ScaleSuite.io

Privacy Policy

1. General Information and Contact Details
‍
The responsible party (Controller) for data processing on this website and the associated SaaS platform in accordance with the General Data Protection Regulation (GDPR/DSGVO) is:

‍Scalesuite GmbH
Pistoriusstr. 42
74564 CrailsheimGermany
‍Represented by: Andreas Manthey
‍Email: privacy@scalesuite.de

2. Data Collection and Infrastructure
‍
Hosting & Cloud Infrastructure

To provide our SaaS services securely and reliably, we use external infrastructure providers.
‍AWS (Amazon Web Services): Our application and databases are hosted in the Frankfurt (Germany) region.
The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg.

‍Webflow: Our marketing website is hosted by Webflow.
The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.
‍MongoDB: We use MongoDB Atlas for database management.
The provider is MongoDB, Inc., 1633 Broadway, 38th Floor, New York, NY 10019, USA.

‍Legal Basis: Processing is carried out based on Art. 6 (1) lit. b GDPR (fulfillment of contract) and Art. 6 (1) lit. f GDPR (legitimate interest in providing a secure and functional platform).

Registration via Email

Registration for our tool is conducted via email. We collect and store your email address and any account-related information you provide. We utilize a Double Opt-In (DOI) process to verify ownership of the email address.Legal Basis: Art. 6 (1) lit. b GDPR.

3. Third-Party Services and Analytics

Google Analytics
‍We use Google Analytics to analyze website usage and improve our services. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We have activated IP anonymization. Legal Basis: Art. 6 (1) lit. a GDPR (Consent). As you mentioned you do not use cookies, please ensure Google Analytics is configured in "Consent Mode" or a cookieless state.

‍Stripe (Payment Processing)
‍For billing and payment processing, we use Stripe. The provider is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Your payment details are processed directly by Stripe. Legal Basis: Art. 6 (1) lit. b GDPR (Contract fulfillment).

‍Communication: SendGrid & Google Workspace
SendGrid: We use SendGrid to send transactional emails (e.g., login codes, system alerts). The provider is Twilio Inc., USA.
‍Google Workspace: Our internal and external email communication is managed via Google Workspace. Legal Basis: Art. 6 (1) lit. f GDPR (Legitimate interest in efficient communication).

‍Sentry (Error Tracking)To ensure the stability and technical integrity of our software, we use Sentry to monitor and analyze software errors in real-time. The provider is Functional Software Inc., USA.

‍Legal Basis: Art. 6 (1) lit. f GDPR (Legitimate interest in a bug-free service).

4. International Data Transfers
‍Some of our service providers (e.g., Webflow, Sentry, Google, MongoDB) are headquartered in the USA. Data transfer to the USA is based on the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs) issued by the European Commission to ensure a level of data protection equivalent to that of the EU.

5. Storage Duration
‍We store your personal data only as long as necessary to fulfill the purposes mentioned or as required by statutory retention periods (e.g., 10 years for tax-relevant billing documents under German commercial law).

6. Your Rights
‍Under the GDPR, you have the following rights regarding your personal data:
Right to Access: You can request information about your stored data.
‍Right to Rectification: You can request the correction of incorrect data.
‍Right to Erasure: You can request the deletion of your data.
‍Right to Restriction of Processing: You can request that we limit how we use your data.
‍Right to Data Portability: You can request to receive your data in a machine-readable format.
‍Right to Object: You can object to processing based on legitimate interests.

To exercise these rights, please contact us at the address provided in Section 1. You also have the right to lodge a complaint with a data protection supervisory authority.