Privacy Policy

I. Name and address of the responsible person and scope of application

This privacy policy informs visitors of this website and users of software products distributed by Volkert Software about the type, scope and purpose of the collection, processing and storage of personal data by Volkert Software. The legal basis for the processing can be found in the General Data Protection Regulation (GDPR).

Responsible for data collection and processing in the sense of the GDPR is:

Volkert Software
Stettiner Str. 7
71254 Ditzingen
Germany
Email: info@volkert.io

II. General information on data protection

1. Guidelines for handling personal data at Volkert Software

Basically, Volkert Software collects and processes personal data only to the extent necessary

  • to provide a working website,
  • to detect and defend attacks against our IT infrastructure,
  • to prevent unauthorized use of our software,
  • to comply with legal regulations,
  • to process support requests, or
  • to provide additional functionality with our software serve in the case of explicit consent.

Details can be found in later subsections of this privacy policy.

2. Collection and storage of IP addresses

IP addresses are unique addresses that networked devices such as PCs, smartphones or tablets use to communicate with other devices in the network. A single IP address can belong to one or more devices. On the Internet, every connection has an IP address that is usually assigned by the Internet service provider for the duration of the Internet connection and can be associated by the provider to the connection owner.

Since in the case where a connection is used by only one person, the IP address of the connection uniquely identifies the user, and since the Internet provider can be forced by court order to disclose the connection owner for a given IP address, IP addresses are counted as personal data according to an ECJ and BGH ruling.

Because the IP address is technically necessary for communication on the Internet, Volkert Software also collects and processes IP addresses in any communication with our servers. The complete IP address is temporarily stored until the end of the communication in order to be able to transfer all requested data.

In addition, for any communication with our servers, an entry with date, time, requested resource, amount of transmitted data, anonymized IP address and, if applicable, the user agent (see Art. III of this privacy policy) is created in the access log of the corresponding server. This data is stored for a maximum of 90 days to detect and prevent attacks on our IT infrastructure. An evaluation of the access data for other purposes, such as user tracking or marketing, does not take place.

3. Order data processing at ALL-INKL.COM – Neue Medien Münnich

Volkert Software does not host its servers itself, but uses the services of ALL-INKL.COM for this purpose. Accordingly, all personal data transferred to Volkert Software is processed on ALL-INKL.COM hardware. In order to ensure the protection of your data, Volkert Software has agreed a commissioned data processing agreement pursuant to Art. 28 GDPR with ALL-INKL.COM, in which it is guaranteed that ALL-INKL.COM will not process or store any of this data itself, unless this happens on explicit instruction by Volkert Software.

4. Right of information

You have the right to request a copy of the data stored about you. Please, send an email to privacy@volkert.io to do so.

You can find more information in Art. 15 GDPR.

5. Right of rectification

You also have the right to have incorrect data corrected. This may be the case, for example, if your address has changed or if there was a name change. If you wish a correction, please send an email to privacy@volkert.io.

You can find more information in Art. 16 GDPR.

6. Right to object

In the event that Volkert Software processes personal data on the basis of a legitimate interest pursuant to Art. 6 para. 1. letter f GDPR, you have the right to object to such processing, unless Volkert Software has compelling legitimate reasons for the processing which override your interests, rights and freedoms, or if the data are used to assert, exercise and/or defend legal claims.

You can find more information in Art. 21 GDPR.

7. Right to complain

If you believe that the processing of your personal data is not GDPR compliant, you have the right to lodge a complaint with a competent data protection authority.

You can find more information in Art. 77 GDPR.

8. Right to restriction of processing

You have the right to temporarily restrict the processing of your data in the following cases:

  • for the duration of the verification of accuracy, if you exercise your right to correct your data as set forth in Art. II para. 4 of this privacy policy to correct your data
  • if Volkert Software has processed the data unlawfully, but you refuse to have the data erased
  • if Volkert Software no longer needs the data, but you yourself still need this data to exercise, assert or defend legal claims
  • if you object to the processing of your data pursuant to Art. 21 GDPR or Art. II para. 5 of this privacy policy, you may restrict the processing of your data for the duration of the clarification of whether your personal interests, rights and freedoms outweigh our legitimate grounds

If you restrict the use of the data, it will only be processed – apart from storage – with your explicit consent or for the exercise, assertion and/or defense of legal claims.

If you wish to exercise this right, please send an email to privacy@volkert.io.

You can find more information in Art. 18 GDPR.

