protection of your personal information is very
important to us. Our
processing of personal data is therefore designed to
comply with applicable data protection laws and
Terms are intended to inform you of the personal data we
process, the purposes for which it is processed, how it
is processed, who has access to your personal
information, how long we process that information and
how you can exercise your rights
in regard to these data processing.
If you have further questions about our practices or any of the rights described below, you may contact our Privacy Officer or our dedicated support.
For the fulfillment of the agreed data processing the "controller" within the meaning of the General Data Protection Regulation (Art. 4 para. 7 GDPR) and other data protection regulations is:
Telephone: 030/983 21 21 21
Our external data protection officer is:
IITR Datenschutz GmbH
Telephone: +49 89 189 173 60
For all other data processing in which we do not control the processing itself, in particular for domain registration services, the data controller is the registry operator of the respective TLD and ICANN as a common data controller with the registry operator.
Which of your personal data do we process?
When you use our services, we collect personal information that we process. Personal data is any information that relates to an identified or identifiable natural person.
Personal information that we process as inventory data about our customers includes:
- If you create an account with us and use our
Your name, e-mail address, telephone number and (if available) your fax number, your full personal address, the organization you work for (if necessary for the transaction), your preferred language, the IP addresses you use them to connect to our systems, your account name, the services you order, your financial information, including bank or credit card information, and your login information. We may also request additional personal information if required for the service you request.
- If you require assistance from our support:
Your telephone number, your e-mail address, your customer number
- If you request newsletters from us:
Your email address
- If you apply to us:
Your name, title, curriculum vitae, graduations, professional qualifications, general qualifications
Our processing of data of third parties
By transmitting personal data of third parties (e.g. when you
order a service for someone else using
their per sonal information or when using their personal information as
additional contacts) you are responsible
and for obtaining the necessary consent of
those parties for your use and our processing of their data. You will
particularly inform them about any processing
and transfers of their data to other parties as described in this
Purpose of processing
The data you transmit to us upon requesting a service (or for correction, renewal or updates of service requests) is required to establish a contractual relationship between you and us, for purposes required for our provision of requested services as well as auxiliary services to you, for proper and secure management of your customer account, to prevent abusive use of our services, to enable us to provide information on expiration and required renewals of services and to allow us to comply with applicable legal obligations.
data may be transmitted to service
providers acting as data controllers that are involved in our pro vision
of services to you (such as registry
operators, certification authorities, ICANN) in furtherance of the
purposes of these data controllers for collection
and processing personal data. Legitimate interests pursued by data
controllers regarding your data transmitted to
them by us include the establishing of a contractual relationship
between you and the provider, the mitigation
and/or prevention of abuse and/or fraud, the verification of compliance
with applicable eligibility requirements
and/or acceptable use policies for services provided by them, the
central management of a service register,
assurance of data accuracy and the provision of continuity of service in
case of our business failure.
The transmission of your personal data may in certain cases also be required by data controllers in order to comply with the applicable legal obligations under Art. 6 I c) GDPR. Please read the applicable registry policies for direct references to such legal obligations.
Your domain name registration data may also be processed and transmitted as part of a data escrow program to protect the registration of the domain if the registrar and / or registry operator terminates their domain name registration and management activity.
We may also share your personal information with third parties to protect the legitimate interests of those third parties under Art. 6 I f), unless those interests are overridden by your fundamental rights and freedoms.
We may also disclose your personal information to service providers and / or publish your information based on your expressed, informed and voluntarily given consent, for example if you expressly request publication of your data in a registry despite our ability to edit or hide it. This consent can be revoked at any time.
How do we handle personal data?
We process personal data in full compliance with the technical, organizational and legal requirements of the GDPR in our data centers in Germany. We publish data that you provide us for web hosting purposes in one of our shared hosting locations in Germany. As far as possible, we apply data minimization principles and continually update our security practices to protect your personal information and other information from unauthorized access, loss, destruction or alteration.
Access to your data is only possible via an encrypted connection. Third parties do not have access to your data unless we grant them access in accordance with these terms. We also require that everyone to whom we provide your information in accordance with these terms take appropriate security measures.
basis for the processing of personal data
The legal basis is Art. 6 para. 1 lit. a) GDPR, insofar as INWX GmbH obtains the consent of the data subject for the processing of personal data.
Art. 6 para. 1 lit. b) GDPR serves as a legal basis, insofar as the processing of personal data is necessary to fulfill a contract of which the data subject is a party. The same applies to processing operations that are necessary to carry out pre-contractual measures.
Art. 6 para. 1 lit. c) DSGVO serves as the legal basis insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which INWX GmbH is subject.
Art. 6 para. 1 lit. d) GDPR serves as a legal basis, as far as vital interests of the data subject or another natural person require the processing of personal data.
Art. 6 para. 1 lit. f) DSGVO serves as the legal basis insofar as processing is necessary to safeguard the legitimate interests of INWX GmbH or a third party, unless the interests or fundamental rights and fundamental freedoms of the data subject requiring personal data protection prevail.
Who do we share your personal information with?
To the extent permitted by law, your data may be disclosed to the following parties:
We may provide your personal information to third party service providers, as long as they are directly involved in the provision of our services to you, such as a registry operator of a top level domain for which you have requested registration (please refer to the registration conditions for any relevant TLD to find the registry operator and its registration conditions). We can not influence the data requirements of such parties. Such transfers may require the transfer of your personal data to organizations and / or servers outside the European Union (so-called third countries). For an overview of whether this transfer is to a third country with adequate data protection level, please refer to our price list or the registration conditions.
