3. Which data does tchop collect and use at which stage?
3.1 Use of our website
If you access or use our website we may collect the following non-personal information:
- Request (Name of the requested file)
- Browser type/version (e.g.: Internet Explorer 11.0)
- Browser language (e.g.: English)
- Operating System (e.g.: Windows 7)
- Cookies On / Off
- Color settings
- Referral URL (the previously visited page)
- Time of Access
- IP Adress
tchop also may maintain log files which contain IP addresses. An IP address is a numeric address that may be assigned to your computer by your Internet Service Provider and can, in certain circumstances, amount to Personal Information. In general, we use log files to monitor traffic on our Website and to troubleshoot technical problems. In the event of user abuse of our Website, however, we may block certain IP addresses.
We use the information set out in this Section 3.1.1 to optimize your experience of the tchop services. The collection of the information set out in this Section 3.1.1 is mandatory. tchop is not able to properly provide you with the tchop services without this basic information.
We may also store flash cookies, also known as “local shared objects,” on your Internet enabled device if the Website uses Adobe Flash. Flash cookies are small files similar to cookies and are used to remember the Website’s settings to personalize the look and feel of the Website. Flash cookies only collect data in the aggregate. Like normal cookies, Flash cookies are represented as small text files on your internet enabled device.
3.1.3 Analytic Metrics Tools And Other Technologies
Our website uses Google Analytics. To learn how Google uses your data and how you can opt out click here: https://www.google.com/policies/privacy/partners/. The collection of the information set forth in this Section 3.1.3 is not mandatory.
3.2 Account Registration
You will need to register for a tchop account in order to access and use some of the tchop services (“Account”). If you register for an Account, in addition to the information we collect under Section 3.1 above we will also collect the following personal information:
- User ID
- Display name
- Role / description
- Email address
- Profile image
- Phone number (if needed fort wo factor authentification)
- Creation date
- Last active date
We use the information set out in this Section 3.2 to provide the tchop services. The collection of the information set out in this Section 3.2 is mandatory. tchop is not able to properly provide you with the tchop services without this information.
3.3 Account Registration
When you use the platform, in addition to the information we collect under Section 3.1 and 3.2 above we may also collect the following Personal Information and Non-Personal Information:
- Last active date on the platform
The collection of the information set out in this Section 3.3 is mandatory as we cannot operate, optimize and enhance the platform properly without collecting this information. If you do not agree with this data collection and storage we will need to deactivate your account and access to the platform. For legal reasons this information will be stored as long as your account remains open and for the applicable statutes of limitations thereafter.
In addition to Sections 3.1 to 3.3, if we reasonably suspect that any of the tchop services or your Account is being or has been misused, including without limitation, by virtue of any:
- DoS Attacks
- Distribution of Spam and/or Viruses
- Gold Farming
- defamation, racism, hate speech etc.
- other violations of our Terms of Service
then tchop may collect further personal information and non-personal information to verify or refute such suspicions within the limits of applicable law and taking into account your reasonable data protection interests. We will use this information to comply with applicable law and enforce our rights under civil and penal law against the respective users.
The collection of the information set out in this Section 3.4 is mandatory. We may not be able to enforce our rights without such information. For legal reasons this information will be stored as long as your account remains open and for the applicable statues of limitations thereafter.
3.5 Crash Reports, Customer Support
Optionally you may choose to send crash reports or contact customer support for any technical and commercial issues.
In addition to the data collected in Sec. 3.1 to 3.4 above the data provided by you may include:
- crash reports
- further machine specifications
- any other data you may choose to provide
The collection of the information set out in this Section 3.5 is not mandatory. However, we might not be able to fix bugs or handle the technical and commercial issues you have without this information. For legal reasons this information will be stored as long as your account remains open and for the applicable statues of limitations thereafter.
3.6 Marketing Information
Subject to your approval we may also use the information collected under Section 3.1 to 3.3 to provide marketing information and special offers for platform to you. This use of the information collected under Sections 3.1 to 3.3 is not mandatory. You can opt-out of this use of your data at any time here.
4. Will tchop share my information with third parties?
tchop may share your Personal Information with:
- third party payment providers which are bound by strict privacy policies to carry out payment transactions with you
- any authority to which we are obliged by law to disclose your personal information and non-personal information (e.g. tax authorities for commercial transactions)
We will not disclose your personal information to anybody else without your explicit approval.
We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom might collect publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience.
If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.
4.2 Amazon Web Services (AWS)
Our platform is hosted by , which complies to ISO 27001 and SSAE-16 standards, ensuring full data security. AWS provides services for hundreds of thousands of organizations, including enterprises, educational institutions, and government agencies in over 190 countries. AWS is operated by Amazon Web Services, Inc. 410 Terry Ave North Seattle , WA 98109-5210 , USA.
