Privacy Policy

Language Version Notice

This website is provided entirely or predominantly in English due to its international orientation.

The German version of the legal documents is the legally authoritative version. English or other language versions are provided solely for convenience and information. In case of discrepancies between language versions, the German version shall prevail.

1. General information

This Privacy Policy explains how personal data is processed when using the RIVANOX website.

Personal data means any information relating to an identified or identifiable natural person.

The website is operated from Germany and is subject to the General Data Protection Regulation (GDPR) as well as the applicable German and European rules on cookies and similar technologies, in particular Section 25 TDDDG.

2. Controller

The controller responsible for data processing on this website is:

Michael Scheibl
sole proprietor
acting in business under the designation SCHEIBL+Partner
Vogelherd 5
96224 Burgkunstadt
Germany

E-mail: contact365(at)scheibl-partner.com

RIVANOX is a project and/or a project, brand, website, product and content designation of the operator. SCHEIBL+Partner is a business designation used by Michael Scheibl as a sole proprietor. The designation does not indicate a registered partnership company, a partnership under German partnership law, or any legal participation of other persons, unless expressly stated otherwise.

3. Hosting, e-mail and own cloud at 1blu

This website and related services, including website hosting, e-mail mailboxes and, where applicable, own cloud or storage solutions, are provided via 1blu or the contractually involved 1blu company.

According to publicly available provider information, this may in particular be 1blu GmbH, Riedemannweg 60, 13627 Berlin, Germany. The specific contractual partner designation results from the respective hosting or data processing agreement.

When the website is accessed, server log data may be processed automatically. This may include in particular:

  • IP address,
  • date and time of access,
  • page or file accessed,
  • referrer URL,
  • browser type, browser version and operating system,
  • device information, insofar as transmitted by the browser.

The purpose of processing is the technical provision of the website, stability, security, error analysis and prevention of misuse.

The legal basis is Art. 6(1)(f) GDPR. The legitimate interest lies in the secure and stable operation of the website.

Server log data is stored only for as long as necessary for security, error analysis and operation and is then deleted or anonymized, unless statutory or legitimate retention grounds prevent this.

Own cloud and document storage

Own cloud, web-hosting or storage solutions within the hosting environment used may be employed for the storage, organization and processing of business documents.

In particular, contact inquiries, communication content, advertising inquiries, advertising materials, cooperation information, product and license information, ticket and support information, drafts, images, logos, texts, invoice and contract information as well as other content provided in the course of business communication may be processed.

Where this cloud or storage solution is operated within the hosting environment of 1blu, the technical processing takes place within the framework of the hosting and data processing relationship with the hosting provider.

The purposes of processing are the organization, handling and documentation of business communication, advertising, product, support, license or cooperation initiation, project organization, traceability and legal documentation interests.

The legal basis is Art. 6(1)(b) GDPR where processing serves the initiation or performance of a contractual relationship, as well as Art. 6(1)(f) GDPR based on the legitimate interest in the structured and secure organization of business documents.

4. Own technical system, service, license, ticket, download and API infrastructure

For certain technical, organizational or product-related functions, the operator may use its own technical system, service, e-mail, cloud, ticket, license, download or API infrastructure. This infrastructure may also be used for several projects, websites, products or business designations of the operator.

This may in particular include the operator’s own system domains and technical services, for example license, ticket or API systems under sigruppe.com or other project-related system domains of the operator.

Depending on the project, inquiry or technical process, the following data in particular may be processed:

  • contact and communication data,
  • organization, project, advertising, support, newsletter, product, license or cooperation information,
  • e-mail content and e-mail metadata,
  • technical access data such as IP address, date and time, browser, device or system information,
  • product, version, build, download, activation, update or license status information, insofar as a software or product context is involved,
  • ticket, support, error, feedback, documentation or activation information, insofar as such functions are used,
  • affiliate, advertising, click, campaign, advertisement, newsletter or tracking information, insofar as technically used and legally permissible,
  • protocol data for security, error analysis, traceability and prevention of misuse.

The purposes of processing are central communication, handling and allocation of inquiries, documentation, advertising and cooperation initiation, advertisement management, newsletter management, tool, license, download, update, ticket and support management, error analysis, IT security, prevention of misuse and operation of the respective technical services.

