Privacy Policy
<p>This Privacy Policy provides an overview of which personal data we collect from you and what we do with it.</p>
Data Storage
When you visit our website
<p>Every time a page is accessed, our website collects a series of information that is stored in the log files of the server.
The following are recorded:</p>
<ul>
<li>the browser types and versions used</li>
<li>the operating system used by the accessing system</li>
<li>the website from which an accessing system reaches our website (so-called referrer)</li>
<li>the date and time of access</li>
<li>the Internet address from which access is made</li>
<li>other similar information used to defend against cyber attacks on our systems</li>
</ul>
<p>When using these server log files we do not draw any conclusions about the person concerned.
Rather, this information is needed</p>
<ul>
<li>to compile anonymous statistics about your visit to our website</li>
<li>to ensure the long-term operability of our systems and website</li>
<li>to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack</li>
</ul>
<p>This anonymously collected information is therefore evaluated statistically and with the intent of increasing data protection and data security in our company, which ultimately ensures an optimal level of protection for the personal data we process.
The anonymous data of the server log files are stored for three months, separately from all personal data provided by a data subject.</p>
When you buy a license
<p>As soon as you place a product in the shopping cart, a cookie is set on your web browser.
This cookie is necessary for the purchase procedure.
It enables us to temporarily store the data you have entered (shopping cart, contact data).
After 24 hours at the latest, the temporarily stored information is deleted.</p>
<p>If you proceed to checkout, your contact data (name, address, email address, company name, VAT number), the shopping cart, your Internet address and the payment method you have chosen will be stored with us.
These data are necessary so that we can issue a proper invoice with the VAT rate applicable for you.</p>
<p>Depending on the payment method, you will be forwarded to one of our payment service providers (mPAY24 GmbH or PayPal Europe S.à.r.l.
&.
Cie.
S.C.A.).</p>
<p>Sometimes it takes considerable time until the payment processor informs us whether they payment succeeded or failed.
Since bank transfers or e-check payments can take several weeks, we initially store your data for 30 days.</p>
<p>If payment is made within 30 days, we will issue a proper invoice and send you the license or gift card codes of the purchased products to the email address provided.
We are legally obliged to keep all invoice data and proof of the applicable VAT rate for a certain period of time.
This period is 10 years for customers from the EU (except Austria) (§25 para.
12, Art.
25a para.
10 Austrian UStG), or 7 years for all others, counted from the end of the year.</p>
<p>The name and email address of the license owner, the purchased license keys and the date of purchase are also stored for the term of the license agreement.
Data processing is carried out on the basis of the provisions of the GDPR Art.
6 para.
1 lit.
b (necessity to fulfill the contract) and para.
1 lit.
f (affected party is the customer, see recital 47 sentence 2 of the GDPR).</p>
Redeeming a gift card
<p>When you redeem a gift card, you become the license owner.
We therefore store your name and email address as well as your license key and redemption date for the term of the license agreement.</p>
Documents proving residence
<p>The EU Council Regulation No 967/2012, effective since January 2015, stipulates that for services rendered electronically, the value-added tax applicable at the customer’s place of residence must be charged.
We are therefore obliged to prove the location of the customer.</p>
<p>If this location cannot be sufficiently determined by clues from the purchase process (e.g.
Internet address), we will request further documents (e.g.
a copy of your ID card).
These documents are initially stored for 30 days.
If no purchase is made within these 30 days, we will delete the documents.
If a purchase is made, we store it for the duration of the legal retention period of 10 years (§25 para.
12, Art.
25a para.
10 Austrian UStG).</p>
Using our programs
Software Update Check
<p>If you have activated “Automatically check for updates” in the program, it automatically calls up a website at regular intervals.
This access is treated in the same way as access via a web browser (see section “Visiting our website”).</p>
Little Snitch Research Assistant
<p>Little Snitch’s Research Assistant can display information about third-party programs on user request.
For this purpose, the following information is transmitted at the express request of the user:</p>
<ul>
<li>Name of the program for which information is requested.</li>
<li>The file path where the program is installed.</li>
<li>The version number of the program.</li>
<li>The version number of your operating system.</li>
<li>If available, the Internet name of the computer the program tries to connect to.</li>
<li>If available, connection specifications (protocol, port number, inbound/outbound, etc.).</li>
<li>The language in which the information is requested.</li>
</ul>
<p>This data is never stored on a personal basis, but is immediately combined into anonymous statistics.
The statistics are intended to improve and maintain the database.</p>
<p>Access is via our web server, which stores log files with connection data for three months as described under “Visiting our website”.</p>
Other forwarding of data
<p>Under certain circumstances, our software may also pass on data to third parties, e.g.
if you perform a Google search in LaunchBar, the search term is passed on to Google.
This data is not subject to our Privacy Policy because it is not passed on to us or one of our contractors.</p>
<p>However, we make every effort to make this data transfer as transparent as possible for our products and and even for third party products, that is why we have developed “Little Snitch”.</p>
<p>Our programs come with a machine-readable Internet Access Policy (IAP) that lists where the program connects to, why it does so and what happens if you prevent the connection.
You can read more about this topic at https://obdev.at/iap</p>
Contact us
<p>If you contact us via contact form on our website or by email, the data you provide will be stored for the purpose of processing your request and in the event of follow-up questions.
We are legally obliged to keep business correspondence for at least seven years (§§ 190 and 212 Austrian UGB).</p>
<p>We reserve the right to keep messages which may be relevant in the event of civil law disputes until the respective limitation period.
This can be up to 30 years.</p>
Disclosure to third parties
<p>Data will not be transmitted to third parties, with the exception of:</p>
<ul>
<li>Payment service provider (see “When purchasing a license” above)</li>
<li>Tax consultant for the fulfilment of our tax obligations.</li>
</ul>
<p>When purchasing you can choose between the following payment service providers:</p>
<ul>
<li>PayPal Europe S.à.r.l.
&.
Cie.
S.C.A.</li>
<li>mPAY24 GmbH (Austria)</li>
</ul>
<p>The payment service provider receives your shopping cart and your full name from us.
For fraud prevention, PayPal also receives your email address and the country code of your address.
Payment data (credit card number, PayPal login data, account data or the like) is entered exclusively at the payment service provider’s website and is never transferred to us.</p>
<p>mPAY24 is a contract processor in the sense of the GDPR.
PayPal is itself controller in the sense of the GDPR, because you must already have a PayPal account to process the payment and therefore have entered into an agreement with PayPal.</p>
Evaluation of data
<p>We only collect anonymous statistics about the use of our services in order to improve the user experience of our website and our software.
It should be expressly mentioned here that we do not perform <em>Profiling</em>.</p>
Your rights
<p>In principle, you have the rights to information, correction, deletion, restriction, data transferability, revocation and objection.
If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority.
In Austria, this is the data protection authority:</p>
<p>Österreichische Datenschutzbehörde<br>
Hohenstaufengasse 3<br>
1010 Vienna</p>
<p>Phone: +43 1 531 15-202525<br>
Fax: +43 1 531 15-202690</p>
<p>Email: dsb@dsb.gv.at</p>
Contact data of the controller according to GDPR
<p>Objective Development Software GmbH<br>
Große Schiffgasse 1a/7<br>
1020 Vienna<br>
AUSTRIA</p>
<p>Email contact via https://obdev.at/support/</p>