Last updated: May 2016
The TRUSTe certification covers our collection, use and disclosure of information we collect through our service platform.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request.
Jump to section
Controller of Personal Information
Any Personal Information provided or gathered by visiting the Site, the Store and/or ordering Products from Cleverbridge is controlled by Cleverbridge GmbH at Gereonstr. 43-65, 50670 Cologne, Germany ("Data Controller"). Cleverbridge, Inc. (350 N Clark, Suite 700, Chicago, Illinois, 60654, USA) acts as data processor on behalf of the Data Controller.
Cleverbridge has developed global data practices to assure your Personal Information is appropriately protected. Please note that Personal Information may be transferred, accessed and stored globally as necessary for the uses and disclosure stated in this policy. Cleverbridge affiliates have entered into and executed agreements for the international transfer of Personal Information which allows for the processing of your data and which correspond to the European Union Model Clauses for transfer of Personal Information to third countries.
Types and Use of Information We Collect
In general, Personal Information you submit to us is used by us either for the purpose of registration (if any), to provide you with the Products that you order, process payments, respond to requests that you make, to better tailor the features, performance and support of the Site or Store, and to offer you additional information, opportunities, and functionality. We also use this information to prevent or detect fraud or abuses of our Site and/or Store and enable third parties to carry out technical, logistical or other functions on our behalf. The use of information collected through our service shall be limited to the purpose of providing the service for which the Provider of the Product has engaged Cleverbridge.
Here are the types of information we collect as well as their designated use.
"Personal Information" is information that is personally identifiable like names, addresses, email addresses, or phone numbers, as well as other non-public information that is associated with the foregoing.
We collect the following Personal Information that you submit to us voluntarily:
- Upon accessing our Site and/or Store, certain additional information is automatically collected and then saved in protocol files (so-called usage data). This information includes, among other things, your Internet Protocol (IP) address. We may use this information for internal purposes, such as determining certain settings for the Store, such as language and location, maintaining our operating ability, preventing fraudulent access to our Site and/or Store or analyzing usage patterns. For more information visit the "Automatic Data Collection and Anonymous Information" section.
- In order to purchase Products through the Store, you have to provide (and we will collect) your name, address, email address, and all the financial information necessary for billing (or a subset of the forgoing).
The information required for billing depends on the selected payment method and may thereby include the credit card number, card verification code, account number, billing zip code or any other information required in connection with the payment methods that you have selected.
We collect your zip code for the purpose of examination of fraudulent actions, calculation of tax, transaction processing and support. We do not transfer your zip code for advertising purposes or purposes external to the transaction to providers of the Products offered through our Store, third party providers or suppliers. We also do not sell your zip code in connection with other information, do not connect it with data sets external to the transaction and do not use it ourselves for advertising purposes.
- On certain Sites, we give users the option of providing us with account registration information. This information may include, among other things, name, address, email address and password.
- If you fill out any of the contact forms of the Site or the Store, we collect your name, company, country, email address, the description of your support request and any other information you choose to provide.
- When you contact us by email or telephone or if you are using any of the email addresses or telephone numbers provided on the Site or the Store, we collect any Personal Information you may provide to us voluntarily in connection with this communication.
- Within the scope of Cleverbridge's personalized services, your data will, subject to your consent, be used for advertising, market research and tailoring electronic services. Unsubscribe instructions will accompany each newsletter or promotional communication you receive from us. In addition you can withdraw your consent at any time in the future. For more information see: Review and Correction of Personal Information.
Automatic Data Collection and Anonymous Information
We receive and store certain types of information whenever you interact with us. This automatic exchange of data between your browser and our server upon accessing our pages informs us of which browser you are using, the date and time of your visit, the name of your Internet Service Provider (ISP), the web site you are using to visit us and which of our web sites you are visiting.
The information we collect automatically is called "Anonymous Information". Anonymous Information means information that is not associated with or linked to your Personal Information. Thus Anonymous Information does not permit the identification of individual persons.
We may use this Anonymous Information for internal purposes, such as maintaining our operating ability, preventing fraudulent access to our Site and/or Store or analyzing usage patterns so that we may enhance our Site. We also reserve the right to use and disclose any Anonymous Information at our discretion, although you will remain anonymous as an individual user.
We automatically collect Information through different technologies as described below.
Cookies and Other Tracking Technologies
Our web site uses technologies such as Cookies, beacons, tags and scripts. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an aggregated basis.
Our web site may use Local Storage Objects (LSOs) such as HTML5 or Flash to store content information and preferences. Third parties with whom we partner to provide certain features on the Store or to display advertising based upon your web browsing activity use LSOs such as HTML 5 or Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. Please refer to your browser’s manual for more information on how this can be done individually. To manage Flash LSOs please click here: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.
We partner with third parties to either display advertising on the Store or to manage advertising on other sites. These third parties may use technologies such as Cookies to gather information about your activities on the Store and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
Google will use this information to evaluate your use of the Site, compile reports on Site activity and provide other Site activity and internet related services. In addition, Google may also transfer this information to third parties if required by law or if third parties process the information on Google's behalf.
By using this Site, you consent to the processing of data about you by Google in the manner described and for the aforementioned purpose. More information about Google Analytics can be found here.
Do Not Track Signals
Some Internet browsers include the ability to transmit “Do Not Track” (DNT) signals. At this time, however, the definitions and meanings of DNT signals and responses, and the correct behavior regarding DNT signals, are not defined. Until such time as the standard is finalized, this Site does not process or respond to DNT signals. To learn more about DNT, please visit donottrack.us
Personal Information from Other Sources
We may receive Personal Information about you from other sources like telephone or fax, or from third parties that provide services for us in connection with the Site and/or Store. We may add this information to the data we have already collected from you via the Site and/or Store.
