delete this personal data in accordance with the statutory provisions.
If you have given your consent, this website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House Barrow Street Dublin 4, D04E5W5 Ireland. Google Analytics uses so-called ‘cookies’. These are text files that are stored on your computer and enable your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Google processes the data on the basis of EU standard contractual clauses, which are supplemented by a DPA.
However, if IP anonymisation is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent the future collection of your data when you visit this website: Deactivate Google Analytics
You can find more information on terms of use and data protection at https://www.google.com/analytics/terms/de.html or at https://policies.google.com/privacy?hl=en. Please note that Google Analytics has been extended on this website by the code ‘anonymizeIp’ in order to ensure anonymised collection of IP addresses (so-called IP masking).
We also use Google Analytics to analyse data from AdWords and the double-click cookie for statistical purposes. If you do not want this, you can deactivate it via the Ads Preferences Manager (https://www.google.com/settings/ads/onweb/?hl=en).
We use Google Ads, an online advertising service provided by Google Ireland Limited (‘Google’). Google Ads enables us to place targeted adverts in the Google search engine and on third-party websites.
If you access our website via a Google advert, Google Ads will store a cookie on your end device. This cookie contains a unique cookie ID and information about the ad interaction.
Google uses this data to measure the effectiveness of our advertising campaigns and to provide us with analyses. We ourselves do not receive any personal data from Google, only anonymised statistical evaluations.
The use of Google Ads is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
You can revoke your consent at any time with effect for the future.
We use Microsoft Advertising, a service provided by Microsoft Corporation. Microsoft Advertising uses cookies to serve relevant adverts and measure the performance of advertising campaigns. When you click on a Microsoft advert, a cookie is placed on your device. This cookie contains information about your click on the advert, such as the date, time and the advert ID. Microsoft uses this data to analyse the effectiveness of our ads and to provide us with aggregated reports. We do not receive any personal data from Microsoft. The use of Microsoft Advertising is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
You can revoke your consent at any time with effect for the future.
Sie können Ihre Einwilligung jederzeit mit Wirkung für die Zukunft widerrufen.
We use Microsoft Clarity, a web analysis tool from Microsoft Corporation. Clarity helps us to better understand user behaviour on our website. Clarity collects information such as mouse movements, clicks and scrolling behaviour. It also collects technical data such as browser type, operating system and screen resolution. This data is anonymised and analysed in aggregated form. Microsoft Clarity uses cookies to recognise returning visitors and assign sessions. The collected data is stored on Microsoft servers in the USA. Microsoft Clarity is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
You can revoke your consent at any time with effect for the future.
You can also prevent data collection by Microsoft Clarity by deactivating JavaScript in your browser. Further information on data protection at Microsoft Clarity can be found in Microsoft’s privacy policy.
We use HubSpot on our website for analysis purposes. HubSpot is a digital marketing tool from the USA with its headquarters in Ireland. Contact: HubSpot, 1 Sir John Rogerson’s Quay, Dublin Docklands, Dublin.
HubSpot enables us to manage existing and potential customer contacts. We can also use the service to record, sort and analyse customer interactions via email, social media and contact forms across different channels.
We have concluded a so-called order processing contract with the service provider in accordance with Art. 28 GDPR.
As part of the optimisation of our marketing measures, the following information may be collected via the service IP address, browser type, duration of your visit, geographical location and the pages accessed. This information is evaluated by HubSpot on our behalf so that we are able to record the user behaviour of our contacts on our website through the evaluation.
HubSpot is used on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR; you can revoke this consent at any time with effect for the future.
Für den Fall, dass personenbezogene Daten in die USA übertragen werden, hat sich HubSpot unter dem EU-U.S. Data Privacy Framework zertifizieren lassen – hierdurch wird das Datenschutzniveau bei der Übermittlung in die USA als angemessen betrachtet. Nähere Informationen zu der Datenverarbeitung durch HubSpot entnehmen Sie bitte der Datenschutzerklärung von HubSpot: HubSpot Privacy Policy.