9. Right of deletion

You have the right to request the immediate deletion of the personal data stored about you, provided that no contractual or legal provisions (e.g., legal retention periods) require the further storage of the data. Please, send an email to privacy@volkert.io to do so.

You can find more information in Art. 17 GDPR.

III. Provision of the website

1. Collected data

When you visit the website, the following data is transmitted:

  • the IP address to which the page content should be delivered
  • the URL of the retrieved page
  • a so-called “user agent”, which contains additional information about the device from which the website is visited:
    • operating system version
    • browser version
    • sometimes also information about the hardware (e.g., if it is a smartphone or if an Intel/AMD CPU is used)

2. Processing purposes

The IP address is transmitted for the reasons stated in Art. II para. 2 of this privacy policy. The URL of the page accessed is required in order to be able to transmit the correct page for display. 

The user agent is automatically transmitted by the browser, for example, to enable a display of the page optimized for the smaller screen of mobile devices.

3. Legal basis of the processing

The processing of the data is based on our legitimate interest in providing you with a working website (Art. 6 para. 1 letter f GDPR).

4. Duration of storage

The rules for IP addresses in Art. II para. 2 of this privacy policy apply.

5. Data sharing

A passing of the data does not take place.

IV. Starting Multi-Streamer

1. Collected data

When Multi-Streamer is started, the user’s IP address and the version number of the started version of Multi-Streamer are transmitted to our servers in encrypted form.

2. Processing purposes

We reserve the right to withdraw old versions of Multi-Streamer, for example if unauthorized use cannot be ruled out due to software errors. For this purpose, the software asks one of our servers at startup whether the started version may still be executed. If the server rejects this or no connection to the server can be established, Multi-Streamer restricts its functions.

The IP address is collected for the reasons stated in Art. II para. 2 of this privacy policy.

3. Legal basis of the processing

By agreeing to the End User License Statement, you have consented to the collection and processing of this data (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

The rules for IP addresses in Art. II para. 2 of this privacy policy apply. The version number is not stored.

5. Data sharing

A passing of the data does not take place.

V. Check for updates from Multi-Streamer

1. Collected data

When checking for new updates, the IP address is collected for the reasons stated in Art. II para. 2 of this privacy policy.

2. Processing purposes

To be informed about new versions of Multi-Streamer, there is the possibility to automatically check for updates when starting the software. For this purpose Multi-Streamer requests the version number of the latest version from one of our servers.

3. Legal basis of the processing

The processing of the data is based on explicit consent pursuant to Art. 6 para. 1 letter a GDPR.

4. Duration of storage

The rules for IP addresses in Art. II para. 2 of this privacy policy apply.

5. Right to object

You have the right to withdraw your consent to processing at any time. To do so, click on the corresponding button in the “Check For Updates” dialog, which can be reached from the “Help” menu.

6. Data sharing

A passing of the data does not take place.

VI. Performing a software update

1. Collected data

In addition to the IP address, the information for which operating system the software is to be downloaded is also transmitted.

2. Processing purposes

The IP address is collected for the reasons stated in Art. II para. 2 of this privacy policy. The information about the operating system is required so that the server transmits the appropriate version of the software.

3. Legal basis of the processing

The processing of the data is based on explicit consent pursuant to Art. 6 para. 1 letter a GDPR.

4. Duration of storage

The rules for IP addresses in Art. II para. 2 of this privacy policy apply. The information about the operating system is also stored as part of the URL of the request together with the anonymized IP address and deleted at the same time.

5. Data sharing

A passing of the data does not take place.

VII. Log-in to Multi-Streamer

1. Collected data

In addition to the IP address (see Art. II para. 2 of this privacy policy), the email address, the password and a user-selectable text (“session identifier”) are transmitted for log-in. If a user account exists with the email address entered and the password matches the one stored in the account, a 64-digit “Authentication Token” is generated from random characters, which is subsequently stored on the user’s computer and used for future interactions instead of the user name and password.

2. Processing purposes

Email address and password are used to authenticate the user. The IP address from which the log-in took place and the session identifier are displayed in the list of all instances currently logged in with the user account belonging to the email address. On the one hand, the user can use this to decide which session to terminate in the event that all available licenses of his account are already in use, but it can also be used to detect unauthorized use by a third party.

3. Legal basis of the processing

The collection and processing of this data is regulated in the purchase agreement concluded with Volkert Software (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

If the log-in attempt fails, the data is not stored. If the log-in is successful, the data remains stored for 30 days after the user explicitly ends the session, in order to be able to answer any support requests that may arise.

