List of techniques and tools we use for data collection:
We process your personal data in compliance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the applicable EU laws and German national data protection laws.
Note: “Aggregated usage statistics”, such as web log data and other data without any connection to a single user, may be retained beyond these periods.
We collect as little data as possible. As far as anonymous or pseudonymous use is possible we anonymize or pseudonymize your data. We aim to empower you as an end user, to be in control of the data that is being shared with, and informed about what and how it is being shared. We believe in your right to remain anonymous and will enable you to prevent an illegitimate exploitation of your information.
We aspire to restore and maintain the value exchange between content creators and users and to ensure the free usage of the web.
Contact our Data Protection Officer, Cornelius Witt, via email or phone.
The following information applies to the collection, processing and use of personal data in connection with our services, as but not limited to, the Crumbs extension and on our websites.
The legal person responsible for the collection, processing and / or use of personal data in connection with the website ("Controller") is:
If you have any questions regarding your personal data, please do not hesitate to contact our Data Protection Officer:
The purpose of data protection is to protect personal data. Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This information includes, for example, details such as name, postal address, email address or telephone number, but also nicknames, certificates and information about your interests.
In compliance with Art. 5 (b) GDPR, we collect and process your personal data for specified, explicit and legitimate purposes and do not further process your data in a manner that is incompatible with those purposes.
We collect and process your personal data in compliance with the GDPR and the applicable EU laws and German national data protection laws.
We will always ask for your consent to collect and process your personal data for the aforementioned specific purposes, unless the collection and processing of your personal data is permitted by statutory laws. Where you have provided us with your consent to the collection and processing of your personal data for the aforementioned specific purposes, you have the right to withdraw your consent at any time.
The collection and processing of your personal data may be necessary for the performance of a contract to which you may be a party. Prior to entering into such a contract, the collection and processing of your personal data may also be necessary in order to take steps at your request. This applies for installation (data gathered by the browser and / or app store) and the use of Crumbs.
Collection and processing of your personal data may be necessary for compliance with a legal obligation to which we are subject under EU laws or the laws of an EU Member State.
The collection and processing of your personal data may be necessary for the purposes of our legitimate interests. We collect and process website logs for technical reasons, such as, but not limited to, preventing denial of service attacks. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. Preventing such overloads of our systems and any security issues by denial of service attacks is in your and our vital interest and therefore we use the website logs. We use information collected and processed via subscription downloads, extension update checks, emergency notifications and feedback data sent by you, for technical reasons, such as, but not limited to, ensuring the security of the extension version used by you. Ensuring the security of our extension is in your and our vital interest and therefore we use such data. Furthermore, we collect and process such data to ensure that our website and extension are constantly improved and adjusted to the changing requirements for an efficient usability and the technical environment.
We will not transfer your personal data to third parties as a matter of course without letting you know in advance. We will ask for your prior permission unless the transfer of such data is permitted by GDPR or any other applicable EU laws and German national data protection laws.
We use an external service provider tool for email (GSuite) and to analyze the success of our campaigns (Google Analytics). This service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to ensure an adequate level of data protection, we have entered into a data processing agreement including the EU Standard Contractual Clauses (processors) – Commission Decision C(2010)593. You can access a copy of this agreement here.
You've opted out of Google Analytics campaign monitoring. To opt back in please click here.
In compliance with the GDPR and the applicable EU laws and German national data protection laws and to the extent legally permitted, you have the following rights to protect your personal data collected and processed by us:
Naturally you have the right to receive, upon request, information about the personal data stored by us about you and information about how we collect, process and store your personal data. Where that is the case, you have the right to gain access to such personal data stored by us. You have the right to request from us the rectification of your inaccurate personal data. Taking into account the purposes of collecting and processing your data, you have the right to have incomplete personal data completed. You have the right to request restriction of processing.
You also have the right (1) to receive all personal data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format and (2) to transmit that data to another controller.
Please note, if data needs to be retained for legal purposes pursuant to Art. 17 (3) GDPR, we will restrict the use of the respective data.
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the collection and processing of personal data relating to you infringes the GDPR.
You have the right to object at any time to the collection processing of your personal data on grounds relating to your particular situation, when collection and processing is based on our legitimate interest (Art. 6 (1) f GDPR).
You have the right to withdraw your consent at any time, when you have provided us with your consent to the collection and processing of your personal data for one or more specific purposes.
Based on this data, Crumbs is creating a local profile of you in the Crumbs extension. This profile cannot be accessed by anyone else than you. Based on this profile, Crumbs is sharing some anonymized data points with supported advertisers.
Browser history profile data is stored for as long as Crumbs is installed on the browser. Users however may reset their profile history at any given time, by uninstalling Crumbs. More advanced profile management choices are available in the application.
When using our websites, we automatically collect the following data in order to provide you with our services, and for security reasons.
All requests to our websites are recorded in the website logs. Data stored includes your IP address (solely for the purpose of IT security and only accessible by eyeo's IT Security team), the time at which the request was made, the web address accessed, the browser identifier and the referring page. This data (IP address only aggregated via hashing with a daily changing salt) is used to generate usage statistics as well as to investigate potential security issues and forum or blog spam. Detailed logs are retained for a period of 30 days, after which only the aggregated usage statistics that cannot be connected to a single user remain. Everything else is deleted.
The website logs are stored for a period of 7 days.
We also track when you create an event, e.g. when you enable and disable certain features. This data is solely used to improve our products and your user experience. You can opt-out from sending such reports via the settings.
Event tracking with IDs is retained for 7 days. Aggregated reports may be retained for a longer period.
This section only applies to California residents. It explains how we collect and use Personal Information as well as the rights available to California residents under the California Consumer Protection Act (“CCPA”). The words in this section have the same meaning given to them in the CCPA. Please note that the words as described under the CCPA may be broader than their common meaning.
“Personal Information,” for example, refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to you or your household. Personal Information does not include information that is aggregated or information that cannot be reasonably linked to you.
Please note that we have a duty to verify your identity whenever you exercise your Right to Know and/or your Right to Request Deletion. In order to do so, we will request Personal Information from you to match against the Personal Information in our records. In some cases, we may also request additional documentation to verify your identity.
Please also note that the CCPA allows you to exercise these rights yourself or designate an authorized agent who will exercise these rights on your behalf. In the event that an authorized agent exercises rights on your behalf, we may request a written permission from you that establishes the individual as your authorized agent as well as other information necessary to verify the identity of the authorized agent.
To exercise any of these rights, please submit a request to firstname.lastname@example.org.
If you have any questions about this section or how to exercise your rights under the CCPA, please contact us.