Consent with Usercentrics
We use the Usercentrics consent technology from the German company Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, to obtain your consent to the storage of certain cookies on your end device or to the use of external services and to document these in compliance with data protection regulations. We have concluded a so-called order processing contract with Usercentrics in accordance with Art. 28 GDPR. The following of your data will be forwarded to the service provider
URL of the page visited, date and time of access, browser type, geographical location and cookie preferences. The service also stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected is stored until you ask us to delete it, delete the cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. For details on data processing by Usercentrics, please refer to the Usercentrics privacy policy: Privacy policy – Usercentrics. Usercentrics is used so that we can obtain the legally required consent for the use of cookies; the legal basis is Art. 6 para. 1 lit. c GDPR.
The LinkedIn Insight Tag allows us to collect data about visits to our website, including URL, referrer URL, IP address, device and browser characteristics and timestamps. The IP addresses are truncated or hashed. Direct identifiers of LinkedIn members are removed after seven days in order to pseudonymise the data. Using the Insight Tag, we can analyse information about the users of our website, such as demographic data, career level, company size and industry. We can also measure whether visitors perform certain actions on our website (conversion measurement). We use this data to optimise our online offering and our marketing measures. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests).
The pseudonymised data is deleted within 180 days. The data is stored on servers in the USA and possibly also in Europe.
Our website contains social media plug-ins from various platforms, some of whose processing location is in the USA. The respective plug-ins can be recognised by the relevant manufacturer logos:
If we have received your consent and you visit our website, the plug-in establishes a direct connection between your browser and the servers of the respective operator. If you are logged in to the relevant network, information about your visit to our website will be added to your profile.
We are not informed about the content of the transmitted data or the use of the data. The circumstances of this use can be found in the data protection declarations of the respective operators. If you do not want social networks to link data to your profile via our website, please log out before you visit our site.
The processing and use of personal data is also necessary for personal access to the helpdesk, for example to be able to define and change individual user settings. Access to this information is protected by a personal customer login and password.
If you send us enquiries using a form and enter data for this purpose or register online as a partner, your details from the relevant form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry or fulfilling the purpose pursued with the form and in the event of follow-up questions. This concerns
In principle, it is labelled which data we absolutely require in the form and which information you can provide on a voluntary basis. We use information provided voluntarily on the basis of our legitimate interest in targeted direct marketing. If consent is required for reasons of competition law, we will obtain it. We will not pass on any data to third parties without your consent.
You have the following rights under this agreement:
Please note that contact requests for trial versions are forwarded to N-able via elovade.com/manufacturer/n-able/. As a result, the manufacturer’s privacy policy applies to the processing of your enquiry, for which we cannot accept any responsibility.
If you use our operating costs calculator, you can enter all personal data (first name, surname) or business data (e-mail address, name, address) on a voluntary basis. All data entered will be treated confidentially and will not be passed on to third parties. The entries are stored in a necessary cookie and automatically deleted after 4 weeks.
We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of the website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
As part of sending the newsletter, we can track whether you have opened it and which links you have clicked on. We use this data to tailor future newsletters even more precisely to your interests; it is not passed on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the ‘unsubscribe’ link in the newsletter.
The website is hosted by the following service provider
Raidboxes GmbH
When you visit our website, the web host collects various log files including your IP address, which is why we have concluded an order processing contract with the web host in accordance with Art. 28 GDPR. The use of Raidboxes GmbH is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible
This page has been automatically translated to provide general guidance to international users. Despite careful machine translation, there may be deviations in the wording. In case of doubt, the German version of this content is legally binding.
You can find everything you need to know about working with us in the context of order processing in our FAQ.
the contractual partner
(hereinafter referred to as the ‘client’)
and
the
ELOVADE Deutschland GmbH
Garbenheimer Str. 36
35578 Wetzlar
Germany
(hereinafter referred to as ‘Contractor’))
This agreement governs the processing of personal data on behalf of the Contractor. This agreement applies to all activities in which commissioned processors process personal data for the Client. With this agreement, the responsible processor (client) determines the purpose and means of processing and prescribes the technical and organisational measures (TOMs) to be taken by the contractor to fulfil this purpose. The agreement also establishes a transmission privilege. It is subject to continuous amendment and is available here in its current form.
The exact circumstances of the processing on which the agreement is based are described in the annexes to this agreement.
The following agreements apply to the processing commissioned in this way:
The duration of the order is set out in the main contract. The name and date of this main contract can be found in Appendix 1.
Appendix 1 also lists the processing objects on which the order is based and for which the processing is concluded in the order.
