Privacy policy

Introduction

We respect your privacy and are committed to protecting it through our compliance with this privacy policy (“Policy”). This Policy describes the types of information we may collect from you or that you may provide (“Personal Information”) on the anchorpoint.app website (“Website”), the Anchorpoint desktop application (“Application”), and any of their related products and services (collectively, “Services”). It also explains our practices for collecting, using, maintaining, protecting, and disclosing that Personal Information.

This Policy is a legally binding agreement between you (“User”, “you” or “your”) and Anchorpoint Software GmbH (“Anchorpoint Software GmbH”, “we”, “us” or “our”). By accessing and using the Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy.

This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

Automatic collection of information

When you visit the Website or use the Application, our servers automatically collect certain data that your browser or device sends. This may include:

  • IP address and general location
  • Browser and device type and version
  • Operating system type and version
  • Language preferences
  • Webpages visited before accessing the Services
  • Pages accessed within the Services and time spent on those pages
  • Information searched on the Services
  • Access times and dates

This information is collected to monitor usage, improve the Services, and detect potential abuse. This data is not used to identify individual users.

Collection of personal information

You can access the Services without providing personal data. However, to use certain features, you may be required to provide specific information, including:

Account details (e.g., username, unique user ID)

Account details are collected when creating an Anchorpoint user account within the desktop application. The information attached to accounts includes the username and metadata.

Contact information (email address and linked social accounts)

During the account creation process, you will be asked to provide an email address, which is used as a unique identifier or to link an existing social account (e.g., Google). Your information is processed via our external and secure authentication provider, Auth0, which also manages passwords. We do not store passwords on our servers.

Payment details

Payment details are collected only when you intentionally subscribe to a paid plan using the payment provider Stripe. This information is entered through a web interface that is served directly by the payment provider. We do not store credit card information on our servers.

Support requests (information you submit when contacting customer support)

Support requests are collected when using the "Send us a message" functionality in the Anchorpoint desktop application or when sending an email to support@anchorpoint.app.

Marketing data (newsletter sign-ups)

Newsletter sign-ups are an optional step during the account creation process. You can unsubscribe from our newsletters at any time.

Sensitive data

We do not collect sensitive data such as biometric information or health-related data.

Some data may be collected from third-party sources, including:

  • Public databases
  • Third-party data providers
  • Marketing and analytics platforms

You may choose not to provide certain information, but this may prevent access to some features of the Services.

Use and processing of collected information

We act as both a data controller and a data processor under the GDPR, depending on the situation.

  • As a data controller, we determine the purposes and means of processing your Personal Information, such as when you create an account.
  • As a data processor, we process Personal Information on behalf of users, such as metadata within the Application.

The purposes for which we process Personal Information include:

  • Creating and managing user accounts
  • Processing payments
  • Delivering and improving the Services
  • Providing customer support
  • Sending marketing communications (if you opt-in)
  • Ensuring security and fraud prevention
  • Analyzing and monitoring usage trends

Legal basis for processing

  • Providing the service and authentication: Contractual necessity (Art. 6(1)(b))
  • Payment processing: Contractual necessity (Art. 6(1)(b))
  • Customer support: Contractual necessity (Art. 6(1)(b))
  • Service improvement: Legitimate interest (Art. 6(1)(f))
  • Security and fraud prevention: Legitimate interest (Art. 6(1)(f))
  • Marketing (newsletters): User consent (Art. 6(1)(a))

We do not process Personal Information under GDPR Article 9.

Payment processing

Payments for Services are handled by Stripe. We do not store credit card details; all financial data is processed by Stripe under PCI DSS standards. For more details, see Stripe’s Privacy Policy.

Data sharing and third-party processors

To provide our Services efficiently, we rely on third-party service providers that process data on our behalf. These providers are GDPR-compliant, and we have signed Data Processing Agreements (DPAs) where necessary.

Service providers and purpose

  • Auth0 (EU/US): User authentication
  • Stripe (US): Payment processing
  • Webflow (US): Website hosting and forms
  • Crisp Chat (EU): Customer support system
  • AWS (Frankfurt, EU): Metadata storage
  • Zapier (US): Process automation
  • Mailerlite (EU): Email marketing

International data transfers

Some service providers, such as Stripe, Webflow, and Zapier, are based outside the European Economic Area (EEA). We ensure compliance through:

  • Standard contractual clauses (SCCs)
  • EU-U.S. Data Privacy Framework compliance (where applicable)

Retention of information

  • Personal data is stored as long as you actively use the Services.
  • If an account remains inactive for 12 months, it is deleted.
  • You may request data deletion at any time (see section on user rights).

Your rights under GDPR

If you are a resident of the European Economic Area (EEA), you have the right to:

  • Access your Personal Information
  • Rectify incorrect or incomplete data
  • Request deletion of your data (“right to be forgotten”)
  • Restrict processing under certain conditions
  • Receive a copy of your data in a portable format
  • Object to processing based on legitimate interest
  • Withdraw consent at any time (for marketing)

Exercising your rights

  • You can delete your account directly in the Anchorpoint desktop application.
  • You can also submit requests via support@anchorpoint.app.
  • We will respond within 30 days as required by GDPR.

Cookies and tracking

We use cookies for essential functionality and analytics. Users can manage preferences via our cookie banner.

For details, see: https://www.anchorpoint.app/policies/privacy-policy.

Security measures

We implement strict security measures to protect Personal Information:

  • Encryption: Data is encrypted at rest and in transit (TLS/SSL).
  • Access controls: Limited access to authorized personnel.
  • Breach notification policy: If a data breach occurs, we will notify affected users and regulatory authorities.

For full details, see: https://www.anchorpoint.app/policies/security.

Changes and amendments

We reserve the right to modify this Policy at any time. Users will be notified of significant changes via email. The latest version will always be available on our website.

Complaints and supervisory authority

Users may contact us with privacy concerns: contact@anchorpoint.app

If you are not satisfied with our response, you may file a complaint with Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI):

  • BfDI
  • Graurheindorfer Str. 153, 53117 Bonn, Germany
  • Website: https://www.bfdi.bund.de

Contacting us

If you have any questions, concerns, or complaints regarding this Policy, the information we hold about you, or if you wish to exercise your rights, we encourage you to contact us using the details below:

contact@anchorpoint.app
Florinsmarkt 14, 56068 Koblenz, Germany

We will attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by applicable data protection laws.

This document was last updated on November 18, 2024

Further policies

Security
Refund policy
Eula
Terms and conditions
Privacy policy
Imprint