AWS customers designate in which physical region their data and their servers will be located. All our data is stored in Region EU (Frankfurt), which is named “eu-central-1“ within the AWS set of regions. Data replication and backups are done within the regional cluster in which the data is stored and are not replicated to other data center clusters in other regions.
AWS does commit to high levels of availability in its service level agreements (SLA). For example, Amazon EC2 commits to annual uptime percentage of at least 99.95% during the service year. Amazon S3 commits to monthly uptime percentage of at least 99.9%.
For more information on the privacy practices of AWS, please visit:
4.3 Pubnub Inc.
The real time chat on our platform is based on APIs, professional services and servers of Pubnub Inc.. PubNub offers realtime infrastructure-as-a-service, and provides enterprise-grade security, 99.999% SLA-backed reliability, and global scalability to support secure, large realtime deployments. Today, PubNub powers thousands of realtime apps around the world, from innovative start-ups to globally recognized brands, like Adobe, eBay and Samsung. Their platform handles trillions of realtime transactions per month from over 300 million unique devices with a
Pubnub is fully compliant with GDPR offering a range of features and functionalities that enables us to to handle and protect your real time messages in the best possible way.
PubNub’s encryption offering satisfies Articles 6 and 32 of the GDPR by providing both encryption for data in transit and data at rest.
All messages are end-to-end encrypted with AES-256. They are not readable as they route through the PubNub network, PubNub cannot read or act on the message data.
All our data (chat history) stores and persist only in E.U. hosted data centers. For enterprise clients we also provide a flexible option to route messages to your own servers so that your IT department has the option to leverage their own infrastructure for audit purposes.
In addition to providing the ability to set a time-to-live for persisted messages, PubNub offers a data deletion APIs (such as delete from history) to delete any persisted messages to stay compliant with Article 17 of the EU GDPR – Right to erasure.
Data access is a core tenant of GDPR (specified in Articles 5 and 32). Therefore Pubnub Access Manager provides token-based authorization allowing granular read and write access control at the user/device, channel, or key level. The Pubnub Access Manager enables us to securely limit use of personal data. It allows to create and enforce secure access to channels throughout the
For more information on the privacy practices of Pubnub, please visit:
https://www.pubnub.com/products/security/gdpr/ and https://www.pubnub.com/blog/ensuring-gdpr-compliance-for-pubnub-chat-apps/
4.4 Google Analytics
Google Analytics employs cookies that are stored to your computer in order to facilitate an analysis of your use of our public website. The information generated by these cookies, such as time, place and frequency of your visits to our site, including your IP address, is transmitted to Google’s location in the US and stored there.
In using Google Analytics our website employs the extension “anonymizeIp”. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from EU/EEA member states. Google uses this information to analyze your use of our site, to compile reports for us on internet activity and to provide other services relating to our website. We only use Google Analytics on our public website, not on our dashboard after login.
Google Analytics also uses electronic images known as web beacons (sometimes called single pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our site is used.
You can find additional information on how to install the browser add-on referenced above at the following link:
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.
4.5 Facebook Conversion Pixels
We use the “Custom Audience pixel” of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) on our website. With its help, we can keep track of what users do after they see or click on a Facebook advertisement. This enables us to monitor the effectiveness of Facebook ads for purposes of statistics and market research. Data collected in this way is anonymous to us, which means we cannot see the personal data of individual users. However, this data is saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and outside of Facebook. A cookie can also be saved on your device for these purposes.
Please click here if you would like to withdraw your consent https://www.facebook.com/settings/?tab=ads#_=_.
We use Postmark for sending transactional application emails when you use our platform in cases such as account activation or resetting your password. Postmark is a service operated by Wildbit LLC. 25 Chestnut St., Philadelphia, PA, 19106, USA.Your email address will remain within Postmark’s database for as long as we continue to use their services for email communication or until you specifically request removal from the list. You can do this by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
Further information and the applicable data protection provisions of Postmark can be retrieved under https://wildbit.com/privacy-policy and under https://postmarkapp.com/terms-of-service.
We are using a service called Mailchimp to manage email marketing subscriber lists and send monthly newsletters to our subscribers. Mailchimp is an online marketing platform operated by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States.
Mailchimp automatically places single pixel gifs, also known as web beacons, in every email sent by our users. These are tiny graphic files that contain unique identifiers that enable us and our users to recognize when a subscribers has opened an email or clicked certain links. These technologies record each subscribers email address,IP address, date, and time associated with each open and click for a campaign. We use this data to create reports for our users about how an email campaign performed and what actions subscribers took.
Every newsletter contains a quick and easy unsubscribe link in its footer, which enables users to unsubcribe anytime.
Your email address will remain within Mailchimp’s database for as long as we continue to use Mailchimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive periodic (approximately monthly) newsletter-style emails from us.
Further information and the applicable data protection provisions of Mailchimp can be retrieved under https://mailchimp.com/legal/ and under https://mailchimp.com/legal/terms.