Last revision: May 4th, 2020
Data protection and data security are of utmost importance for Userlike UG (limited liability), hereinafter "Userlike" or "we". In the following we may provide answers to your most frequent questions to what personal data we collect, process and use in connection with our website and what your possibilities are to influence this data usage.
We would like to point out that this privacy statement applies only to our website https://www.userlike.com and its subpages (hereinafter "Websites") but not to websites of third parties that are linked with our Websites. As Userlike has no measures to influence data usage of said third parties, we recommend that you also assess those third parties’ privacy statements.
Userlike collects and processes personal data exclusively in compliance with the relevant provisions of German data protection law, in particular the General Data Protection Regulation (EU-GDPR) and the Telemedia Act (TMA).
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
The party responsible for processing data on this website is:
Userlike UG (haftungsbeschränkt)
Telephone: +49 (0) 221-63060024
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the Data Protection Officer of the German state in which our company is headquartered. A list of Data Protection Officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.
Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon in your browser line is visible.
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
We have appointed a Data Protection Officer for our company.
Dr. Jochen Notholt
The purpose of the data processing is the selection of applicants for an employment relationship. There are no plans to change these purposes.
Legal basis is § 26 BDSG (2017) in connection with Article 6 (1) (b) (employment contract) and Article 88 DS-GMO.
Applicant data is passed on internally to the responsible and decision-making employees. We also use service providers to process orders for the provision of services, in particular for the provision, maintenance and servicing of IT systems.
The data will be deleted three months after the end of the application process.
Personal data is required for the examination of the application and, if necessary, the subsequent conclusion of an employment contract. Without personal data, an application cannot be considered. However, applications can also be submitted without providing such information marked as voluntary.
In the course of the application process, data is processed by the service provider Hetzner. This processing is based on the conclusion of an order processing agreement under German law. A copy may be made available at any time by the Data Protection Officer.
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Userlike uses a live chat of Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany (yes, we use our own chat :-) ). You can use the live chat as a contact form to chat with our staff in near real time. At the start of the chat, personal data is collected.
Depending on the course of the conversation with our employees, further personal data may arise in the chat, which are entered by you. The type of data depends strongly on your request or the problem you describe to us.
All our employees have been and will be trained on the subject of data protection and on the safe and confidential handling of customer data. All our employees are bound to confidentiality and have accordingly signed an addendum to the obligation to maintain confidentiality and to observe data protection in their employee contracts.
Furthermore, Userlike stores the chat record. This shall not only spare you the inconvenience of recalling the whole chat history of past chats when you ask for our assistance via live chat but shall also ensure an continuous quality control regarding our live chat. If you do not want to have your chat record stored please contact us and we will delete it immediately. You may find our contact details at the end of this privacy statement.
If you decide to make use of our services, we may ask you for further personal data. If you make use of services that are free of charge (e.g. Free Trial or Edition "Free") this is the name of your company or your website address, your first name, surname and username, your email address andyour password. If you want to use our fee-based services (e.g. Edition "Team", "Corporate", "Business", "Custom" or "Flex") you must furthermore provide us with the necessary payment details, depending on the chosen payment method (e.g. credit card details, etc.).
Depending on the individual use of the relevant service we might process further personal data insofar as it is necessary to render our services. This relates for example to the content of chats or chat records that have been conducted and stored by making use of our services and IT infrastructure.
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments.
Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Userlike will transfer data to third parties only to the extent necessary to render its services. For any other purposes we will transfer personal data to third parties only with your prior and explicit consent. That applies in particular to the transfer of personal data for advertising purposes. Exceptions to this rule apply only in the following cases:
Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.
Userlike uses Facebook Connect, a service of Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA or its subsidiary Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (Facebook). By logging in via the Facebook Connect button, personal data is transmitted to Facebook. We do not know what data Facebook links to the personal data received and for what purposes Facebook uses this data.
Facebook stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. If not done manually by the user, the data and cookie are deleted after a predetermined time.
Facebook’s Custom Audiences service also allows us to track user behavior on our website after they have been redirected to the our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes.
The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, the data is stored and processed by Facebook, which is why we are informing you here. Facebook may link the information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy: https://www.facebook.com/about/privacy/
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can opt out of the collection of your data by the Facebook pixel and the use of your data for the purpose of displaying Facebook ads on and off Facebook by Facebook and its partners here: https://www.facebook.com/settings?tab=ads
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".
This website uses Google AdSense, a service for including advertisements from Google Inc. ("Google"). It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google AdSense uses so-called "cookies", which are text files stored in your computer that enable an analysis of the way you use the website. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information such as the visitor traffic on these pages can be evaluated.
The information generated by cookies and web beacons relating to your use of this website (including your IP address), and delivery of advertising formats, is transmitted to a Google server in the US and stored there. This information can be passed on from Google to contracting parties of Google. However, Google will not merge your IP address with other data you have stored.
AdSense cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
You can prevent the installation of cookies by setting your browser software accordingly. Please be aware that in this case, you may not be able to make full use of all the features of this website. By using this website, you agree to the processing of data relating to you and collected by Google as described and for the purposes set out above.
Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 (1) (a) GDPR. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing anonymous user behavior for promotional purposes.
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
Userlike uses AMP, a website publishing technology developed by Google LLC, 1600 Amphitheatre Parkway in 94043 Mountain View, USA (hereinafter: AMP) to reduce the loading time of its website, especially on mobile devices, and improve the user experience.
In this context, Userlike uses the Google AMP Client ID API to receive a Client ID through which a website visitor’s page activity on pages with and without AMP can be connected to Google Analytics via a cookie. The legal basis for data processing is Article 6 (1) (f) GDPR. The website owner's legitimate interest consists in an interest to analyze user behavior in order to optimize website services and advertising.
If the collection of data for Google Analytics is deactivated as described in the section "Google Analytics", no link via AMP Client ID takes place.
Userlike uses the Headwayapp to inform you as a customer about product news in the dashboard area (changelog). Therein we provide information on significant changes, new functions and corrections to the product.
Headwayapp uses so-called "cookies". These are text files that are stored on your computer to allow you to use the dashboard.
For more information on the handling of user data at headwayapp.co, please refer to Headwayapp's data protection declaration:
This website uses functions of the web analytics service Kissmetrics. The provider is Space Pencil, Inc., 847 Sansome Street, Lower Level San Francisco, CA 94111, USA.
Kissmetrics uses "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to and stored by Kissmetrics on servers in the United States.
The storage of Kissmetrics cookies is based on Article 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both his website and his advertising.
You can prevent Kissmetrics from collecting your information by clicking the following link. An opt-out cookie is set to prevent your data from being collected during future visits to this https://signin.kissmetrics.com/privacy/ (Opt-Out section).
More information on how Kissmetrics handles user data can be found in their data protection statement:
Linkedin stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. If not done manually by the user, the data and cookie are deleted after a predetermined time.
Linkedin’s Matched Audiences service allows us to track user behavior on our website after they have been redirected to the our website by clicking on a Linkedin ad. This enables us to measure the effectiveness of Linkedin ads for statistical and market research purposes.
The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, the data is stored and processed by Linkedin, which is why we are informing you here. Linkedin may link the information to your Linkedin account and also use it for its own promotional purposes, in accordance with Linkedin’s Data Usage Policy: https://www.linkedin.com/legal/privacy-policy
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can opt out of the collection of your data by the Linkedin pixel and the use of your data for the purpose of displaying Linkedin ads on and off Linkedin by Linkedin and its partners here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Userlike uses Leadfeeder, a web analytics software provided by Liidio Oy, Mikonkatu 17 C in 00100 Helsinki, Finland (hereinafter: Leadfeeder) to.
Leadfeeder uses “cookies”, text files stored on your computer to analyze your use of our website. The information generated by the cookie about your use of this website (inlcuding your IP address, page views, visitor source and time spent on the site) is encrypted before being stored on servers in the United States.
The visitor IP address is used by Leadfeeder to detect the company and geographic location. Leadfeeder only shows company visits and automatically filters out all users visiting from residential IP addresses. All visit data is aggregated on the company level.
Twitter stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. If not done manually by the user, the data and cookie are deleted after a predetermined time.
Twitter’s Conversion Tracking tracks the actions of users after they have viewed ads or interacted with ads on Twitter. It allows us to distinguish conversions such as link clicks, downloads, purchases, retweets or "like" data.
The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, the data is stored and processed by Twitter, which is why we are informing you here. Twitter may link the information to your Twitter account and also use it for its own promotional purposes, in accordance with Twitter’s Data Usage Policy: https://twitter.com/privacy
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to opt out of retargeting and tracking via Twitter, follow the links on this page: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads
Userlike may use the services of Userlane GmbH (Rosenheimerstr. 143 C, 81671 Munich, Germany ("Userlane")) for the purposes of user onboarding, staff training and the subsequent tracking of user behavior during these steps.
The data that we submit to Userlane in the process: tags to distinguish customer groups, language of company contact, operator ID to track how our lanes are used and to save progress. In order for Userlane’s services to function, Userlane uses so-called "cookies", text files stored on your computer.
For more information on the handling of user data by Userlane, please refer to the company’s data protection declaration: https://www.userlane.com/privacy
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
This website uses the services of MailChimp to send newsletters. This service is provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service which organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on MailChimp servers in the USA.
MailChimp is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
We use MailChimp to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp's servers in the United States. This allows us to determine if a newsletter message has been opened and which links you click on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by MailChimp, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of MailChimp. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data, can be found in the data protection declaration of YouTube under: https://www.google.de/intl/de/policies/privacy.
Our website uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our website or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored.
If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
Userlike uses the captcha service "reCAPTCHA" by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") on its website to check whether input in its web forms (e.g. account signup) originates from humans or automated programs. The goal is to make your use of our website as safe and stable as possible.
reCAPTCHA analyzes the behavior of the website visitor based on various parameters as soon as the visitor accesses the website. reCAPTCHA evaluates various data of the website visitor (e.g. IP address, time spent on the website or mouse movements). The data collected during the analysis is transmitted to Google. The analyses run in the background, website visitors are not informed that an analysis is taking place.
