This privacy policy informs you about the processing of personal data in connection with our websites and online presences.
ECSO CLOUD An d. Klasgaß 4 56218 Mülheim-Kärlich You can find more information about ECSO CLOUD in our Imprint.
You can reach out directly to our data protection officer using one of these methods: E-Mail: data-privacy@ecso.cloud Phone: +49 2631 9028 500 (Only available in german) Post: An d. Klasgaß 4 56218 Mülheim-Kärlich
Unless otherwise specified, your data will remain within the EU and will not be passed on to third parties. 4.1 Customer Account What data is processed and how does it reach ECSO CLOUD? When creating a customer account, we process the name, contact details, and payment information that you provide to us. Why does ECSO CLOUD process my data and what is the legal basis for it? We process your data to create and manage your customer account This is necessary to give you access to our products and services. (Art. 6. para. 1 lit. b GDPR) Who has access to the data and is it shared with third parties? We do not collect or store any credit card information. You enter this information directly to our external payment provider Mollie. For more information, please refer to the privacy notice of Mollie. To make future payments easier, a pseudocard number is saved in your customer account. If you fail to pay despite repeated reminders, we may instruct the debt collection company to collect the outstanding debt. How long will my data be saved? After a customer account is deactivated, the following retention periods apply: - Without product usage: 3 years - With product usage (invoicing): 14 years (in accordance with tax and commercial law retention obligations) - Unverified customer accounts: 14 days after the end of the failed verification period Once these periods have expired, your data will be deleted. 4.2 Verification of customer details To minimize our business risk and to prevent the misuse of our services, we carry out a check based on general risk factors when new customer accounts are registered. Our system makes a prediction about how likely it is that you will meet your contractual payment obligations and use our services responsibly. The result of this preliminary check may influence whether we enter into a contractual relationship with you. During the assessment, the data you provide as well as technical characteristics are processed. This data is compared with our previous experience and evaluated with the help of an external service provider for risk analysis. To verify your identity, we may ask you to provide a valid ID document (e.g. passport or national ID card). The following data may be processed: name, address, date of birth, expiry date of the document. You may black out or hide other information on the document that is not needed. We process this data to prevent fraud, protect our services, and ensure they are not misused. (Art. 6 para. 1 lit. f GDPR) If the verification is required to provide or continue a service, the legal basis is also (Art. 6 para. 1 lit. b GDPR) After the verification is completed the data will be deleted immediately.
The GDPR grants you the following rights regarding your data: - Right of access: You can request information at any time about whether and which personal data we process about you. - Right to rectification: If the data we have stored about you is incorrect or incomplete, you can request its correction or completion. - Right to erasure ("right to be forgotten"): You can request the deletion of your data if it is no longer required for its original purpose. However, please note that immediate deletion may not be possible in some cases due to legal or contractual retention obligations. - Right to restriction of processing: If, for example, you dispute the accuracy of your data or believe that the processing is unlawful, you can request that we restrict the processing of your data. - Right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format. You can also request that we transfer the data directly to a third party, if technically feasible. - Right to object: You can object to the processing of your personal data unless there are compelling legitimate reasons for the processing. - Right not to be subject to automated decision-making: We do not make any automated decisions regarding your person. If we did, you would have the right not to be evaluated solely by algorithms. If you would like to make use of any of these rights, please contact our data protection officer directly.
If you believe that we are violating any data protection laws by processing personal data, you also have the right to make a complaint to the data supervisory authority who is responsible for our company. However, we encourage you to first contact our data protection officer. We always strive to resolve any possible disagreements as quickly and smoothly as possible so that we can avoid conflicts.
There is no statutory obligation for you to provide your data to ECSO CLOUD. However, you cannot use some of our services if you do not provide your data to us. Your decision to provide us with your personal data is completely voluntary.
We reserve the right to update this privacy policy from time to time. If you visit this page again, the updated privacy policy will apply.