Effective date: August 1, 2018
Responsible in the Sense of the GDPR
Structured Path GmbH
Structured Path GmbH ("us", "we", or "our") operates the diagrams.app website (the "Service").
This page informs you about our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
Structured Path GmbH uses personal data only to provide information via an email newsletter. All other cases in which personal data is used concern third party internet service providers which are explained below.
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). The personally identifiable information may include, but is not limited to:
Email address and name
Cookies and usage data
Legal foundation for the processing of personal data for our newsletter service are article 6 section 1 lit. a) and article 7 of the EU-Data Protection Directive.
Legal foundation for the processing of personal data (internet session data only) is article 6 section 1 lit. f).
We may also collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (i.e. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Use of Data
Structured Path GmbH uses personal data for the following purposes.
To respond to emails sent to us via the contact form
To provide the email newsletter
To notify about changes to our Service
Your personal data will be processed only until you withdraw your approval.
Transfer of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside Germany and choose to provide information to us, please note that we transfer the data, including Personal Data, to Germany and process it there.
Disclosure of Data
Structured Path GmbH may disclose your Personal Data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of Structured Path GmbH
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
Your personal data (email address and name) is kept absolutely safe inside our company. We chose a mailing list provider ("MailChimp", based in Atlanta, Georgia, USA) that promises to uphold the highest security standards to keep your data safe on their servers (see "Mailing List" further down). However, data stored at third party service providers is never solely in our hands.
Similarly, personal data obtained during browser sessions are stored on your personal device (cookies or the like) and are thus not in our hands.
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
For the management of our mailing list we use the following Service Provider:
The Rocket Science Group, LLC
675 Ponce de Leon Ave NE
Atlanta, GA 30308 USA
For web hosting and website usage analytics we use the following Service Provider:
Squarespace Ireland Ltd.
Le Pole House, 1st Floor
Ship Street Great
To store and handle emails you send to us via the contact form we use the following Service Provider:
628 00 Brno
If you sign up for our newsletter, which is administered through MailChimp, or if you register for our site, we will store some of your information, including your email address, IP address and certain information about the links you click within the emails we send you, on a MailChimp server. Neither we nor MailChimp will ever sell your email address or share it with any other party unless we are legally compelled to do so. If you contact MailChimp directly regarding your subscription to our newsletter, MailChimp may contact you directly; otherwise, MailChimp will never contact you. Only authorized MailChimp employees have access to our subscriber list. You are always free to unsubscribe from our newsletter, but as long as you are registered with Diagrams we may use MailChimp to send you information about your account.
Web Hosting and Analytics
We use the third-party Service Squarespace (based in Ireland, see above) to host our site. Squarespace uses further external service providers to provide serivces like analytics to monitor and analyze the use of our Service.
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
Right to Disclosure
You have the right to ask for confirmation as to whether your data is being processed and you have the right to access this information, as well as further information and a copy of the data in accordance with Article 15.
Right to Rectification
In accordance with Article 16 you have the right to ask for the completion of the data concerning you or the correction of the incorrect data concerning you.
Right to Delete
In accordance with Article 17, you have the right to request that the data in question be deleted without delay, or, alternatively, to require a restriction on the processing of data in accordance with Article 18.
Right to Restriction of Processing
Under certain conditions, which are regulated in Article 18, you have the right to restrict the processing of your personal data. Requirements are e.g. the omission of the necessity of the data for the original purpose or if there is reasonable doubt as to the accuracy of this data in our processing. While the processing is restricted in accordance with Article 18, the data in question may be processed only with your consent or in connection with legal proceedings, except for its storage.
Right to Data Portability
You also have the right to demand that your personal data you provided to us is provided to you in accordance with Article 20 and you have the right to request the transmission of your personal data to other people in authority.
According to Article 77, everyone has the right to lodge a complaint with the competent supervisory authority.
Right to Withdrawal
You have the right to revoke granted consent under Article 7 (3) with effect for the future.
Especially Important: Right of Opposition
Article 6 (1) (e) or (f) formulates the lawfulness of data processing without the explicit consent of the data subject. You have the right to object at any time to any such processing of your data in accordance with Article 21 in the future. The objection may in particular be made against processing for direct marketing purposes.
In this context, we explicitly document that Structured Path GmbH does not perform any data processing for the purpose of profiling its users or for the purpose of automated decision-making.