Privacy policy

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the legal provisions of the General Data Protection Regulation (GDPR), the Data Protection Act (DSG) and the Telecommunications Act (TKG 2003). With this data protection agreement, we inform you about the most important aspects of data processing within the framework of our website and when using our services.

Person responsible / Contact us

Gleap GmbH, Dr. Walter-Zumtobel-Straße 2, 6850-Dornbirn, Austria processes personal data as a data controller within the meaning of the GDPR.

You can contact us using the form on the website (https://www.gleap.io) or via email (privacy@gleap.io). The data you provide will be stored by us for twelve months for the purpose of processing your inquiry and in case of follow-up questions. We will not pass on this data without your consent.

Our product

Gleap GmbH offers its customers a bug reporting and customer feedback software for mobile applications and websites. In particular, our company offers (i) bug reporting, (ii) crash reports, (iii) live chats, (iv) features requests, (v) surveys, (vi) chat messages (direct communication), (vii) emails (same technology as surveys and chat messages), (viii) news & release notes, and (ix) a help center.

Our powerful platform also provides customers with detailed technical insights, including console and network logs, environment data, event tracking, and visual feedback, greatly increasing troubleshooting efficiency.

Categories of data subjects

  1. visitors to our website; and
  2. customers and potential customers as well as their employees who use or wish to use our service.

Legal provisions / GDPR

The processing of your personal data is based on the following legal provisions:

  1. Consent given in accordance with Article 6 para 1 lit a GDPR;
  2. For the fulfilment of our contractual obligations in the context of our services, the implementation of pre-contractual measures, which is based on your request. Furthermore, for the fulfilment of our contractual obligations to process for personalized advertising pursuant to Article 6 para 1 lit b GDPR;
  3. on the basis of our legal obligations pursuant to Article 6 para 1 lit c GDPR; and
  4. for the protection of our legitimate interests, such as the enforcement and defense of claims and the performance of contracts with third parties, unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail pursuant to Article 6(1)(f) of the GDPR.

What data is processed by us

Visiting the website

  1. Detection of the device used
  2. Detection of the operating system

The data we collect may depend on the individual settings of your device and software. We encourage you to review the policies of your device manufacturer or software provider to learn what information you provide to us.

Registration via website/ newsletter signup / contacting support

  1. Email address
  2. Password
  3. In case of Google authentication (Google account and login data)
  4. Web browser standard data (IP address, version of the browser, time and date, visited pages of the homepage)
  5. First and last name
  6. User profile
  7. Profile picture
  8. Date of birth
  9. Address
  10. Telephone number
  11. VAT number
  12. Payment method details (bank or account details, credit card details)
  13. Information on previous experience with customer success tools
  14. Company name
  15. Email addresses of team members
  16. Names of management

Gleap widget

Chat messages:

  1. Date
  2. Message
  3. Attachment (file, optional)
  4. Session ID

Every ticket inquiry comes with the following data:

  1. Form data (depends on what data you collect - typically email & description)
  2. Date created
  3. Outbound ID (when sent as survey)
  4. Priority of the inquiry
  5. Status of the inquiry
  6. Session ID (used to identify the user)
  7. Project ID
  8. Organization ID
  9. Screenshot data (for JS)
  10. Replay data
  11. Steps to reproduce data
  12. Clicks (used to reproduce the issue)
  13. Metadata (including OS info, browser info, ...)
  14. Attachments (if activated)
  15. Network logs (if activated)
  16. Custom data (this is data set by our customer - we don't know what it includes)
  17. Action log (if set)
  18. Console logs (includes the log of the developer console)

The Gleap session data includes:

  1. Gleap ID (randomized ID to identify a session)
  2. Gleap session hash (hash that provides proof of identity)
  3. Name (if set with the identify() method)
  4. User ID (if set with the identify() method)
  5. Email address (if set with the identify() method OR through form-data)
  6. Approximated location (the accuracy allows only to identify the country due to anonymization of the IP address)
  7. IP address (not directly stored but used for rate limiting to protect our infrastructure)
  8. Name (if set with the identify() method or extracted from the email address)
  9. Value of the customer
  10. Custom data (this is data set by our customer - we don't know what it includes)

Only the Gleap ID and Gleap session hash are mandatory and generated by default. All other information is optional and depends on the configuration of the customer's project.