The legal basis is Art. 6(1)(b) GDPR where processing is necessary for the initiation or performance of a contractual, advertising, cooperation, license, software, newsletter, support or service relationship. In addition, the legal basis is Art. 6(1)(f) GDPR based on the legitimate interest in efficient, structured and secure communication, technical administration, traceability, IT security and prevention of misuse. Where consent is required, the legal basis is Art. 6(1)(a) GDPR.

Where own system, service, cloud, ticket, license, download, newsletter or API infrastructure is operated within the hosting environment used, the technical processing takes place within the framework of the hosting and data processing relationship with the respective hosting provider. Where external service providers are used, this is done on the basis of corresponding contractual agreements, in particular, where required, on the basis of a data processing agreement pursuant to Art. 28 GDPR.

5. WordPress, theme and plugins

This website is operated using WordPress. WordPress themes and WordPress plugins may be used for presentation, security, performance, forms, e-mail delivery, analytics, consent management, spam protection, backups, caching, SEO, affiliate links, advertising banners, newsletters, downloads, license or ticket integrations, external content or other technical functions.

Depending on the function used, technical data, server log data, IP addresses, browser and device information, form content, cookie and consent information, security events, e-mail metadata, click data, referrer information, download information or campaign parameters may be processed.

The purposes of processing are operation, presentation, security, optimization, troubleshooting, spam and misuse prevention, performance, communication, technical administration, advertising financing, affiliate accounting, newsletter operation, download provision and delivery of external content.

The legal basis is Art. 6(1)(f) GDPR based on the legitimate interest in the secure, stable and efficient operation of the website as well as in economic refinancing through advertising and affiliate links. Where optional services, tracking, external content, newsletters, messengers or technologies requiring consent are used, processing takes place on the basis of Art. 6(1)(a) GDPR and, where applicable, Section 25(1) TDDDG.

Backup, security, SMTP, cache and CDN functions

Backup, security, SMTP, cache or CDN functions may be used for securing and technically administering the website.

Backup functions may contain copies of website data, including configuration data, form submissions, advertising inquiries, newsletter data, product data, download data, license or ticket information or other stored content, insofar as these are processed on the website.

Security functions may process IP addresses, login attempts, security events, technical access data or suspicious activities.

SMTP or e-mail plugins may be used for the technical transmission of form notifications, newsletter functions, system e-mails, license e-mails, ticket e-mails or other e-mail functions.

Cache or CDN functions may process technical access data, IP addresses and browser information in order to provide content more quickly and securely.

If external CDN or security providers are used, technical data may be transmitted to these providers. Where such a service is not technically required or uses technologies requiring consent, activation takes place only after consent has been given.

6. Cookies and consent management

This website uses cookies and/or similar technologies.

Some technologies are required for the technical operation of the website. Other technologies, in particular analytics, affiliate, advertising, external media, marketing, convenience, newsletter, messenger, download, license, ticket or external communication services, are used only where consent is required and has been given.

Consents can be managed via the cookie banner or the consent settings and withdrawn with effect for the future.

Legal bases:

  • technically required technologies: Art. 6(1)(f) GDPR and, where applicable, Section 25(2) TDDDG,
  • optional technologies, analytics, advertising, affiliate tracking, external media or external services: Art. 6(1)(a) GDPR and, where applicable, Section 25(1) TDDDG.

The consent management system used may store information about consents granted or withdrawn, in particular consent ID, time, selected categories, technical information and the status of consent. The purpose is to document and manage consents.

7. Web analytics with Matomo

This website may use Matomo for web analytics. Matomo may be used via a WordPress plugin and operated within the operator’s own hosting environment.

Matomo analytics is activated only after consent via the consent banner or the consent settings.

Matomo may process the following information in particular:

  • pages visited and length of stay,
  • referrer and navigation information,
  • device, browser and operating system information,
  • approximate location information based on anonymized or shortened IP addresses, insofar as technically available.

The purpose is reach measurement, optimization of the website and improvement of content quality.

The legal basis is Art. 6(1)(a) GDPR based on consent.

Matomo data is not sold and is not transmitted to advertising networks.

Consents can be withdrawn at any time via the cookie settings or the consent banner.

Matomo should be operated with IP anonymization enabled. If this is technically configured correctly, the following also applies: Matomo is configured with IP anonymization enabled. Without consent, no analytics tracking is activated.

8. Spam protection / Google reCAPTCHA or alternative spam protection solution

To protect forms against automated misuse, this website may use Google reCAPTCHA, a comparable external spam protection solution or a local spam protection solution.

