top of page

Data Privacy

Privacy Policy
 

1. General information

The following information provides an overview of what happens to your personal data happens when you visit this website. Personal data is all data with which you can be personally identified. Please refer to our data protection declaration listed below this text.

Introduction

We (“we”, “us”, “our”) take the protection of the data of users (“users” or “you”) of our website and/or mobile app (the “Website” or “Mobile App”) very seriously and are committed to protecting the information that users provide to us in connection with their use of our website and/or mobile app (collectively, “digital assets”). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your data through your use of our digital assets (the “Services”) when you access the Services via your devices. We would like to point out that data transmission on the Internet (e.g. when communicating via email) may have security gaps. There is no complete protection of data against access by third parties possible.

 

Please read this Privacy Policy carefully and ensure that you fully understand our data practices before using our Services. If you have read and fully understand this policy and do not agree with our practices, you must discontinue using our digital assets and Services. By using our Services, you agree to the terms of this Privacy Policy. Continued use of the services constitutes your acceptance of this Privacy Policy and any amendments to it.

 

This Privacy Policy explains:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • Who we share the data with

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we handle minors

  • Updates or changes to the Privacy Policy

 

Overview of the data we may collect

Data is collected automatically or with your consent when you visit the website through our IT systems. These are primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter this website. 

 

Non-Personal Data we collect consists primarily of technical information. We may collect non-identified and non-identifiable information that you provide during the registration process or that is collected through your use of our services (“Non-Personal Data”). Non-Personal Data does not allow us to identify who collected it.When we combine Personal Data with Non-Personal Data, we treat it as Personal Data for as long as it remains combined.

 

The following are the main methods we use to collect data

We generally do not collect any data when you use our products. We collect only the data necessary to operate our website, process purchases, and respond to inquiries.

Personal data is collected during the purchase process to enable the purchase of Sonic Defense products; the data collection is limited to the reasonable amount of information necessary for processing the purchase and license, as well as generating an invoice in accordance with international regulations, including: Name of the company or organization, name of the buyer (contact person for the purchase and administrative issues), address of the company or organization, country in which the company or organization is located, email address for sending the invoice, email address for sending the license code, and VAT number. Further data may be collected during the purchase process by third-party providers such as payment service providers (see "payment processing").

Furthermore, information is collected that is passed to Sonic Defense via the contact form on the website https://www.sonicdefense.net, including the name of the requester, the email contact of the requester, the name of the company or organization, and the content of the request (subject).

 

We may use your data for the following purposes

  • to provide and operate our services, (e.g. in connection with the purchase of our products)

  • to develop, customize, and improve our services;

  • to respond to your feedback, inquiries, and requests, and to offer assistance;

  • to improve our data security and fraud prevention capabilities;

  • to investigate violations and enforce our terms and policies

  • to comply with applicable law, regulations, and governmental orders;

  • to provide you with other information related to our products and services.

 

Payment Processing

We use the payment service provider Stripe (Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) for payment processing. When you make a payment, you will be redirected to a payment page hosted by Stripe ("Stripe Checkout"). On this page, you will enter your payment details.

 

When using Stripe Checkout, personal data is transmitted to Stripe. This may include, in particular, the following data:

  • Name

  • Email address

  • Billing address

  • Payment information (e.g. credit card information)

  • Transaction data (e.g. amount, date, time)

  • IP address

 

The payment data is collected and processed directly by Stripe. We do not have access to complete payment data such as credit card numbers. This processing is carried out for the purpose of payment processing and fraud prevention. The legal basis for processing is Article 6(1)(b) GDPR (performance of a contract) and, where applicable, Article 6(1)(f) GDPR (legitimate interest in secure and efficient payment processing).

 

Stripe may transfer data to the USA. This data transfer is based on appropriate safeguards pursuant to Articles 44 et seq. GDPR, in particular standard contractual clauses of the European Commission and – where applicable – the EU-US Data Privacy Framework. Further information on data protection at Stripe can be found at: https://stripe.com/de/privacy

Where necessary, we have concluded a data processing agreement with Stripe.

We host the content of our website with the following provider:

Wix Online Platforms Limited, 1 Grant's Row, Dublin 2 D02HX96, Irland (EU / GDPR)

When you visit the website, IP addresses and log files are processed for security purposes (Art. 6(1)(f) GDPR). 