5. Data sharing

A passing of the data does not take place.

VIII. Requesting a new password

1. Collected data

In addition to the IP address (see Art. II para. 2 of this privacy policy), the email address of the user account whose password is to be reset is collected. If an account with the specified email address exists, a recovery code (valid for a few minutes) is generated and sent to the email address.

In a second step, this recovery code must then be transferred together with the new password.

2. Processing purposes

The data is collected to enable users to assign a new password and to ensure that only the account holder can assign a new password.

 3. Legal basis of the processing

The collection and processing is based on explicit consent (Art. 6 para. 1 letter a GDPR). Only if a user makes use of this option, the data will be transmitted.

4. Duration of storage

If an email address is entered in the first step for which no user account exists, the data will be discarded immediately. In case of an existing account, the generated recovery code will be stored together with the email address for the period of validity of the code and then deleted.

5. Data sharing

As with the newsletter, the email with the recovery code is sent by our service provider ALL-INKL.COM, with whom Volkert Software has agreed a commissioned processing agreement in accordance with Art. 28 GDPR.

A passing of the data for any other purpose does not take place.

IX. Activation of a license

1. Collected data

In order to activate a license, the Authentication Token (see Art. V of this privacy policy) is transmitted in addition to the license key entered by the user. In addition, the time of activation of the license is stored in our database.

2. Processing purposes

A purchased license must be linked to the user account once to activate it. The license key identifies the license and which functionality is enabled, the authentication token identifies the user account to which the license is linked. The activation time is stored in order to be able to track the chronological sequence of user interactions in the event of support requests or for troubleshooting purposes.

3. Legal basis of the processing

The processing of the data serves the fulfillment of contractual obligations (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

If a license exists that has not yet been activated with the specified license key, the data will be retained until the user account is deleted.

5. Data sharing

A passing of the data does not take place.

X. Selection of a license and use of this license

1. Collected data

If a user selects a license for use in the current instance of the software, the Authentication Token (see Art. V of this privacy policy) as well as the ID of the selected license and a “Secret” generated by the software from random characters are transmitted.

During further operation with this license, a new secret is generated periodically (currently every 30 seconds) and transmitted to the server together with the old secret and the Authentication Token to extend the license usage.

In both cases the time of the last usage is stored in our database.

2. Processing purposes

The ID of the license and the Authentication Token are used to mark the selected license as “in use” in our database. The Secret is used to extend the usage period for a license that is already in use. Only when too much time has passed since the last time the license was used (hence the storage of the time of the last use), other instances of the software can use it even without knowing the old Secret.

This ensures that multiple instances cannot use the same license at the same time. In addition, the link between the license and the authentication token serves to automatically select the same license again the next time the software is started, if it is not already in use.

3. Legal basis of the processing

The processing of the data serves the fulfillment of contractual obligations and the prevention of unauthorized use of the software (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

The link of the license to the using instance via the Authentication Token is kept until the explicit invalidation of the Authentication Token (see Art. IIX of this privacy policy). The Secret is kept until the next periodic license check and then replaced by the new Secret.

5. Data sharing

A passing of the data does not take place.

XI. Log-out

1. Collected data

The authentication token of the instance used and the authentication token of the session to be terminated are transmitted for the log-out. The time of the log-out is stored in our database.

2. Processing purposes

On the one hand, you can terminate your own session by logging out, for example, to prevent your license from being used by another user at a later time on shared computers.

On the other hand, the user can also terminate other sessions of the same account, for example, to end the use of a license by this session without knowing exactly on which computer the software is still running.

The time of the log-out is stored for processing support cases, in order to be able to trace the chronological sequence of various user interactions.

3. Legal basis of the processing

The processing of this data is regulated by the End User License Statement (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

Data will be kept for support case processing for up to one month after the session ends.

5. Data sharing

A passing of the data does not take place.

XII. Password change

1. Collected data

To change the password, the user enters the old password and the new one.

2. Processing purposes

The old password is used to ensure that only the owner of the user account can change the password. The new password is stored in the database for future authentication.

3. Legal basis of the processing

The processing of this data is regulated by the End User License Statement (Art. 6 para. 1 letter b GDPR).

4. Duration of storage

The old password will not be saved. The new password is stored only in hashed form until the account is deleted or changed again.

5. Data sharing

A passing of the data does not take place.