The detailed specification of the content of the order is set out in Appendix 2.
Die detaillierte Konkretisierung von Art und Zweck der Datenverarbeitung erfolgt in Anlage 2.
The provision of the contractually agreed data processing shall take place exclusively in a member state of the European Union or in another state party to the Agreement on the European Economic Area. Any relocation to a third country requires the prior consent of the client and may only take place if the special requirements of Art. 44 f. GDPR are fulfilled.
Appendix 2 shows whether data is transferred to a third country and which guarantees the transfer is based on in this case.
The categories of personal data result from the main contract and are described in Appendix 3 based on the data categories.
The name and date of this main contract can be found in Appendix 1.
The categories of data subjects result from the main contract and are described in Appendix 4 on the basis of the categories of data subjects. The name and date of this main contract can be found in Appendix 1.
The contractor must document the implementation of the technical and organisational measures set out and required prior to the award of the contract before the start of processing, in particular with regard to the specific execution of the contract, and submit them to the client for review. If accepted by the client, the documented measures shall form the basis of the order. If the inspection/audit by the client reveals a need for adjustment, this must be implemented by mutual agreement.
The Contractor must establish security in accordance with Art. 28 para. 3 lit. c and Art. 32 GDPR, in particular in conjunction with Art. 5 para. 1, para. 2 GDPR. Overall, the measures to be taken are data security measures and measures to ensure a level of protection appropriate to the risk with regard to the confidentiality, integrity, availability and resilience of the systems. The state of the art, the implementation costs and the nature, scope and purposes of the processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons within the meaning of Art. 32 para. 1 GDPR must be taken into account.
The technical and organisational measures are subject to technical progress and further development. In this respect, the contractor is permitted to implement alternative adequate measures. In doing so, the security level of the specified measures must not be undercut. Significant changes must be documented.
The contractor may not rectify, erase or restrict the processing of data processed on behalf of the client without authorisation, but only in accordance with documented instructions from the client. If a data subject contacts the Contractor directly in this regard, the Contractor shall forward this request to the Client without delay.
If included in the scope of services, the erasure concept, right to be forgotten, rectification, data portability and information shall be ensured directly by the Contractor in accordance with the Client’s documented instructions.
In addition to complying with the provisions of this contract, the Contractor shall have statutory obligations pursuant to Art. 28 to 33 GDPR; in this respect, the Contractor shall in particular ensure compliance with the following requirements:
Subcontracting relationships within the meaning of this provision are those services that relate directly to the provision of the main service. This does not include ancillary services which the contractor utilises, e.g. as telecommunication services, postal/transport services, maintenance and user service or the disposal of data carriers as well as other measures to ensure the confidentiality, availability, integrity and resilience of the hardware and software of data processing systems. However, the Contractor is obliged to take appropriate and legally compliant contractual agreements and control measures to ensure the data protection and data security of the Client’s data, even in the case of outsourced ancillary services.
The Client consents to the commissioning of the subcontractors named in Annex 6 on the condition of a contractual agreement in accordance with Art. 28 para. 2-4 GDPR. Outsourcing to subcontractors or changing the existing subcontractor is permitted insofar as
The transfer of the client’s personal data to the subcontractor and the subcontractor’s initial activities are only permitted once all requirements for subcontracting have been met. If the subcontractor provides the agreed service outside the EU/EEA, the subcontractor shall take appropriate measures to ensure compliance with data protection law. The same applies if service providers within the meaning of para. 1 sentence 2 are to be used.
Any further outsourcing by the subcontractor requires the express consent of the main contractor (at least in text form).
All contractual provisions in the contractual chain must also be imposed on the additional subcontractor.
The client has the right to carry out inspections in consultation with the contractor or to have them carried out by inspectors to be named in individual cases. It shall have the right to satisfy itself of the Contractor’s compliance with this Agreement in its business operations by means of spot checks, which must generally be notified in good time.
The Contractor shall ensure that the Client can satisfy itself of the Contractor’s compliance with its obligations under Art. 28 GDPR. The Contractor undertakes to provide the Client with the necessary information upon request and, in particular, to provide evidence of the implementation of the technical and organisational measures.