Events (Gleap allows customers to track events like "signedUp" or "loggedIn" - events are used for debugging purposes & to trigger surveys & outbound messages)

  1. Date
  2. Session ID
  3. Event name
  4. Custom event data (this is data set by our customer - we don't know what it includes)

For further development of the website

When you use the website, errors may occur in the background that you may not even notice. We automatically collect information about the error and the circumstances of its occurrence. This data may include technical details about your device, attempted actions, and other technical information related to the problem. You may not receive notifications about such errors, even if they are occurring. Please note that this information is not personally identifiable in and of itself and is used solely for Gleap GmbH's improvement of the site.

What we process your data for

  1. to communicate with you in the context of the website and services and to provide our services to you;
  2. to improve and optimize our offers and services;
  3. to be able to keep you informed with advertising (in particular for marketing and personalized promotional activities and the management, including sending, of electronic advertising (email, push messages);
  4. for the production of statistics and graphics;
  5. for security purposes (identity verification, for the security and operation of this website and our software, fraud detection and prevention, detection of security breaches, traceability of security measures, technical support, traceability of access);
  6. to enforce any claims (reminders, enforcement and defence of claims, preservation of evidence);
  7. for the fulfilment of legal obligations / retention obligations.

We process, as described above, data in the context of your use of the website. This includes the following categories, (i) visiting the website, (ii) registering, logging in and using the website, and (iii) using the chatbot. We process this data for our own purposes in accordance with data protection regulations.

As a data processor, we also process data for our customers who use our services. The controller / customer is solely responsible for assessing the permissibility of the processing in accordance with Article 6(1) GDPR and for safeguarding the rights of the data subjects in accordance with Articles 12 to 22 GDPR.

Marketing / Email advertising

If you agree to receive electronic advertising, your email address will be added to our distribution list. Until you withdraw your consent, we are entitled to send newsletters or electronic advertising to this address. You may also unsubscribe from receiving electronic advertising or newsletters at any time by clicking on the unsubscribe link at the bottom of any advertising / newsletter email from us with immediate effect.

Deletion of data

From the moment reasons arise that no longer entitle us to process your data, such as (i) processing that goes beyond the scope of your consent to the processing, (ii) expiratoin of legal retention obligations or (iii) our legitimate interest in data processing no longer exists, we will delete your personal data three years after the end of the calendar year in which you deleted your Gleap account.

The collected data will not be stored for longer than is necessary to fulfil the above purposes. With the deletion of the user profile in the login area of the website, all personal data of the website user will be deleted, unless the retention of the personal data requires longer storage for reasons or compliance with legal requirements.

Protective measures

In order to maintain our organizational quality and, in particular, to comply with data protection requirements, we have established organizational and technical protective measures. These are evaluated and, if necessary, adapted to the changed conditions.

By means of access controls, we ensure that your personal data is only viewed by authorized persons and that we are able to track and verify this. If possible during data processing, data is processed in pseudonymized form.

We protect your data to the best of our knowledge and belief against loss, destruction, falsification, manipulation, unauthorized access and unauthorized disclosure. We point out that data transmission on the Internet can have security gaps and it is regrettable that in certain cases it is not possible to protect your data completely from access by third parties.

Linking to other sites / homepages

In the event that our website contains links to third-party websites and services, please note that these websites and services have their own privacy policies. If you follow a link to third-party content, you should read their privacy policies to learn how they collect and use personal information. This privacy policy does not apply to your activities after you leave our website.

