Skip to main content

Privacy Policy

This Privacy Policy gives you an overview of the processing of your personal data in the context of the use of the offers and online services in connection with the Websites on sendcloud.com (the “Website”). This Privacy Policy also informs you about your rights under the EU Data Protection Regulation (“GDPR”) and the means to control your personal data and protect your privacy. Personal data is defined as all information that makes it possible to identify you as a person.

Sendcloud B.V., having its registered address at Stadhuisplein 10, 5611 EM Eindhoven, Netherlands (hereinafter “Sendcloud” or “we”), is the data controller for the processing of your personal data within the framework of the Website (hereinafter “Sendcloud” or “we”). If you have any questions regarding this Privacy Policy, please reach out to us at [email protected].

1. Which personal data we process on our Website and from which sources they originate

When we make our Website available to you, we process personal data from various sources. On the one hand, this is data that we automatically process for each visitor when the Website is accessed. However, this may also include data which you have voluntarily provided to us or which is only processed when you use our services.

Data that we automatically collect when you visit our Website:

As soon as you visit the Website, you send technical information to our web servers, which we store in server log files. This happens regardless of whether you subsequently contact us (e.g. via the contact form). In any case, we collect the following access and web access data (which we call “Usage Data”):

  • the date and time of the visit and the duration of the use of the Website;
  • the IP address of your device;
  • the referral URL (the website from which you may have been referred);
  • the visited subpages of the Website; and
  • more information about your device (device type, browser type and version, settings, installed plug-ins, operating system).

We process the Usage Data to enable you to use the Website and to ensure the functionality of the Website. In addition, we process Usage Data in order to analyze the performance of the Website, to continuously improve the Website and to correct errors or to personalize the content on the Website for you. We also process the Usage Data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular, fraud. These server log files are deleted after a maximum of 7 days. Our legal basis for this data processing activity is our legitimate interests, as per Art. 6.1.(f) GDPR.

Please note that we use cookies for the automatic processing of Usage Data. Cookies are small text files that you upload to your device when you visit our web pages and store the above information about you. You can find out more about the use of cookies on the Website in our Cookie Policy.

Data that you transmit to us yourself:

In addition to the data we receive from all visitors, we also process other data when you use our contact form and/or download media from our website. You can see the details in the contact form. We process this data in order to process your request and will process the correspondence in accordance with the applicable rules for business letters under German law for a period of 6 years from the end of the calendar year during which your request has been submitted.

The legal basis in each case is your consent, as per Art. 6.1 GDPR and § 25 TTDSG.

2. Data we process when providing the Sendcloud cloud integration to our customers

Please note that the provider who has implemented the integration in their online shop or services is solely responsible for data processing using the Sendcloud integrations. In this case, Sendcloud will only act as an order processor. This means that Sendcloud, according to a contractual agreement, is strictly subject to the customer’s instructions and will process all data as the customer’s technical service provider without its own decision-making authority with regard to the processing of personal data by the customer. In this respect, please try to access the data protection policy information of the customer for more information.

3. The purposes for which we process your data

We have already informed you above for which purposes we process your data in individual cases. In addition, we may process your data for other purposes. This includes, for example, passing on your personal data to third parties if we are legally obliged to do so, but also the assertion of legal claims on our part or the defence against legal disputes. The legal basis in these cases is either our legal obligations (Art. 6.1(c) GDPR) or our legitimate interests (Art. 6.1(f) GDPR).

4. To whom we forward your data

Your personal data will only be passed on to third parties if this is necessary for the provision of the Website or the Sendcloud integration. The data recipients also include the third-party providers mentioned in our Cookie Policy.

5. Data processing outside the EU/EEA

We do not transmit your personal data to any third parties located outside of the EU/EEA without implementing appropriate safeguards.

For some specific services, Sendcloud may use data processors or business partners located outside of the EU/EEA. Some of your personal data may therefore be transferred to them for the strict purposes of their services. In such cases and in accordance with the regulations in force, Sendcloud requires its data processors to provide the necessary safeguards to ensure regulated, secure transfers, mainly by requiring them to sign the European Commission’s standard contractual clauses. Where required, an applicable Transfer Impact Assessment will be conducted to ensure the security of the data transferred. In all cases, we will ensure that an adequate level of data protection is guaranteed at all times.

6. Storage duration

We process and store your personal data to the extent necessary to fulfil our contractual or legal obligations. Therefore, we store the data as long for as our contractual relationship with you exists and after termination only to the extent and for as long as legally required. If data is no longer required to fulfil legal obligations (e.g. under tax or commercial law), it is deleted regularly unless further processing is necessary to preserve evidence or defend against legal claims against us. For the preservation of evidence necessary is e.g. your IP address and the exact time of the granting, if you have given us a consent.

7. Your legal rights under the GDPR

You can assert the following rights against us within the framework of the GDPR with regard to your personal data:

  • Your right to information and access pursuant to Article 15 GDPR.
  • Your right to rectification pursuant to Article 16 GDPR.
  • Your right to erasure pursuant to Article 17 GDPR.
  • Your right to restriction of processing pursuant to Article 18 GDPR.
  • Your right to data portability pursuant to Article 20 GDPR.
  • Your right to object to processing of your personal data which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions, pursuant to Article 21 GDPR.
  • In addition, you can also revoke your consent to the processing of your personal data at any time. However, this revocation only applies for the future. Any processing that took place before the revocation remains unaffected by this.
  • You also have the right to lodge a complaint with the competent data protection supervisory authority (Article 77 GDPR).

If you would like to exercise your rights as a data subject, you can reach out to us at [email protected].

8. Modification of this Privacy Policy

In order to keep this information up to date, this Privacy Policy will be modified when the underlying data processing is changed.