Proof of such measures, which do not only relate to the specific order, can be provided by current certificates, reports or report extracts from independent bodies (e.g. auditors, internal audit, data protection officer, IT security department, data protection auditors, quality auditors).
The Contractor may claim remuneration for enabling the Client to carry out inspections.
The Contractor shall support the Client in complying with the obligations set out in Articles 32 to 36 of the GDPR regarding the security of personal data, reporting obligations in the event of data breaches, data protection impact assessments and prior consultations. This includes, among other things
The Contractor may claim remuneration for support services that are not included in the service description or are attributable to misconduct on the part of the Client.
The Client shall confirm verbal instructions without delay (at least in text form).
The Contractor must inform the Client immediately if it is of the opinion that an instruction violates data protection regulations. The Contractor shall be entitled to suspend the implementation of the corresponding instruction until it is confirmed or amended by the Client.
Copies or duplicates of the data will not be created without the knowledge of the client. Excluded from this are backup copies, insofar as they are necessary to ensure proper data processing, as well as data that is required in order to comply with statutory retention obligations.
After completion of the contractually agreed work or earlier at the request of the Client – at the latest upon termination of the service agreement – the Contractor shall hand over to the Client all documents, processing and utilisation results and data stocks that have come into its possession in connection with the contractual relationship or, with prior consent, destroy them in accordance with data protection regulations. The same applies to test and scrap material. The deletion log must be submitted on request.
Documentation that serves as proof of proper data processing in accordance with the order shall be retained by the Contractor beyond the end of the contract in accordance with the respective retention periods. The Contractor may hand them over to the Client at the end of the contract in order to discharge the Client.
The Contractor is obliged to maintain confidentiality, even after completion of the contract. This obligation applies to everything that becomes known to the Contractor in the course of its work for the Client. This shall not apply to facts that are obvious or that do not require confidentiality due to their significance.
The Contractor shall impose a written confidentiality obligation on its employees or subcontractors or other persons it engages to fulfil its order, insofar as they work for the Client in fulfilment of this agreement, and shall draw attention to the consequences under criminal law of a breach of the confidentiality obligation, in particular Section 203 of the German Criminal Code (StGB). The Contractor shall require subcontractors to obligate their employees to maintain confidentiality in writing and to inform them of the consequences under criminal law of a breach of the duty of confidentiality, in particular of Section 203 of the German Criminal Code (StGB). The Contractor shall obtain copies of the relevant declarations from the subcontractor.
The Contractor confirms that it has been informed by the Client of the consequences under criminal law of a breach of the duty of confidentiality, in particular of Section 203 of the German Criminal Code (StGB). The Contractor undertakes to obtain knowledge of third party secrets only to the extent that this is necessary for the fulfilment of the contract.
The Contractor undertakes to provide the Client with a copy of the written confidentiality declarations of its employees without further request.
Object of the agreement
Main contract:
Service agreement
Purpose of processing:
IT maintenance and service in accordance with the order specified in the service agreement
Duration of processing:
In accordance with the service agreement
Main contract:
Contract relating to the EL control panel
Purpose of processing:
Operation and maintenance of the cloud management console
Duration of processing:
In accordance with the contract
Main contract:
Contract relating to EL mailarchive
Purpose of processing:
Operation and maintenance of email archiving in the cloud
Duration of processing:
In accordance with the contract
Main contract:
Contract relating to EL storage
Purpose of processing:
Provision of online storage space
Duration of processing:
In accordance with the contract
Main contract:
Contract relating to EL cloud2cloud
Purpose of processing: operation and maintenance of a cloud backup management console, including the interface with OpenText CloudAlly Backup, as well as the provision of assessments and provisioning methods.
Duration of processing:
In accordance with the contract.
Specific description of the processing activity, taking into account the nature and purpose of the processing and any data transfers to third countries:
Textual description of the processing activity:
The Contractor processes personal data of the Client in the context of supporting work on and with software products covered by the service contract. The processing of personal data is neither the rule nor the main purpose, but cannot be ruled out in the context of the provision of services.
If the service to be provided requires the transfer of data to a subcontractor located in a third country in accordance with Annex 6, this transfer shall take place on the basis of the EU standard contractual clauses in their current form, supplemented by additional guarantees as required by ‘Schrems II’.