Further information is available here: https://www.wix.com/about/privacy

​​

We have a legitimate interest in ensuring that our website is presented as reliably as possible for IT security and prevention of misuse (Art. 6(1)(f) GDPR). If the relevant consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Who do we share this data with

We may share your data with our service providers to operate our services (e.g., storing data through third-party hosting services, providing technical support, etc.). We may also disclose your data in the following circumstances: (i) to investigate, detect, prevent, or take action against unlawful activities or other wrongdoing; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, as well as the safety of our users or the public; (iv) in the event of a change of control of us or one of our affiliates (through a merger, acquisition, or purchase of (substantially) all of our assets, among other things); (v) to collect, maintain, and/or manage your data through authorized third-party providers (e.g., cloud service providers), to the extent that this is reasonable for business purposes; (vi) to collaborate with third-party providers to improve your user experience. To avoid misunderstandings, we would like to point out that we may, at our own discretion, transmit, pass on, or otherwise use non-personal data to third parties.

 

Cookies and Similar Technologies

We do not use cookies or similar technologies that allow tracking of the browsing behavior of users who visit our websites. Neither your email address nor any other personal data will be shared with advertising companies or advertising networks.

 

Where do we store the data

Please note that our trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data we collect in various jurisdictions.

 

How do we protect the data

The operators of these sites take the protection of your personal data very seriously. We'll treat your personal data confidential and in accordance with statutory data protection regulations of this data protection declaration.

The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored through our hosting provider's data storage, databases, and general applications. They store your data on secure servers behind a firewall and offer secure HTTPS access to most areas of their services.

 

All payment options offered by us and our hosting/payment provider for our digital assets comply with the PCI DSS (Credit Card Industry Data Security Standard) regulations of the PCI Security Standards Council. This is a collaboration of brands such as Visa, MasterCard, American Express, and Discover. PCI DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural measures) by our store and service providers. Despite the measures and efforts taken by us and our hosting provider, we cannot and will not guarantee absolute protection and security of the data you upload, publish, or otherwise share with us or others. For this reason, we ask that you create strong passwords and, if possible, avoid sharing confidential information with us or others if you believe that its disclosure could cause you significant or lasting harm. Since email and instant messaging are not considered secure forms of communication, we also ask that you do not share confidential information through any of these channels.

 

No data from minors

Our products and services are not intended for users who have not yet reached the age of legal majority. We will not knowingly collect data from children. If you are not yet of legal age, you should leave the website immediately, not download any files or make any purchases, and not provide us with any information.

We reserve the right to request proof of age at any time to verify whether minors are using our services. If we become aware that a minor is using our services, we may prohibit and block that user's access to our services and delete all data we have stored about that user. If you have reason to believe that a minor has provided us with data, please contact us as explained below.

 

Use of personal data

We use your personal data only for the purposes set out in the Privacy Policy and only if we are convinced that:

  • the use of your personal data is necessary to fulfill or enter into a contract (e.g., to provide you with the services themselves, customer service, or technical support);

  • the use of your personal data is necessary to comply with applicable legal or regulatory obligations; or

  • the use of your personal data is necessary to support our legitimate business interests (provided that this is always done in a proportionate manner and respects your data protection rights).

 

As an EU resident, you can:

  • request confirmation as to whether or not personal data concerning you is being processed, and request access to your stored personal data and certain additional information;

  • request to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format;

  • request the correction of your personal data stored by us;

  • request the deletion of your personal data. You have the right to: object to our processing of your personal data; request the restriction of the processing of your personal data; or lodge a complaint with a supervisory authority.

 

Please note, however, that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as indicated below. In the course of providing the services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. Where personal data is transferred outside the European Economic Area (EEA), such transfers are carried out in accordance with applicable data protection laws and are based on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission.

 

If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of protection for personal data is in place. We will take appropriate steps to ensure that we have suitable contractual agreements with our third-party providers to guarantee that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, deletion, loss, or theft of your personal data, and that these third parties act in accordance with applicable laws at all times.

 

Rights under California Consumer Privacy Act:

If you are using the services as a California resident, you may have rights under the California Consumer Privacy Act (CCPA) to request access to and deletion of your data.

Data collection on this website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. His contact details can be found in the “Notice on the responsible body” section in this data protection declaration.