Please note that we have no control over the content and policies of these websites and cannot accept any responsibility or liability for their privacy practices.

Data protection / children

We provide our services exclusively to persons who have already reached the age of eighteen.

Cookies

Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage.

We use cookies to make our offer user-friendly. Some cookies remain stored on your end device until you delete them. You enable us to recognize your browser on your next visit.

If wish to disable the above, you can set your browser so that it informs you about the setting of cookies and allows this only in individual cases.

Please note that if you disable cookies, the functionality of our website may be limited.

Web analysis

Our website uses functions of the web analysis service Google Analytics. Cookies are used for this purpose, which enables an analysis of the use of the website by your users. The information generated by this is transferred to the provider's server and stored there.

You can prevent this by setting up your browser so that no cookies are stored.

We have concluded a corresponding contract with the provider for order data processing.

Your IP address is recorded, but immediately pseudonymized (e.g. by deleting the last 8 bits). This means that only a rough localization is possible.

The relationship with the web analytics provider is based on the EU "Privacy Shield".

Data processing is carried out on the basis of the legal provisions of Article 96 (3) TKG as well as Article 6 (1) lit a (consent) and/or f (legitimate interest) of the GDPR.

Our concern in terms of the GDPR (legitimate interest) is the improvement of our offer and our web presence. Since the privacy of our users is important to us, the user data is pseudonymized (pseudonymization is recommended for the legal reason "legitimate interest"; this must be clarified with the web analytics service).

The user data is stored for a period of 14 months.

We generally distinguish between four different cookie categories:

  • Essential or necessary cookies
  • Functional or preferences cookies
  • Analytics or statistics cookies
  • Marketing cookies

Essential or necessary cookies

These cookies allow us to perform basic functions and are necessary for the proper functioning of our website. The legal basis for using essential cookies on our website is based on our legitimate interest to provide our website flawlessly according to Art. 6(1)(f) GDPR. The use of essential cookies is possible and permissible without your prior consent.

You can visit our website without accepting essential cookies. If you do not want your browser to be recognized on your next visit, you can block the use of cookies in your browser settings. The respective procedure can be found in the user manual of your browser. Blocking the use of cookies in your browser may restrict the use of some areas of our website.

Furthermore, we use the following cookies, which we only use if you have given us your prior consent according to Art. 6(1)(a) GDPR:

Functional or preferences cookies

These cookies allow us to store information already provided on our website (e.g., language settings) to personalize and optimize the content and functionality of our website. If you do not allow these cookies, some of these functions may not work correctly.

Analytics or statistics cookies

These cookies allow us to count visits and page views to measure the performance of our website, identify technical issues, and find points for optimization. They help us answer questions like: which pages on our website are most popular, which are least used, how do users navigate our website, and which events (e.g. purchases, registrations) do users trigger on our website. If you do enable these cookies, we cannot know when and which pages you visit on our website.

Marketing cookies

These cookies can be set through our website by our advertising platforms. They allow us to capture information about the ads you clicked on, through which you landed on our website, and to show you personalized ads on the advertising networks we use. They do not store personal data directly but are based on a unique identification (“advertising ID”) of your browser. If you do not allow these cookies, we cannot show you personalized ads.

Google Tag Manager

For transparency, we inform you that we use Google Tag Manager, the tag management system of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”), to manage and integrate so-called tags on our website.

Tags are small tracking codes and associated code fragments that, among other things, serve to measure traffic and usage behavior, capture the impact of advertising activities, set up targeting for audiences, and conduct tests on our website.

The Google Tag Manager itself does not store cookies in your browser and does not collect data. The data is collected by the individual tags of the different tracking tools managed in Google Tag Manager and described in this privacy policy.

Please note that your data may be transferred to a Google server in the United States of America, outside the EEA. To protect your data, we have accepted Google's "Data Processing Terms," in which Google commits to act according to European data protection regulations.

