We at vendidero.com would like to provide information on the data we collect in a transparent form.
vendidero GmbH
Schillerstrasse 36
12207 Berlin
E-mail: info@vendidero.de
Link to the imprint: https://vendidero.com/impressum
What personal data we collect and why we collect it
Orders
When you order a product from us, we ask you to provide important information for the purchase, including your name, optionally a company name, billing address, e-mail address and a telephone number (optional). If your billing country is in another EU country, you can provide a VAT identification number. The processing is carried out on the basis of Art. 6 para. 1 lit. b (execution of order transactions) and c (legally required archiving) GDPR. The information marked as mandatory fields is required to establish and fulfill the contract.
Your e-mail address is used to create a user name for your user account (customer area). Your IP address is saved when you place an order. We collect your data for the following reasons:
- We would like to send you information about your order and your customer account
- We would like to respond to any complaints
- We would like to process payments automatically and prevent any misuse
- We want to set up an account for you in our customer area so that you have access to support
- We want to fulfill our obligations regarding the taxation of our goods
- We want to improve our offer for you
Customer account
Your name (and company name), address, email address and phone number (if provided) will be stored in your customer account and used for recurring orders to fill out the form in the checkout for you. Your customer account is not public and cannot be indexed by search engines. We store the data for your customer account for the following reasons:
- We want to give you the opportunity to view and edit your license data
- We want to give you the opportunity to view your order details and download an invoice
- To remind you if your update and support flat rate is about to expire
- We would like to give you the opportunity to use our support via the ticket system
Licenses
Your ordered products are automatically converted into licenses after purchase or payment. Each license consists of a license code, the date on which the update and support flat rate expires and a link to your user account. In addition, you can add, edit or delete domains to your license in the customer area (depending on the number of domains available under the license). These domains are used to check the registration of your license in WordPress with the help of our plugin “Vendidero Helper”. The following data is transmitted to our servers by the Vendidero Helper
- The product ID (this allows us to assign which product it is, e.g. WooCommerce Germanized)
- The product file path (this is the relative path of the product’s main file)
- The product type (either theme or plugin)
- The license key (if the product has already been registered, this is the license key)
- The URL (this is the WordPress setting under Settings > General > Website address)
The “Vendidero Helper” plugin makes the following queries. The plugin makes contact with our server via an interface and transmits the above data:
- Query the validity of the registration
- Check for new updates (once a day or manually via the WP option “Check now”)
- Check after the update and support flat rate expires (once a day)
- Updating the license data (e.g. the date on which the update and support flat rate expires)
- Retrieval of the update package (here the zip file of the update is transmitted to your server and installed by WordPress)
We store your license data for the following reasons:
- We want to give you the option to add, edit or delete the domains associated with your license
- We want to enable you to register your license in your WordPress installation
- We want to inform you when your update and support flat rate expires
- We want to enable you to install updates automatically via your WordPress interface
Tickets
If you create a ticket (i.e. a support request) in your customer account, we save the title and content of your ticket for this process. Tags (keywords) are automatically generated based on the content in order to categorize the ticket and make it easier to search. Your user account is linked to your ticket. Your ticket can be viewed by other customers. Your user data (i.e. name, e-mail address, etc.) will not be displayed. Any links you insert will be masked. Administrators of this site can still view this data. If you have included any other private information in your ticket or in comments on the ticket, please use the “store sensitive data” option or contact us and we will delete your ticket. We store your ticket data for the following reasons:
- We want to give you the opportunity to view and respond to your tickets online
- We want to give you the opportunity to search for answers in other tickets that are already available
- We want to avoid matching or similar questions
Comments on tickets
If you write a comment on your ticket, we save the content of the comment and link it to the original ticket and your user account. Based on the content of your comment, keywords are extracted and added to the ticket, similar to the ticket. Your comment can also be viewed by other customers. Again, your user data will not be displayed. Any links are automatically masked. Administrators of this site can still view this data. The reasons for saving the comments are the same as the reasons for saving the comments.
Cookies
The content of your shopping cart is also saved in the form of a cookie so that it is not lost if you accidentally close the browser window. This cookie is valid for 24 hours. We also save the address you enter in the checkout so that we can calculate taxes, for example. This cookie is valid for 48 hours.
If you write a comment on our website, this may be a consent to store your name, e-mail address and website in cookies. This is a convenience feature so that if you write another comment, you do not have to enter all this data again. These cookies are stored for one year.
If you have an account and log in to this website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie does not contain any personal data and is discarded when you close your browser.
When you log in, we will set up some cookies to store your login information and display options. Login cookies expire after two days and cookies for display options after one year. If you select “Stay logged in” when you log in, your login will be maintained for two weeks. When you log out of your account, the login cookies are deleted.
Payment service providers
We use PayPal and Mollie as external payment service providers on the basis of Art. 6 para. 1 lit. b. DSGVO. Information on data protection at PayPal can be found here. Information on data protection at Mollie can be found here. We use PayPal and Mollie as payment service providers on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. b. GDPR. GDPR in order to offer our users effective and secure payment options.
In order to enable payment via PayPal or Mollie, we transmit name, address, order details (e.g. order total and the products included) and e-mail address to the payment service provider. This information is required to carry out the transaction. We do not receive any account information from PayPal or Mollie, but only feedback as to whether the transaction was successfully completed or not. The data protection information and general terms and conditions of PayPal or Mollie, which can be accessed on the respective website or application, apply to the processing of the payment.
Administration and financial accounting
To organize our operations, accounting and administrative tasks, we process the same data that we process to provide our contractual services. The basis for this processing is Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. GDPR. Customers, interested parties and business partners are affected by the processing. The following reasons exist for data processing
- Maintenance of our business activities
- Performing our tasks and providing our services
In this context, data is transmitted or disclosed to the tax authorities, our tax consultants and payment service providers.
Server log files
Our hosting provider (Timmehosting) collects on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR data about access to our server (server log files). The following data is collected
- Name of the website accessed
- The file
- Date and time of access
- amount of data transferred
- Notification of successful retrieval
- Your browser type and operating system
- Referrer URL (your previously visited page)
- IP address and the requesting provider
The log files are stored for a maximum of 7 days for security reasons (e.g. investigation of fraud or misuse) and then deleted. Log files whose further storage is required for evidentiary purposes are excluded from deletion until the incident has been finally clarified.
Contact form
If you use our contact form, the information provided in the inquiry form (first name, surname, email address, subject, content) will be transmitted to us and stored by us for the purpose of processing the inquiry. We will not pass on the data without your consent.
SSL encryption
We use SSL encryption to protect the transmission of confidential content, e.g. your order data or inquiries via our contact form. You can recognize the encrypted connection by the address line of the browser (change from http:// to https://) and any lock symbol in your browser.
How long we store your data
If you write a comment, it will be stored indefinitely, including metadata. The same applies to your user account data, licenses and tickets, including comments.
The order data will be deleted after the expiry of statutory warranty and comparable obligations. The necessity of storing the data is reviewed every three years – in the case of statutory archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
For customers of our software with a customer account, we also store the personal information that they enter in their user profiles. All users can view, change (the user name cannot be changed) or delete their personal information at any time (subject to their retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR). Website administrators can also view and change this information. Information in the customer account remains until its deletion with subsequent archiving in the event of a legal obligation.
What rights you have to your data
If you have an account on this website or have written comments, you can request an export of your personal data from us, including all data that you have provided to us. In addition, you can request the deletion of all personal data that we have stored about you. This does not include data that we are required to retain for administrative, legal or security reasons.
You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.