​​

What rights do you have regarding your data?
You have the right to obtain information about the origin, recipient and purpose of your data free of charge at any time to receive stored personal data. You also have the right to request correction or to request deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time in the future. You also have the right to to request the restriction of the processing of your personal data in certain circumstances. You also have the right to lodge a complaint with the responsible supervisory authority.

​You can contact us at any time about this or if you have any further questions about data protection.

Order processing
We have an order processing contract (AVV) for the use of the above service closed. This is a contract required by data protection law ensures that the personal data of our website visitors is only processed according to ours. Instructions and processed in compliance with the GDPR.


Storage period
Unless a specific storage period has been stated within this data protection declaration, data will remain your personal data with us only for as long as it is legally necessary.

  • Invoices must be retained for 10 years, starting from the end of the financial year.

  • Log files should be filed no later than 90 days.

  • Contact requests are stored for no more than 6 months, unless they are used as part of ongoing communication with the requester.

If you have a assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing it have personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion takes place after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we will process your personal data Basis of Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR, if special data categories processed in accordance with Art. 9 Para. 1 GDPR. In the event of express consent to the transfer Personal data in third countries is also processed on the basis of Art. 49 Paragraph 1 Letter a GDPR. Data processing may take place additionally based on Section 25 Paragraph 1 TDDDG. Consent can be revoked at any time.

 

If necessary to fulfill the contract or to carry out pre-contractual measures, we process your data based on Article 6 Paragraph 1 Letter b GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation based on Article 6 Paragraph 1 Letter c GDPR. Data processing can also be carried out on the basis of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR.

Recipients of personal data
As part of our business activities, we work with various external bodies. Included in some cases, personal data must also be transmitted to these external bodies. We only pass on personal data to external parties if this is part of a fulfillment of the contract is necessary if we are legally obliged to do so (e.g. passing on data to tax authorities) if we have a legitimate interest in passing on data in accordance with Article 6 Paragraph 1 Letter f of the GDPR or if another legal basis allows the data to be passed on. We only provide data processors with our customers' personal data on the basis of a valid contract for order processing. In the case of joint processing, a contract is concluded joint processing closed.

 

Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent that has already been given at any time. 

​​

Right to data portability
You have the right to receive data that we provide based on your consent or in the performance of a contract process automatically, on your own or to a third party, in a common, machine-readable format to be handed over. If you request the direct transfer of the data to another person responsible
request, this will only be done if it is technically feasible.

 

Right to restriction of processing
You have the right to request that the processing of your personal data be restricted. The right to restriction of processing exists the following cases: If you dispute the accuracy of your personal data held by us, we require
usually time to check this. For the duration of the examination, you have the right to request restriction of the processing of your personal data. If the processing of your personal data was/is occurring unlawfully, you can request restriction of data processing instead of deletion.

​​

If you have lodged an objection in accordance with Article 21 Para. 1 GDPR, you must weigh up the following: your and our interests. As long as it is not yet clear whose interests outweigh, you have the right to restrict the processing of your personal data to demand. If you have restricted the processing of your personal data, this data may - from apart from their storage - only with your consent or for the purpose of asserting, exercising or
Defending legal claims or protecting the rights of another natural or legal entity or for reasons of important public interest of the European Union or of a Member State are processed.

​​

Updates or Changes to the Privacy Policy

We may revise this Privacy Policy from time to time at our sole discretion. The version published on the website is always the most current version (see the "Date" date). We encourage you to check this Privacy Policy regularly for changes. In the event of significant changes, we will post a notice on our website. Your continued use of the services after being notified of changes on our website constitutes your acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of those changes.

DISCLAIMER

The information contained herein does not constitute legal advice and should not be relied upon solely for that purpose. Specific requirements regarding legal terms and guidelines may vary from state to state and/or from jurisdiction to jurisdiction. As outlined in our Terms of Service, you are responsible for ensuring that your services comply with and are permitted under the laws applicable to you.

To ensure that you fully comply with your legal obligations, we strongly recommend that you seek professional legal advice to better understand which requirements apply specifically to you.

 

If you have general questions about the services or the data we collect about you and how we use it, please contact us at: contact@sonicdefense.net

Note on the responsible body
The responsible body for data processing on this website is:

Sonic Defense SAS

Robin Lobel (President)
20 Rue Raymond Aron
75013 Paris
Email: contact@sonicdefense.net

The responsible body is the natural or legal person who alone or jointly with others the purposes and means of processing personal data (e.g. names, email addresses, etc.) decides.

bottom of page