PrivacyHub FAQ EN

The Cloud PP is hosted in a cloud in Germany that is managed by us but provided by Google. To ensure that no IP addresses (and thus no personal data) are stored on Google servers at this point, we use a proxy to disguise the user's IP address. This means that only data that cannot be assigned to a person by Google ends up on the Google server.

The collection of the IP address cannot be technically prevented; however, it is not possible for us to relate it to a person in any conceivable constellation, which is why processing in our processing area is anonymous.

Even though the IP address is by definition a personal data, the proxy used prevents this data from being processed by Google. We use Cloudflare as a proxy and for DDoS protection. Cloudflare therefore processes personal data. We have concluded a data protection agreement (AVV - contract for commissioned processing) with Cloudflare, which prohibits Cloudflare from using the personal or reference data for purposes other than those agreed and also not for its own purposes. Even against the background of the overturned Privacy Shield, the cooperation with Cloudflare continues to constitute data protection-compliant processing; Cloudflare assures various guarantees for the protection of personal data. Details also here: Cloudflare's commitment to GDPR compliance

We can only pass on the availability guaranteed by Google; this is a monthly uptime of 99.95%.

All (personal) data will be blocked from further access upon termination and automatically deleted from all servers after a legal retention period of 11 years.

Yes, all data is stored in the firestore provided by Google (no personal data is stored here). The Google Firestore has successfully completed the assessment process according to ISO 27001, ISO 27017, ISO 27018, SOC 1 , SOC 2 and SOC 3.