Disclosure of Personal Information
Provider of the Products from a Store
We collect information for the Provider of the Product. If you are a customer of the Provider of the Product and would no longer like to be contacted, please contact the Provider of the Product that you interact with directly. If you are a customer and would like to update your account (if any) or transaction data please contact us at via our Help Center.
Third Party Service Providers and Suppliers
In order to avoid defaults on payment, we reserve the right to obtain information on your creditworthiness from third parties for certain payment methods (direct debit, purchase order), e.g. based on mathematic-statistical processes. In this event, you will be explicitly informed during the ordering process.
In case of non-redemption of a direct debit transaction that is not caused by a revocation through the account holder, we reserve the right to report your account information (account number, bank routing number) to a third party that saves these facts in a lock file and send them to other companies that are affiliated with the direct debit procedure. The blocking shall be deleted after the amount invoiced has been settled.
Law Enforcement, Governmental Authorities and Agencies
We may disclose information we have collected from and about you (including Personal Information) if we believe in good faith that such disclosure is necessary to
- comply with relevant laws or to respond to subpoenas or warrants served on us;
- to protect and defend the rights or property of us, the visitors of the Store and Site and our customers, or third parties.
For tax-exempted orders originating in certain EU countries, your address information may be passed on to the responsible tax authorities in order to establish that your VAT identification number (VAT-ID) is correct.
Export and Processing of Personal Information in Countries Outside of the European Economic Community
We hereby state that, for the purposes of processing your order, your data may be transferred to our subsidiary based in the United States and/or to product providers through us and who are based outside the European Economic community in countries that, to date, generally do not have a data privacy level that is recognized as being congruent to the European Union.
Please note, that Cleverbridge affiliates have entered into and executed agreements for the international transfer of Personal Information which allows for the processing of your data and which correspond to the European Union Model Clauses for transfer of Personal Information to third countries.
Data Security and Confidentiality
In order to maintain the highest level of customer and client protection, we adhere to the applicable industry rules and regulations. Thus, we maintain commercially reasonable and appropriate physical, electronic, and managerial measures and procedures to safeguard and secure your Personal Information during data collection, transmission and storage. Your data are only accessible by authorized persons who are familiar with Cleverbridge's data privacy policies. However, no company, including Cleverbridge, can fully eliminate security risks associated with Personal Information.
Transport Layer Security (TLS)
All access to the Store’s ordering pages at Cleverbridge is granted using Transport Layer Security (TLS) technology, which encrypts Personal Information you provide during the ordering process. Thereby confidential data is protected against being intercepted by third parties and your Personal Information is transferred through this secure channel. To ensure this level of security, our systems use a certificate in keeping with common practice in ecommerce. This certificate is issued by a trusted security provider. All standard web browsers support this technology and accept the certificates from trusted providers automatically. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security, you can contact us at privacy(at)cleverbridge.com.
Credit Card Data
Cleverbridge maintains full compliance with PCI DSS (Payment Card Industry Data Security Standard) to enhance payment card data security and provide a secure ecommerce environment for our customers. The PCI DSS standard lays out requirements for network architecture, software development, security management and other critical proactive measures to ensure the safety of payment card transactions. Each year a Qualified Security Assessor thoroughly examines the processes within Cleverbridge to make sure we adhere to the strict PCI regulations.
Thus, we reveal only the last four digits of your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate payment processor during order processing. Due to the Requirements of the PCI DSS, this transfer is secured using TLS.
Review and Correction of Personal Information
An individual who wants to review, correct, block or delete their stored Personal Information, please send us a brief request in writing, either via post or email (see below). In the event that, despite our efforts to maintain data correct and up-to-date, false information has been saved, then we will change it upon your request. You will normally receive a response to your request from us within thirty (30) days.
For more information on whether we store Personal Information about you and what this data is or other data privacy topics, please contact our data privacy agent in writing:
Data Privacy Agent
50670 Cologne, Germany
Email address: privacy(at)cleverbridge.com
Cleverbridge will retain personal data we process on behalf of our clients for as long as needed to provide services. Cleverbridge will retain and use this Personal Information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
Upon full consummation of your contractual relationship with Cleverbridge, your data (including Personal Information) will, upon your request, be blocked at the internal Cleverbridge systems from further processing and deleted after completion of the mandatory legal storage periods.
You understand that any deletion of your Personal Information extends only to the data related to you as a person. Cleverbridge will not have any liability whatsoever to you for any termination of your Account or related deletion of your Personal Information or data.
When we delete Personal Information that we have collected from or about you, it will be deleted from our active databases but may remain in our archives.
Notice to California Residents
If you would like to know
- the categories of Personal Information about you that we disclosed in the prior calendar year to Providers for the purposes of the Provider's marketing and/or
- the names and addresses of such Providers, please contact us. In order to do so, please send us a brief request via email to privacy(at)cleverbridge.com.
Please note that we are required to respond to one request per California resident each year, and we are not required to respond to requests made by means other than through email.
Links to Other Web Sites
Privacy of Minors
In principle, persons under the age of eighteen (18) should not transfer any Personal Information to us without the consent of a parent or legal guardian. We will neither intentionally ask for Personal Information of minors, nor collect or transfer them.
Notice to residents of the United States: We do not intentionally collect or maintain information from those visitors of the Site who are under thirteen (13) years old.
Changes in this Privacy Statement and Previous Versions