List of the type and purpose of individual processing activities:
Relevant processing activities within the processing:
Remote maintenance, troubleshooting and analysis of technical questions and problems
Type of activity:
Maintenance of software products
Purpose of the activity:
Assistance with problems
List of data categories:
Presumably all data available in the system to be maintained can be affected.
List of categories of data subjects:
Presumably all data available in the system to be maintained can be affected.
Data protection officer of the contractor
Name: Henning Welz
Organisation: gds Gesellschaft für Datenschutz Mittelhessen mbH
Adress: Auf der Appeling 8, 35043 Marburg, Allemagne
Telephone: +49 (0)6421 / 80413-10
Email: [email protected]
Representative outside the EU
Not applicable
Authorised subcontractors / other processors
(Art. 32 GDPR)
Technical and organisational security measures
(Art. 32 GDPR)
Amazon Web Services Inc.
410 Terry Avenue North, Seattle, WA 98109-5210
Web hosting of dedicated web servers and related services
Asana, Inc
1550 Bryant Street, Suite 200, San Francisco, CA 94103
Internal project management
Campaign Monitor Pty Ltd
201 Elizabeth Street, Sydney NSW 2000
Tool for targeted and evaluable newsletter campaigns
Captcha GmbH
Muthgasse 2, 1190 Wien
GDPR-compliant bot protection on our website
Carbonite, Inc.
2 Avenue de Lafayette Boston, MA 02111
Cloud services, backup
Google Ireland Limited
Google Building Gordon House, 4 Barrow St. Dublin,
D04 E5W5 Google Analytics
HaloITSM
Halo House, Gipping Way, Stowmarket, IP14 1GJ, UK
Service desk solution in technical support
Hetzner Online GmbH
Industriestr. 25, 91710 Gunzenhausen
Web hosting of dedicated web servers and related services
Hornetsecurity GmbH
Am Listholze 78, 30177 Hannover
Email Security And Compliance – Maximum protection for email traffic
HubSpot
1 Sir John Rogerson’s Quay, Dublin Docklands, Dublin
Cloud services, tracking
Infiterra Ltd.
25 Martiou 19, Suite 301, 2408 Egkomi, Cyprus
Cloud-Dienstleistungen, Subscription Commerce Platform
KnowBe4, Inc.
33 N Garden Avenue, Suite 1200
Clearwater, FL 33755, USA
Microsoft Ireland Operations, Ltd.
One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521
Web hosting of dedicated web servers and related services, mail traffic and document storage
Raidboxes GmbH
Hafenstraße 32, 48153 Münster
Web hosting of dedicated web servers and related services
Open Text Software GmbH
Werner-von-Siemens-Ring 20, 85630 Grasbrunn
Cloud services, Backup
Skyfillers GmbH
Schiffbrücke 66, 24939 Flensburg
Cloud services, backup
STRATO GmbH
Pascalstraße 10, 10587 Berlin
Cloud services, hosting, backup
Susell GmbH
Rosenthaler Str. 38, 10178 Berlin
Introduction of a digital learning platform called reteach
T3CH.com LLC
12 S. Main St. #412, Allentown, NJ 08501
Notification of planned maintenance and outages of cloud services (optional opt-in service)
TeamViewer GmbH
Jahnstraße 30, 73037 Göppingen
Carrying out remote maintenance and file transfers
Wasabi Technologies LLC
111 Huntington Avenue Boston, MA 02199
Web hosting of dedicated cloud storage and related services
Zoho Corporation GmbH
II. Hagen 7, 45127 Essen
Cloud-Dienstleistungen (CRM-Software, Helpdesk)
The following measures prevent unauthorised access to data processing systems (servers)
The following measures prevent unauthorised use of the system (server & clients):
The following measures prevent unauthorised reading, copying, modification or removal of data within the system:
The following options exist for processing data collected for different purposes independently of each other:
These measures prevent unauthorised reading, copying, modification or removal during electronic transmission or transport:
This makes it possible to determine whether and by whom personal data has been entered into, changed or removed from data processing systems:
Protection against accidental or wilful destruction or loss
You can download our data protection certificate as a PDF here.
The website does not match your location
Based on your IP address, a different language version of the Elovade website may be more appropriate. There you will find all relevant content for your region. If you would prefer to continue here, simply close the pop-up.
This page is available for the following regions.
This page is available for the following regions.