Google Analytics

We use Google Analytics, a web analytics service from Google, to analyze user behavior and subsequently optimize our services and advertising measures.

When you interact with our platform, the following data, among others, is collected in Google Analytics:

  • Information about the pages you visit on our platform
  • Information about your device (e.g. model, category)
  • Information about your browser (e.g. name)
  • Information about your operating system (e.g. name, version)
  • Information about the time of your page view and duration of access
  • Information about your user behavior (e.g. navigation behavior, click behavior)
  • Information about your demographic characteristics (e.g. age group, gender)
  • Information about your approximate location (e.g. country, city)
  • Information about your conversion events (e.g. purchases, registrations), including conversion event data (e.g. value, currency, product ID)
  • Information about your visitor source (e.g. advertisement through which you landed on our platform)

We inform you that IP addresses are always passed with every HTTP request (e.g. when data is sent from your browser to a third party, such as Google), and we have no knowledge of the use of the IP address by third parties. The collection of IP addresses can be fully blocked in certain browsers such as Safari by Apple ("iCloud Private Relay”) and Firefox by Mozilla (“Firefox Private Network”).

We also use Google Signals as an extension of Google Analytics to combine session and event data of users in Google Analytics who are logged into their Google account and have “personalized advertising” enabled, to create cross-device reports in Google Analytics and share cross-device remarketing audiences and conversion events (e.g. purchases) with our linked Google Ads accounts. Additionally, by using Google Signals, additional user dimensions (e.g. age group, gender) are collected for users logged into their Google account and have “personalized advertising” enabled.

Google Analytics stores its own cookies in the domain of our website (so-called first-party cookies) in your browser.

Google Analytics also stores its own app instance ID assigned to each instance of the app to distinguish the session and event data of users in our apps.

We also use the User-ID feature of Google Analytics to combine the session and event data of users in Google Analytics who are logged into our platform across multiple devices, allowing cross-device reports to be created in Google Analytics.

We also use the “User-provided Data Collection” feature of the User-ID feature of Google Analytics to optimize our advertising campaigns in the Google advertising network by filling data gaps when no cookies or other user IDs are available, and to better analyze cross-channel and cross-device performance in Google Analytics and Google Ads reports.

This is done by transmitting your email address as a hash value to Google, which you provide to us when completing a conversion event (e.g. purchases, registrations) on our platform.

The data we collect at the user and result level, which is linked to cookies, IDs like User-IDs, advertising IDs (e.g., Google Ads cookies), and mobile advertising IDs (e.g., “Identifier for Advertisers” from Apple, short IDFA or “Android Advertising ID” from Android, short AAIDs), is automatically deleted after 14 months. The retention period of the user identifier is reset to 14 months with each new event (e.g., page view) of the user on our platform.

Please note that your data may be transferred to a Google server in the United States of America, outside the EEA, and stored there. To protect your data, we have accepted Google's "Data Processing Terms," in which Google commits to act according to European data protection regulations.

This processing is carried out according to Art. 6(1)(f) GDPR based on our legitimate interest to optimize our services and advertising measures.

The legal basis for using Google Analytics is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

Google Ads

We use conversion tracking from Google Ads, the advertising platform of Google, to analyze user behavior from our advertisements within the Google advertising network on our platform and subsequently optimize our services and advertising measures.

We also use the "Conversion Linker" from Google Ads on our website to capture conversion events (e.g., purchases, registrations) in Google Ads. Google Ads stores its own cookies in the domain of our website (so-called first-party cookies) in your browser.

By using our apps, we send the so-called mobile advertising ID ("Mobile Advertising ID") to Google Ads, provided you have agreed to personalization via the mobile advertising ID or have not disabled it in your device settings, to analyze user behavior from our advertisements within the Google advertising network in our apps and subsequently optimize our services and advertising measures.