We may transfer your personal information to third parties who are directly involved in the provision of payment services for payment options that you have selected to pay for our services, such as: Banks, loan providers, Paypal and others. This may require the transfer of your personal information to organizations and / or servers outside the European Union.
If applicable, your personal data may be provided to operators of
registration database (formerly whois) services
and the users of such services if required and such provision and use is
necessary for the purposes of the
legitimate interests pursued by the controller or by a third party, as
permitted under under Art. 6 I f) of the
To ensure business continuity, your personal data may be provided to escrow service providers as well as to backup storage providers.
We may disclose your personal information to law enforcement agencies, other governmental or civilian authorities similarly authorized by applicable laws and regulations, and to courts with reasonable jurisdiction, as permitted by law. We will never sell your information to third parties.
Further data usage
We store your personal information processed for business purposes for at least one year after the termination of the service for which it was collected, or longer if required by law, such as under tax law. Data processed for other purposes will not be processed longer than required for the purposes for which it was collected, or until all applicable legal requirements have been met.
Applications are stored for six months without prior consent in accordance with § 61b (1) ArbGG i.V.m. and § 15 AGG. In the presence of consent, we save these two years.
rights with regard to your data
You have the right to access and correct your data through your customer interface with us or any agency service provider you use. You have the right to request information about your personal information and to request a copy of all your information in a standard format. You may request the updating of any incorrect, outdated or incomplete data at any time. We encourage you to periodically review the data you provide to ensure it is accurate, current, and complete. You have the right, under certain circumstances, to require the restriction of certain processing activities and to oppose certain processing activities. If and as far as the processing is based on the consent, this consent can be revoked at any time by the consenting party. You have the right to delete your data under certain circumstances. You have the right to be informed of where we have received your information from if we did not receive it directly from you. You can exercise your rights by contacting us at email@example.com or our data protection officer. If, contrary to expectations, our data protection officer can not clarify your request, you also have the right to file a complaint with a supervisory authority.
Anyone can contact the Berlin Commissioner for Data Protection and Freedom of Information if he believes he has been violated in his rights when collecting, processing or using his personal data:
Berlin Commissioner for Data Protection and Freedom of Information
Provision of the website and creation of logfiles
Every time our website is accessed, the server automatically collects data. The following data is collected here:
- Information about the browser type, language and version used The operating system of the user
- The Internet service provider of the user
- The IP address of the user
- Date and time / time zone of access
- Content of the requirement (concrete page)
- Access Status / HTTP status code
- Websites that are accessed by the user''s system through our website
data are stored in corresponding log files. An
evaluation takes place only in case of technical faults
and / or maintenance. The
logfiles will be deleted after 14 and 30 days
This website uses the software "Matomo" www.matomo.org. Matomo sets a cookie (a text file) on your computer, with which your browser can be recognised. The following data is stored:
- the IP address of the user (anonymised)
- the sub-page called up and the time of the call-up
- the page from which the user accessed our website (referrer)
- which browser with which plug-ins, which operating system and, if applicable, which screen resolution is used
- the time spent on the website
- the pages on this website that are accessed from the sub-page called up.
In the event of attacks on our website, we use the services of Cloudflare provided by Cloudflare, Inc.
Cloudflare provides web optimization and security services to improve and protect websites. These include a reverse proxy, a pass-through security service, and a content distribution network. Cloudflare collects information from the website visitors. This information may include, but is not limited to, IP addresses, system configuration information, and other traffic information to and from the website. Cloudflare collects and uses log data to operate, maintain and improve its services in accordance with customer agreements.
Cloudflare stores this information mainly in the US and in the EU. In general, Cloudflare stores data for less than 24 hours. However, if an IP addresse triggers Cloudflare''s security alerts, storage duration exceptions may occur.
Cloudflare is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure transfer of personal data.
We have a contract data processing contract with Cloudflare.
More information can be found at https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0.
More information on Cloudflare''s privacy can be found at https://www.cloudflare.com/en-us/privacypolicy/.
Which cookies are we also using?
- Necessary: These help to make a website usable by enabling basic functions such as page navigation and access to safe areas of the website. The website may not work properly without these cookies.
- Preferences: Preference cookies allow a website to remember information that changes the way the site behaves or looks; for example, your preferred language or the region in which you are.
Statistical cookies help website operators
understand how visitors interact with websites
by collecting and reporting information
The following cookies are used:
- ixsess: On our website, we set a cookie that carries a randomly generated identifier (session ID). It is needed to store an authentication across multiple page views. The cookie contains no personal information. Its validity is limited to the current browser session, which means that it is automatically deleted when the browser is closed. (necessary)
- lang: remembers the selected language on the website. (Preferred)
The following cookies can bet set by Cloudflare:
- __cfduid: The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings to each individual client. For example, if the visitor is in a café that contains a number of infected computers, but the particular visitor''s computer is trusted, this can be detected by the cookie. This does not store personal data. The expiration date is one year (necessary)
Anonymization of data
We have not taken any measures to anonymously process personal data in our system yet. Bank account data is stored in an encrypted format.
We provide anonymization and privacy services for domain name registrations in certain circumstances when the use of such services is permitted by the data controller (the registry operator).
Changes to these provisions