Every time a page is accessed, our website collects a series of information that is stored in the log files of the server. The following are recorded:
When using these server log files we do not draw any conclusions about the person concerned. Rather, this information is needed
This anonymously collected information is therefore evaluated statistically and with the intent of increasing data protection and data security in our company, which ultimately ensures an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored for three months, separately from all personal data provided by a data subject.
As soon as you place a product in the shopping cart, a cookie is set on your web browser. This cookie is necessary for the purchase procedure. It enables us to temporarily store the data you have entered (shopping cart, contact data). After 24 hours at the latest, the temporarily stored information is deleted.
If you proceed to checkout, your contact data (name, address, email address, company name, VAT number), the shopping cart, your Internet address and the payment method you have chosen will be stored with us. These data are necessary so that we can issue a proper invoice with the VAT rate applicable for you.
Sometimes it takes considerable time until the payment processor informs us whether they payment succeeded or failed. Since bank transfers or e-check payments can take several weeks, we initially store your data for 30 days.
If payment is made within 30 days, we will issue a proper invoice and send you the license or gift card codes of the purchased products to the email address provided. We are legally obliged to keep all invoice data and proof of the applicable VAT rate for a certain period of time. This period is 10 years for customers from the EU (except Austria) (§25 para. 12, Art. 25a para. 10 Austrian UStG), or 7 years for all others, counted from the end of the year.
The name and email address of the license owner, the purchased license keys and the date of purchase are also stored for the term of the license agreement. Data processing is carried out on the basis of the provisions of the GDPR Art. 6 para. 1 lit. b (necessity to fulfill the contract) and para. 1 lit. f (affected party is the customer, see recital 47 sentence 2 of the GDPR).
When you redeem a gift card, you become the license owner. We therefore store your name and email address as well as your license key and redemption date for the term of the license agreement.
The EU Council Regulation No 967/2012, effective since January 2015, stipulates that for services rendered electronically, the value-added tax applicable at the customer’s place of residence must be charged. We are therefore obliged to prove the location of the customer.
If this location cannot be sufficiently determined by clues from the purchase process (e.g. Internet address), we will request further documents (e.g. a copy of your ID card). These documents are initially stored for 30 days. If no purchase is made within these 30 days, we will delete the documents. If a purchase is made, we store it for the duration of the legal retention period of 10 years (§25 para. 12, Art. 25a para. 10 Austrian UStG).
If you have activated “Automatically check for updates” in the program, it automatically calls up a website at regular intervals. This access is treated in the same way as access via a web browser (see section “Visiting our website”).
The Research Assistant of Little Snitch 3 and 4 can display information about third-party programs on user request. For this purpose, the following information is transmitted at the express request of the user:
This data is never stored on a personal basis, but is immediately combined into anonymous statistics. The statistics are intended to improve and maintain the database.
Access is via our web server, which stores log files with connection data for three months as described under “Visiting our website”.
Little Snitch 5 no longer queries an external database to obtain information third-party programs, it ships with a built-in database.
However, we make every effort to make this data transfer as transparent as possible for our products and and even for third party products, that is why we have developed “Little Snitch”.
Our programs come with a machine-readable Internet Access Policy (IAP) that lists where the program connects to, why it does so and what happens if you prevent the connection. You can read more about this topic at https://obdev.at/iap
If you contact us via contact form on our website or by email, the data you provide will be stored for the purpose of processing your request and in the event of follow-up questions. We are legally obliged to keep business correspondence for at least seven years (§§ 190 and 212 Austrian UGB).
We reserve the right to keep messages which may be relevant in the event of civil law disputes until the respective limitation period. This can be up to 30 years.
Data will not be transmitted to third parties, with the exception of:
When purchasing you can choose between the following payment service providers:
The payment service provider receives your shopping cart and your full name from us. For fraud prevention, PayPal also receives your email address and the country code of your address. Payment data (credit card number, PayPal login data, account data or the like) is entered exclusively at the payment service provider’s website and is never transferred to us.
Unzer Austria GmbH is a contract processor in the sense of the GDPR. PayPal is itself controller in the sense of the GDPR, because you must already have a PayPal account to process the payment and therefore have entered into an agreement with PayPal.
If we gain knowledge of personal data in the course of the processes mentioned in section 1 (Data Storage), this data will, possibly and exclusively in anonymous form, be used for statistics on the use of our services, with the purpose of improving the user experience of our website and our software. Beyond that no evaluation of this data is made. It should also be explicitly mentioned here that we do not perform any personal profiling.
You are generally entitled to the rights of information, correction, deletion, restriction, data transferability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, this is the data protection authority:
Phone: +43 1 531 15-202525
Fax: +43 1 531 15-202690
Objective Development Software GmbH
Große Schiffgasse 1a/7
Email contact via https://obdev.at/support/