Data processing is carried out on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting his web offers from abusive automated spying and from SPAM.
Userlike uses the Amazon Web service Cloudfront as a Content-Delivery-Network (CDN), which is provided by Amazon Web Services Inc., Box 81226, Seattle, WA 98108, USA. A CDN is a worldwide network of servers that provides content for Userlike. The use of a CDN ensures that Userlike's service can be reached equally quickly in every country in the world. Contents in this context are Java-Script files or the chat widgets, which bring source code for the execution of the chat. Furthermore, the CDN provides images of the page www.userlike.com or stylesheet files that control the appearance of the website.
Userlike uses the Amazon Web Service Simple Email Service (Amazon SES) to send emails sent by Amazon Web Services Inc., Box 81226, Seattle, WA 98108, USA. For example, when you register with Userlike, a welcome email will be sent to you. In this example, the email is sent by AWS SES.
Userlike uses the Amazon Web Service Route 53 (AWS Route 53) to map the Domain Name System (DNS) of the domain userlike.com, which is provided by Amazon Web Services Inc., Box 81226, Seattle, WA 98108, USA. The DNS has the function of a phone book, only for computers. If your computer wants to connect to the servers of the domain userlike.com, the computer first needs an IP address of the Userlike server in Germany. This IP address is requested from AWS Route 53. The data exchange between your computer and our servers can then take place.
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide will be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) GDPR (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
Userlike offers payment via SEPA direct debit mandate and credit card. The provider of these payment services is Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, Netherlands (hereinafter "Adyen").
If you select payment via SEPA mandate or credit card, the payment data you have entered will be transmitted to Adyen.
Your data will be transmitted to Adyen on the basis of Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing to fulfil a contract). You have the option to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of data processing operations in the past.
In the unlikely case that the credit card payment via Adyen fails, Userlike tries to process the payment via Wirecard. The provider of this payment service is Wirecard AG, Einsteinring 35, 85609 Aschheim, Germany (hereinafter "Wirecard").
If the payment is processed via Wirecard, the payment data you have entered will be transmitted to Wirecard.
Your data will be transmitted to Wirecard on the basis of Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing to fulfil a contract). You have the option to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of data processing operations in the past.
Userlike offers payment via Recurly. The payment service provider is Recurly Inc., 400 Alabama Street, Suite 202, San Francisco, CA 94110, USA, (hereinafter "Recurly").
If you select payment via Recurly, the payment data you have entered will be transmitted to Recurly.
Your data will be transmitted to Recurly on the basis of Article (6) (a) GDPR (consent) and Article (6) (b) GDPR (processing for the fulfilment of a contract). You have the option to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of data processing operations in the past.
The transfer of data to a recipient in a third country outside the EU and the EEA is permissible if the requirements fixed in Articles 44 et seqq. GDPR are complied with and, in addition, the transfer is subject to prior consent to be given by the Controller by notice in electronic form. The further details are stipulated in one or several annexes.
If a data subject asserts claims according to chapter III GDPR against any of the parties, such party will inform the other party without undue delay (unverzüglich"). The Processor will support and assist the Controller within the realms of possibility in handling any such claims and in complying with the duties specified in Art. 33 to 36 GDPR.
The Processor will bear the costs incurred by it in connection with the measures taken by the Controller. This includes in particular the costs incurred by the Processor in connection with controls and inspections carried out by the Controller according to § 8.
An annex is deemed terminated upon termination of the main contract without a separate notice of termination being required to end the annex. In this case, the Processor is obliged, at the Controller’s choice, either to return the data processed under the annex or delete the data in accordance with the applicable data protection requirements without undue delay ("unverzüglich") and confirm this to the Controller by appropriate notice in electronic form. The Processor will also notify the Controller by appropriate notice in text form if the Processor is itself subject to a statutory obligation to store the data in question.
The DPA, as of its signing, supersedes the existing contracts according to § 11 BDSG (German Federal Data Protection Act). If the parties, prior to concluding this DPA, have agreed on specifications according to § 1, these will continue in effect and apply analogously under the DPA unless they are superseded by annexes which pertain to the same data to be processed.
The provider allows the client to individualize the chat widget and extend the functional scope of the service. All settings are stored in the client's customer account. The activation of optional chat functions is not necessary for the operation of the core service of the chat and is a free decision of the client.
Depending on the function used, the activation of these optional functions may result in personal data of the client's end customers being forwarded to subcontractors of the provider for further processing. All the subcontractors are listed in the appendix, point 9: Optional add-on providers.
Upon activation of the respective function, the subcontractor shall be deemed to have been approved by the customer; a right of objection pursuant to Clause 6.2 shall then not exist. If the client activates optional functions in the chat widget, the client undertakes to inform the users of the chat widget about the use of these functions in conformity with data protection. Furthermore, the client undertakes to check the functional scope of the chat widget and to ensure that the data protection settings of the account are correctly configured.
On request, we will gladly send you the documents on technical and organizational measures that we refer to in our data processing agreement.
Last revised: May 1, 2018