You can prevent the collection of the mobile advertising ID of your Android device ("Android Advertising ID", short AAID) by adjusting the settings under the following link: Google Play Support. Further information on the guidelines for advertising IDs from Google can be found under the following link: Google Advertising ID.

When you interact with our advertisements within the Google advertising network, we learn about the overall behavior of all users and do not collect any personal data in the process. The following data, among others, is collected in Google Ads:

  • Information about the visited pages on our platform
  • Information about demographic characteristics (e.g. age group, gender)
  • Information about the category of devices used (e.g. computer, mobile device)
  • Information about target languages (e.g. German, English)
  • Information about approximate locations (e.g. country, city)
  • Information about conversion events (e.g. purchases, registrations), including conversion event data (e.g. value, currency, product ID)

We inform you that IP addresses are always passed with every HTTP request (e.g. when data is sent from your browser to a third party, such as Google), and we have no knowledge of the use of the IP address by third parties. The collection of IP addresses can be fully blocked in certain browsers such as Safari by Apple ("iCloud Private Relay”) and Firefox by Mozilla (“Firefox Private Network”).

Please note that your data may be transferred to a Google server in the United States of America, outside the EEA, and stored there. To protect your data, we have accepted Google's "Data Processing Terms," in which Google commits to act according to European data protection regulations.

This processing is carried out according to Art. 6(1)(f) GDPR based on our legitimate interest to optimize our services and advertising measures.

The legal basis for using conversion tracking from Google Ads is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

Google Ads: Remarketing / customer match

We use the retargeting function of Google Ads by creating remarketing lists based on the behavior of users who have interacted with our platform, our YouTube channel, or our advertisements within the Google advertising network to show these users personalized advertisements within the Google advertising network.

We also use the retargeting function of Google Analytics through the use of Google Signals by creating remarketing audiences based on our user data in Google Analytics and sharing them with our linked Google Ads accounts to show these users personalized advertisements within the Google advertising network.

We also use the customer match function of Google Ads by creating custom audiences based on our customer data to show these users personalized advertisements within the Google advertising network.

We also use the enhanced conversions function of Google Ads to optimize our advertising measures within the Google advertising network by closing data gaps when no cookies or other user IDs are available. This is done by transmitting your email address as a hash value to Google, which you provide to us when completing a conversion event (e.g. purchases, registrations) on our platform.

The legal basis for using the retargeting, customer match, and enhanced conversions functions of Google Ads is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

The privacy policy of Google can be found under the following link: Google Privacy Policy. The terms of use of Google can be found under the following link: Google Terms of Use.

Microsoft Advertising

We use conversion tracking through Universal Event Tracking (UET) from Microsoft Advertising, the advertising platform of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter referred to as "Microsoft"), to analyze the behavior of users who land on our platform through our advertisements within the Microsoft advertising network and subsequently optimize our services and advertising measures.

The Microsoft Search Network includes, among others, Microsoft Bing, Yahoo, Ecosia, DuckDuckGo, and AOL. Further information about the Microsoft Search Network can be found under the following link: Microsoft Search Network.

Microsoft Advertising stores its own cookies in the domain of our website (so-called first-party cookies) in your browser.

When you interact with our advertisements within the Microsoft advertising network, we learn about the overall behavior of all users and do not collect any personal data in the process. The following data, among others, is collected in Microsoft Advertising:

  • Information about the visited pages on our platform
  • Information about demographic characteristics (e.g. age group, gender, company, industry, job field)
  • Information about the category of devices used (e.g. computer, mobile device)
  • Information about target languages (e.g. German, English)
  • Information about approximate locations (e.g. country, city)
  • Information about conversion events (e.g. purchases, registrations), including conversion event data (e.g. value, currency, product ID)

We inform you that IP addresses are always passed with every HTTP request (e.g., when data is sent from your browser to a third party, such as Microsoft), and we have no knowledge of the use of the IP address by third parties. The collection of IP addresses can be fully blocked in certain browsers such as Safari by Apple ("iCloud Private Relay”) and Firefox by Mozilla (“Firefox Private Network”).