If Google reCAPTCHA is activated, Google may process technical data, in particular IP address, device and browser information, interaction signals and further information required to assess whether a request originates from a human or from an automated system.

Google reCAPTCHA is loaded only after consent via the consent banner or the consent settings. Without consent to external services, form submission may not be possible.

The purpose is spam protection, prevention of misuse and website security.

The legal basis is Art. 6(1)(a) GDPR based on consent, where an external service requiring consent is used. In the case of purely local and technically required spam protection measures, processing may be based on Art. 6(1)(f) GDPR.

Google may process reCAPTCHA data in accordance with the applicable Google service and privacy terms. Processing outside the EU/EEA cannot be excluded depending on technical provision. Where required, transfers take place on the basis of appropriate safeguards, adequacy decisions, standard contractual clauses or other mechanisms under the GDPR.

If no consent to external services is given and the form is therefore not available, a brief non-confidential inquiry may be sent by e-mail.

If a local spam protection solution is used, for example a honeypot, server-side rate limiting, CSRF token or time-based spam check, technical information required for misuse prevention and form security may be processed.

9. Contact form, ticket, support, license and e-mail communication

If contact is made via the contact form, a ticket or feedback form, by e-mail or via other communication channels, the transmitted personal data is processed.

Depending on the information transmitted, this may include:

  • first name and last name,
  • organization, company, provider, brand or institution,
  • role or function, if provided,
  • e-mail address,
  • telephone number, if provided,
  • country or region,
  • type of inquiry, in particular general inquiry, advertising inquiry, advertisement inquiry, cooperation inquiry, affiliate inquiry, support inquiry, license or activation inquiry, bug report, feature request, refund request, documentation notice or other project inquiry,
  • product, tool, license, activation, build, version, system or error information, insofar as required for processing,
  • message content,
  • provided images, logos, texts, links, offer information, screenshots, log excerpts or other documents,
  • technical information required for form submission, ticket processing and spam protection.

The purposes of processing are:

  • responding to inquiries,
  • reviewing and processing advertising, advertisement, affiliate or cooperation inquiries,
  • creating, coordinating and publishing paid advertisements or sponsored content,
  • processing support, license, activation, ticket, bug, feature, refund or documentation inquiries,
  • communication with tool, software, AI, automation, platform, productivity or other business partners,
  • initiation or performance of pre-contractual or contractual communication,
  • security and prevention of misuse.

Legal bases:

  • Art. 6(1)(b) GDPR, insofar as the inquiry concerns pre-contractual measures or a possible contractual relationship,
  • Art. 6(1)(f) GDPR based on the legitimate interest in processing inquiries, advertising and cooperation inquiries, support, license management and prevention of misuse,
  • Art. 6(1)(a) GDPR, insofar as optional external services or newsletters are used on the basis of consent.

If no contractual relationship results from an inquiry, inquiry data is generally deleted within 90 days after completion of the communication, unless statutory retention obligations, legal claims or legitimate documentation interests require longer storage.

If a contractual relationship, advertisement, cooperation, purchase, license, support case or other business relationship arises, data may be stored for longer in accordance with contractual, tax and commercial-law retention obligations.

10. Newsletter by e-mail, Telegram and WhatsApp

This website may offer newsletters, updates, tool notices, product information, SmartTool ideas, offer ideas, advertising notices, affiliate offers, sponsored content or other information by e-mail, Telegram, WhatsApp or comparable communication channels.

Registration for a newsletter or communication channel is voluntary. Depending on the channel, the following data in particular may be processed:

  • e-mail address,
  • telephone number or messenger identifier,
  • name or profile name, insofar as provided or technically visible,
  • registration time, consent status and unsubscribe information,
  • communication content,
  • technical delivery, opening, click or interaction data, insofar as technically used and legally permissible.

The purpose of processing is the sending of newsletters, tool notices, product information, offer ideas, advertising notices, affiliate offers, sponsored content, project information and other voluntarily subscribed information.

The legal basis is Art. 6(1)(a) GDPR based on consent. Insofar as processing is necessary to document consent, prevent misuse or manage unsubscribe requests, Art. 6(1)(f) GDPR may additionally apply.

A newsletter can be unsubscribed from at any time with effect for the future. Depending on the channel, unsubscription may be carried out via an unsubscribe link, a reply message, a corresponding function of the messenger service or by contacting us.

