Privacy Policy

1. Introduction

We would like to explain how we handle your data when you visit our website and use our products.

CUBENet Aktiengesellschaft für Datenkommunikationsdienste (hereinafter referred to as "CUBENet AG") is pleased about your interest in ginlo. Protecting the security and privacy of your personal data during the entire business process is important to us and we want you to feel secure when you visit our website and use our services.

With this data protection information, we comply with our duty to provide information in accordance with art. 13 GDPR (General Data Protection Regulation). We explain which personal data we process for which purposes when you visit our website, when you fill out forms on it or when you use our apps. We explain the storage period of your data and inform you about your rights which you are entitled to according to the GDPR. We also explain the reasons for providing your data.

2. Definitions

The following terms, among others, are used in data protection and we would like to explain them briefly to you:

Personal data

This is any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier. This includes information such as your real name, address, telephone number or e-mail address. Information that is not directly related to your real identity – such as the number of users of a page – is not personal data.


This includes, for example, the collection, recording, sorting, storage, forwarding or deletion of personal data - automatically or manually.


This is the natural or legal person who decides on the type of processing of personal data.


These are facilities that process your data on our behalf. These can be Internet companies based in Germany, which are responsible for the transport of your communication, or, for example, payment service providers.


This is a voluntarily given statement about the processing of our own personal data. This can be done on the Internet, for example, by actively clicking on a checkbox. This is an expression of your consent.

3. Identity and the contact details of the controller

Please feel free to contact this address with any questions concerning data protection.

CUBENet Aktiengesellschaft für Datenkommunikationsdienste
Rupert-Mayer-Str. 44
DE-81379 Munich / Germany

4. Purposes and legal basis for the data processing

When visiting our pages, our servers store the usual standard data.

When filling out forms, we limit ourselves to requesting necessary communication or contract data.

In our products we only process functionally necessary data in encrypted form.

The legal basis for processing is art. 6 of the GDPR.

4.1 Use of our website

4.1.1 General

When you call up an individual page, our web servers record in a log file by default the address (URL) of the page called up, the date and time of the call, any error messages, the operating system and browser software of your device and the website from which you visit us.

In our log files we save the IP address of your device only in abbreviated form by deleting the last number block (octet). The IP address is a number that your Internet provider assigns to your device for a certain period of time.

The legal basis for the storage of log data – insofar as these represent personal data – are our legitimate interests (art. 6 (1) lit. f GDPR) in ensuring system security, error analysis, protection against misuse and the design of our website to meet your needs.

4.1.2 Contact Forms

In order to be able to get in contact with us, we provide various forms. The form data is processed in a special system (CRM), which can only be used with certain access rights.

4.1.3 Support Forms

If you need help with our products, you can fill out a contact form. To enable us to address you correctly and to answer you, we ask for your name and e-mail address.

4.1.4 Order forms

For your interest in paid products we provide different order forms. We ask for the address of your company or institution, if applicable your VAT identification number (VAT ID), your domain, a contact person, an e-mail address and a mobile phone number. This data is used for the technical installation of our products and for billing purposes. Specifically, this involves setting up the Administrator Cockpit for managing ginlo business accounts. This is a web application that is protected for security reasons (2-factor authentication) with a personal browser certificate and a password login.

4.1.5 Registration for the beta tester

If you apply to us as a beta tester, we need your title, your first and last name and your e-mail address. We use this information to be able to contact you for your application and in case you are accepted as a beta tester. We will send an individual link to your e-mail address. By clicking on it you confirm that you are the owner of the e-mail address. We can also send you information about our products and services in the area of confidentiality and privacy on the net to this e-mail address.

Legal basis of the processing

The legal basis for the processing of your data in the support form is art. 6 (1) lit. a GDPR, as your consent is required for this.

The personal data processed in our order forms and in the “beta tester” form lead to or may lead to a contractual relationship and are therefore based on art. 6 (1) lit. b GDPR.

5. Recipients or categories of recipients

CUBENet AG does not pass on your personal data to third parties and will not do so in the future, unless this is required by law, necessary for the purpose of the contract or you have expressly consented.

We use contract processors. External service providers process personal data only on documented instructions from CUBENet AG. Examples of external service providers are operators of computer centres and internet services as well as line providers or payment service providers based in Germany.

6. Transfer to a third country

Transfer to a third country means that personal data is transferred to or accessed from a state outside the European Economic Area (EEA). The processing of your data in a third country does not take place at ginlo!

This does not affect your use of our services in a third country.

7. Period for storing

Your personal data will be deleted or blocked as soon as the purpose of the storage no longer applies.

In addition, storage may take place due to statutory retention periods. A blocking or deletion of the data also takes place if a legally prescribed storage period expires, unless there is a necessity for the further storage of the data for a contract conclusion or a contract fulfillment.


The data processed when you visit our website is automatically deleted after 7 days.

Form data is converted into tickets and processed together with support e-mails in a CRM system. This data is deleted at the end of the year following the last contact, as we are also subject to a duty of proof. Data relevant for billing purposes will be deleted after expiry of the legal retention period.

8. Rights of the data subject

The basic data protection regulation grants you certain rights in relation to the personal data that a controller processes about you.

You are entitled to these rights under the conditions of the respective data protection regulations. No further rights are granted to you by the following presentation.

Right to request

You have the right to ask us to confirm whether we are processing personal data relating to you; if this is the case, you have the right to access this personal data and to receive the information specified in art. 15 GDPR.

Right of rectification

You have the right to demand that we correct incorrect personal data concerning you without delay and, if necessary, complete incomplete personal data, art. 16 GDPR.

Right to erasure

You have the right to demand from us that personal data concerning you be deleted immediately if one of the reasons listed in art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.

Right to restriction of processing

You have the right to request us to restrict processing if one of the conditions listed in art. 18 GDPR is met, e.g. if you have lodged an objection to processing.

Right to data portability

You have the right to receive your personal data provided to a controller in a structured, common and machine-readable format and you have the right to have such data transferred to another controller, provided that the basis for the processing was either your consent or a contract ( art. 6 (1) GDPR).

Right to object

You have the right to object to the processing of personal data relating to you at any time for reasons arising from your particular situation, provided that we base the processing on Art. 6 (1) lit e. or f GDPR. We will then no longer process this data unless we can demonstrate compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

Your special rights

You have the right to withdraw your consent at any time (art. 13 (2) lit. c GDPR), in particular if the purpose for which your data was processed no longer exists or has changed. This does not affect the lawfulness of the processing based on the consent until revocation.

In particular, we would like to draw your attention to your right to lodge a complaint with supervisory authority (art. 13 (2) lit. d in conjunction with art. 77 GDPR). The Bavarian State Office for Data Protection Supervision (BayLDA) in 91522 Ansbach, Promenade 25 is responsible for us.

Further information can be found under this link:

A complaint can be filed with any supervisory authority within the EU.

9. Status of data protection information

CUBENet AG reserves the right to change its privacy policy at any time with or without prior notice. Please check back regularly to be informed about changes.

Status: November 2022