Please note that your data may be transferred to a Microsoft server in the United States of America, outside the EEA, and stored there. We inform you that in a third country, such as the United States of America, no suitable data protection guarantees and no adequate level of data protection can be ensured.

This processing is carried out according to Art. 6(1)(f) GDPR based on our legitimate interest to optimize our services and advertising measures.

The legal basis for using conversion tracking from Microsoft Advertising is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

Microsoft Advertising: Remarketing / customer match

We use the retargeting function of Microsoft Advertising by creating remarketing lists based on the behavior of users who have interacted with our platform or our advertisements within the Microsoft advertising network to show these users personalized advertisements within the Microsoft advertising network.

We also use the customer match function of Microsoft Advertising by creating custom audiences based on our customer data to show these users personalized advertisements within the Microsoft advertising network.

We also use the enhanced conversions function of Microsoft Advertising to optimize our advertising measures within the Microsoft advertising network by closing data gaps when no cookies or other user IDs are available. This is done by transmitting your email address as a hash value to Microsoft, which you provide to us when completing a conversion event (e.g., purchases, registrations) on our platform.

The legal basis for using the retargeting, customer match, and enhanced conversions functions of Microsoft Advertising is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

The privacy policy of Microsoft can be found under the following link: Microsoft Privacy Statement.

Meta Ads

We use conversion tracking through the Meta Pixel from Meta Ads, the advertising platform of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Meta"), to analyze user behavior from our advertisements within the Meta advertising network on our platform and subsequently optimize our services and advertising measures.

Meta Ads stores its own cookies in the domain of our website (so-called first-party cookies) in your browser.

By using our apps, we send the so-called mobile advertising ID ("Mobile Advertising ID") to Meta Ads, provided you have agreed to personalization via the mobile advertising ID or have not disabled it in your device settings, to analyze user behavior from our advertisements within the Meta advertising network in our apps and subsequently optimize our services and advertising measures.

You can prevent the collection of the mobile advertising ID of your Android device ("Android Advertising ID", short AAID) by adjusting the settings under the following link: Google Play Support. Further information on the guidelines for advertising IDs from Google can be found under the following link: Google Advertising ID.

When you interact with our advertisements within the Meta advertising network, we learn about the overall behavior of all users and do not collect any personal data in the process. The following data, among others, is collected in Meta Ads:

  • Information about the visited pages on our platform
  • Information about demographic characteristics (e.g. age group, gender)
  • Information about the category of devices used (e.g. computer, mobile device)
  • Information about target languages (e.g. German, English)
  • Information about approximate locations (e.g. country, city)
  • Information about conversion events (e.g. purchases, registrations), including conversion event data (e.g. value, currency, product ID)

We inform you that IP addresses are always passed with every HTTP request (e.g., when data is sent from your browser to a third party, such as Meta), and we have no knowledge of the use of the IP address by third parties. The collection of IP addresses can be fully blocked in certain browsers such as Safari by Apple ("iCloud Private Relay”) and Firefox by Mozilla (“Firefox Private Network”).

Please note that your data may be transferred to a Meta server in the United States of America, outside the EEA, and stored there. To protect your data, we have accepted Meta's "Data Processing Terms," in which Meta commits to act according to European data protection regulations.

This processing is carried out according to Art. 6(1)(f) GDPR based on our legitimate interest to optimize our services and advertising measures.

The legal basis for using conversion tracking from Meta Ads is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

Meta Ads: Custom audiences

We use the retargeting function of Meta Ads by creating custom audiences based on the behavior of users who have interacted with our platform, our content on Facebook or Instagram (e.g. company page), or our advertisements within the Meta advertising network to show these users personalized advertisements within the Meta advertising network.

Furthermore, we can show personalized advertisements to these users across devices within the Meta advertising network if they are logged into their Facebook or Instagram account and have “personalized advertising” enabled.