When Telegram, WhatsApp or comparable messenger services are used, the respective provider processes personal data under its own responsibility. This may include in particular contact data, communication content, metadata, device information and usage data. The use of such channels is additionally subject to the privacy and terms of use of the respective provider.

No confidential, sensitive, legal, dispute-related, secrecy-relevant, product-critical or time-critical information should be transmitted via newsletter or messenger channels.

11. Affiliate links, advertising banners, sponsored content and external providers

This website may contain affiliate links, advertising banners, sponsored content, paid advertisements, paid placements, partner links and external offer links.

When users click on such links or advertising spaces, they may be redirected to external providers, for example to tool, software, AI, automation, productivity, shop, marketplace, comparison, payment, download or platform providers. This may include providers such as Digistore24, Amazon or other external providers.

Depending on the technical design, the following data in particular may be processed:

  • IP address,
  • date and time of the click,
  • referrer URL,
  • browser and device information,
  • affiliate, campaign, partner or tracking IDs,
  • information as to whether a click, redirect, download, purchase, registration, subscription or other conversion has taken place, insofar as the external provider or affiliate network provides such information.

The purposes of processing are the presentation and financing of the website, success measurement of affiliate links, accounting of commissions, prevention of misuse, campaign management and optimization of content.

The legal basis is Art. 6(1)(f) GDPR based on the legitimate interest in economic operation, refinancing, success measurement and optimization of the website. Where cookies, comparable technologies or tracking requiring consent are used, the legal basis is Art. 6(1)(a) GDPR and, where applicable, Section 25(1) TDDDG.

External providers process data under their own responsibility. Their processing is governed by the privacy information and terms of the respective external provider.

12. External sales, payment and support platforms

RIVANOX may provide or link to tools, digital products, software downloads, SmartTools, service packages or other offers through external sales, payment or support platforms.

The operator currently does not operate its own web shop on this website. Sales, payment processing, invoicing, order processes or digital delivery may take place through external sales and payment platforms, in particular through Digistore24 or comparable external providers.

In addition, this website may contain links, buttons or widgets from Ko-fi through which visitors can make voluntary contributions to support projects, development, maintenance, research or future initiatives.

If users use such platforms, the respective external provider processes personal data under its own responsibility. This may include in particular name, address, e-mail address, payment data, tax data, order data, license data, download data, invoice data, communication data, technical access data and, in the case of support platforms, contribution amount, transaction information and voluntarily provided messages.

In the case of voluntary support via Ko-fi, depending on the settings and use, limited information may be transmitted to the operator, in particular display name, e-mail address, contribution amount, transaction information and voluntarily provided messages. The operator does not receive or store complete payment data, in particular full credit card information.

Voluntary Ko-fi contributions do not constitute the purchase of software, licenses, subscriptions, memberships, support services or guaranteed benefits, unless expressly stated otherwise.

For purchase, payment, delivery, invoicing, withdrawal, refund, support, access, licensing, voluntary support and other contractual or payment processing, the terms and privacy information of the respective external provider may apply, provided that the purchase, delivery or support takes place through that provider.

13. Microsoft 365, Teams, OneDrive, SharePoint and cloud communication

For business communication, online meetings, scheduling, e-mail communication, document processing or project organization, Microsoft services may be used depending on the individual case, in particular Microsoft Teams, Outlook, OneDrive, SharePoint or comparable Microsoft 365 services.

The following data in particular may be processed:

  • name and contact details,
  • e-mail address,
  • organizational or company affiliation,
  • communication content,
  • meeting metadata,
  • technical data such as IP address, device and connection information,
  • shared documents or content, insofar as these are provided in the course of communication.

The purposes of processing are business communication, scheduling, conducting online meetings, processing documents, advertising, cooperation, product, support or project initiation, and documentation of business communication.

The legal basis is Art. 6(1)(b) GDPR where the communication serves the initiation or performance of a contractual relationship, as well as Art. 6(1)(f) GDPR based on the legitimate interest in efficient business communication, organization and collaboration.

Microsoft may process data as a processor or, depending on the service and processing context, under its own responsibility. Further information is provided in the applicable Microsoft privacy and contractual terms.

Where data is processed outside the EU/EEA, this is done on the basis of appropriate safeguards under the GDPR, in particular adequacy decisions, standard contractual clauses or other legally provided mechanisms.

14. Optional professional platforms and social media

If this website provides optional links to external professional platforms or social media and these are used, the respective provider processes personal data under its own responsibility.

The operator has only limited influence on data processing by such platforms. Please review the privacy notices of the respective provider before using such services.

