Privacy

Privacy Policy

This Privacy Policy applies to the information that we collect when you visit our main website (exechange.com) and other websites that we own or control and link or refer to this Privacy Policy. This Privacy Policy describes how this information is processed, as well as the choices that are available to you regarding the use of the information you provide.

Contact information for exechange is listed at the end of this Privacy Policy.

This Privacy Policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our Privacy Policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our websites.

Who we are

exechange.com is owned and operated by daniel schauber media, a private German company. We are subject to the regulations of the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). The strict German privacy laws are among the toughest in the world. exechange.com is hosted by Strato AG, an internet service provider headquartered in Berlin, Germany. Strato is a subsidiary of United Internet AG, a leading internet service provider in Germany.

We have a legal duty to protect any information we collect from you. We will only use your information for the purpose we have described. We use appropriate security technologies to safeguard your data and take appropriate steps to prevent unauthorized access to it.

What personal information do we collect from the people that visit our website?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details. When ordering on our site, we collect the IP address assigned to you on the date you visit this site.

When do we collect information?

We collect information from you when you register on our site, place an order, subscribe to a newsletter, enter information on our site or surf our website.

How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To improve our website in order to better serve you.
  • To allow us to better service you in responding to your customer service requests.
  • To quickly process your transactions.
  • To send periodic emails regarding your order or other products and services.
How do we protect your information?

An external PCI compliant payment gateway handles all payment transactions.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order to maintain the safety of your personal information.

Do we use ‘cookies’?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:
  • Help remember and process the items in the shopping cart.
  • Understand and save user’s preferences for future visits.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser:

If you turn cookies off it will turn off some of the features of the site.

Third-party disclosure

We do not sell or trade to outside parties your Personally Identifiable Information.

Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google Analytics

We use a tool called “Google Analytics” to collect information about use of this site. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics only to improve this site. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.

Newsletter

In order to register for a newsletter service provided by us, we need at least your e-mail address so that we know where to send the newsletter. All other information you supply is on a voluntary basis and will be used only if you give your consent, for example, to contact you directly or clear up questions concerning your e-mail address.

As a general rule, we employ the double opt-in method for the registration. In other words, after you have registered for the service and informed us of your e-mail address, you will receive an e-mail in return from us, containing a link that you must use to confirm your registration. Your registration and confirmation will be recorded.

The newsletter will not be sent until this has been done. This procedure is used to ensure that only you yourself can register with the newsletter service under the specified e-mail address. You must confirm your registration as soon as possible after receiving our e-mail, otherwise your registration and e-mail address will be erased from our database. Until we receive your confirmation, our newsletter service will refuse to accept any other registration requests using this e-mail address.

You can cancel subscriptions to our newsletters at any time. To do so, either send us an e-mail or follow the link at the end of the newsletter.

Use of MailChimp

When ordering or registering on our site, we use the MailChimp list manager. MailChimp is a service provided by The Rocket Science Group, LLC.

When you order or register on our site, the data you enter will be transmitted to and saved by MailChimp.

After registering for a newsletter, you will receive an e-mail from MailChimp to confirm your registration (“double opt-in”). MailChimp provides a wide range of options for analyzing how e-mails are opened and used. These analyses are made on a group basis; we do not use them for individual evaluations. Furthermore, MailChimp uses the Google Analytics analysis tool and links it to the e-mails, if required. You can find more detailed information on Google Analytics in the section “Google Analytics”. Further information about MailChimp and data protection with MailChimp is available at: http://mailchimp.com/legal/privacy/

PayPal

If paying per PayPal, credit card via PayPal, direct debit per PayPal or, if offered, purchasing on account via PayPal, we transfer your payment data to PayPal (Europe) S.a. r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”) for the purpose of payment processing. PayPal reserves itself the exclusion of certain payment methods such as credit card via PayPal, direct debit per PayPal or, if offered, purchasing on account, after the result of a credit investigation.  PayPal uses the result of the credit check with regard to the statistical probability of failure for the purpose of deciding whether to offer the corresponding payment method. The credit check may contain probability values (so called score values). Insofar as score values are included in the credit report, they are based on scientifically recognized, mathematical-statistical procedures. Among other data, address data are taken into account when calculating the score values. For further information, please refer to the PayPal data protection information: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a Privacy Policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous Privacy Policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

Users can visit our site anonymously.

Once this Privacy Policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes on our Privacy Policy Page.

You can change your personal information by logging in to your account.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action: Should a data breach occur, we will notify you via email immediately.

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:
  • Send information, respond to inquiries, and/or other requests or questions.
  • Process orders and to send information and updates pertaining to orders.
  • Send you additional information related to your product and/or service.
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Right to information and contact data

You have a legal right to inspect any stored data concerning your person, and also the right to demand their correction or deletion, and to withdraw your consent for their further use.

In some cases, if you are a registered user of certain services provided by us, we offer you the possibility of inspecting these data online, and even of deleting or modifying the data yourself, via a user account.

If you wish to obtain information on your personal data, or want us to correct or erase such data, or if you have any other questions concerning the use of personal data held by us, please contact:

exechange.com
daniel schauber media
Eschersheimer Landstraße 42
60322 Frankfurt
Germany

privacy@exechange.com

Acceptance, validity and modification of data protection conditions

By using our website, you implicitly agree to accept the use of your personal data as specified above. As our website evolves, and new technologies come into use, it may become necessary to amend the statement of data protection conditions. We reserve the right to modify our data protection conditions at any time, with effect as of a future date. We recommend that you re-read the latest version from time to time.

This present statement of data protection conditions came into effect on May 30, 2018.

exechange