We also use the customer match function of Meta Ads to create custom audiences based on our customer data, enabling us to reach potential or existing customers with personalized advertising within the Meta advertising network.

We also use the advanced matching function of Meta Ads to optimize our advertising measures within the Meta advertising network by closing data gaps when no cookies or other user IDs are available. This is done by transmitting your email address as a hash value to Meta, which you provide to us when completing a conversion event (e.g. purchases, registrations) on our platform.

The legal basis for using the retargeting, customer match, and advanced matching functions of Meta Ads is your consent according to Art. 6(1)(a) GDPR. You can revoke your consent at any time by changing your cookie settings on our website.

The privacy policy of Meta can be found under the following link: Meta Privacy Policy.

Cookiebot

We use Cookiebot, the consent management platform of Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter "Cookiebot"), to obtain and store your consent or rejection before your data is collected and processed using cookies and tracking technologies.

Cookiebot stores its own cookie to save a user's consent and automatically read and follow it for all subsequent page views and future sessions on our website, in the domain of our website (so-called first-party cookies) in your browser.

When you give consent on our website, the following data is collected in Cookiebot:

  • Information about your consent status
  • Information about the page on our website from which you sent the consent
  • Information about the IP address of your internet service provider (anonymized)
  • Information about your device (e.g. model, version)
  • Information about your browser (e.g. name, version, language)
  • Information about your operating system (e.g. name, version)
  • Information about the time of your consent
  • Information about your approximate location (e.g. country)
  • Information about your visitor source (e.g. the website from which you landed on our website)

We inform you that IP addresses are always passed with every HTTP request (e.g. when data is sent from your browser to a third party, such as Cookiebot), and we have no knowledge of the use of the IP address by third parties. The collection of IP addresses can be fully blocked in certain browsers such as Safari by Apple ("iCloud Private Relay”) and Firefox by Mozilla (“Firefox Private Network”).

NOTE: IP addresses are stored only in an anonymized form by setting the last two octets of the IPv4 address and the last 96 bits of the IPv6 address to "0". Further information on the use of IP addresses in Cookiebot can be found under the following link: Cookiebot IP Use.

This processing is carried out to fulfill our legal obligations according to Art. 6(1)(c) GDPR, especially the proof obligation according to Art. 7(1) GDPR.

The legal basis for using Cookiebot is Art. 6(1)(f) GDPR, based on our legitimate interest to use cookies and tracking technologies in a privacy-compliant manner.

Data protection officer

We have appointed a data protection officer to safeguard the data that we process for our own purposes or on behalf of our customers.

Data protection officer contact details:

Lukas Böhler

Gleap GmbH

Dr.-Walter-Zumtobel-Straße 2

6850 Dornbirn

Österreich

E-Mail: privacy@gleap.io

Phone: +43 5572 401104

Your rights

With regard to your data stored by us, you are generally entitled to information (pursuant to Article 15 of the GDPR), rectification (pursuant to Article 16 of the GDPR), deletion (pursuant to Article 17 of the GDPR), restriction (pursuant to Article 18 of the GDPR), data portability (pursuant to Article 20 of the GDPR), revocation and objection (pursuant to Article 21 of the GDPR). If you are of the opinion that the processing of your data violates data protection regulations or that your data protection rights have otherwise been violated in some way, you can send your complaint to us at privacy@gleap.io or to the data protection authority. We can be reached at privacy@gleap.io at any time for questions or your revocation.

The revocation does not affect the lawfulness of all processing carried out on the basis of the express consent until the revocation. In the event of revocation, you will no longer be able to use the services offered by us.

Changes to the data protection agreement

We reserve the right to update this data protection agreement on the basis of new legal developments or changed company procedures. The new version will apply from the time it is made available on our website. Please check our privacy agreement regularly.

The last change was made on July 7, 2024.