The legal basis for the processing of messages received by the operator through such channels is Art. 6(1)(b) GDPR where pre-contractual communication is concerned, and Art. 6(1)(f) GDPR based on the legitimate interest in business communication and responding to inquiries.

The use of external platforms is voluntary and is subject to the terms and privacy information of the respective provider.

15. Fonts, maps, videos and external scripts

This website may use fonts, icons, maps, videos, embedded content, review widgets, offer widgets, affiliate widgets, support widgets, download widgets, ticket widgets, advertising banners or technical scripts. Such content may be integrated locally or loaded from external servers.

Where content is integrated locally, no personal data is transmitted to external providers solely by loading this content.

Where external content or scripts from third-party providers are loaded, technical data such as IP address, browser information, device information, time of access and referrer information may be transmitted to the respective provider.

This may in particular concern:

  • external web fonts or icon libraries,
  • map services such as Google Maps or OpenStreetMap-based services,
  • video embeddings such as YouTube or Vimeo,
  • review, offer, affiliate, support, download, ticket or advertising widgets,
  • external JavaScript or CDN resources,
  • other embedded third-party content.

Such external content is loaded only after consent, insofar as it is not technically required.

The legal basis is Art. 6(1)(a) GDPR and, where applicable, Section 25(1) TDDDG. For technically required locally operated functions, the legal basis is Art. 6(1)(f) GDPR.

16. Recipients or categories of recipients

Personal data may be transmitted, where necessary, to the following recipients or categories of recipients:

  • hosting, e-mail, cloud and storage providers, in particular 1blu,
  • WordPress, theme or plugin providers, insofar as technically required or activated,
  • the operator’s own technical system, service, license, ticket, download and API infrastructure,
  • IT service providers, insofar as this is required for operation, maintenance, security or troubleshooting,
  • providers of optional external services, insofar as these are activated with consent,
  • Microsoft or other cloud communication providers, insofar as these are used for communication, meetings or document processing,
  • newsletter, messenger or communication providers, where such channels are used,
  • affiliate networks, advertising partners, tool providers, software providers, payment providers, sales platforms, support platforms such as Ko-fi, shops, marketplaces or download providers, insofar as users use such links, widgets, downloads or offers,
  • legal, tax or other professional advisors, where required,
  • public authorities, where required by law,
  • other recipients only insofar as this is legally required or necessary to process the respective inquiry.

Personal data is not sold.

17. International data transfers

If third-party providers, such as Google services, Microsoft services, professional platforms, messenger services, affiliate networks, payment providers, sales platforms, support platforms such as Ko-fi, shops, marketplaces, CDN services or other external providers, process data outside the EU/EEA, international data transfers may take place.

Where required, such transfers are based on appropriate safeguards, adequacy decisions, standard contractual clauses or other mechanisms under the GDPR.

18. Rights of data subjects

Data subjects have the following rights in particular under the GDPR:

  • right of access pursuant to Art. 15 GDPR,
  • right to rectification pursuant to Art. 16 GDPR,
  • right to erasure pursuant to Art. 17 GDPR,
  • right to restriction of processing pursuant to Art. 18 GDPR,
  • right to data portability pursuant to Art. 20 GDPR,
  • right to object pursuant to Art. 21 GDPR.

Where processing is based on consent, consent may be withdrawn at any time with effect for the future pursuant to Art. 7 GDPR.

In addition, there is the right to lodge a complaint with a competent data protection supervisory authority.

Competent data protection supervisory authority

For the non-public sector in Bavaria, the competent authority is generally:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Germany
www.lda.bayern.de

19. Data security

The operator takes appropriate technical and organizational measures to protect personal data against loss, misuse, unauthorized access, alteration or disclosure.

No transmission via the Internet is completely secure. Absolute security can therefore not be guaranteed.

20. External links

This website may contain links to external websites. The operator has no influence on their content or privacy practices. Please review the privacy notices of the respective external websites.

21. Changes to this Privacy Policy

This Privacy Policy may be amended if legal requirements, technical changes, changes to the functionality of the website or services used make this necessary.

The currently valid version is available on this page.

We use necessary cookies and similar technologies to make this website work securely and reliably. With your consent, we also use optional services for statistics, external media, spam protection, affiliate and advertising measurement and, where applicable, download, payment, newsletter or communication functions. You can accept or reject. More information is available in the Privacy Policy.
Accept
Reject