Privacy Policy of LoopID DPP Scanner and *.loopid.com

This Application and the website *.loopid.com collect some Personal Data from their Users.

This document contains a section dedicated to Users in the United States and their privacy rights.
This document contains a section dedicated to Users in Switzerland and their privacy rights.

This document can be printed for reference by using the print command in the settings of any browser.

Policy Summary

Personal Data processed for the following purposes and using the following services:

  • Analytics
    • MixPanel
    • Aptabase
  • Heat Mapping and Session Recording
    • PostHog session replay
  • Hosting and Database Services
    • Microsoft Azure
    • Stardog Database

Transfer to third parties
We transmit the questions and responses generated by OpenAI LLM OpenAI Model around the products.

Owner and Data Controller

LoopID GmbH
Jaiserstraße 40, 82049 Pullach im Isartal

Owner contact email: info@loopid.com

Full Policy

1. Owner and Data Controller

LoopID GmbH
Jaiserstraße 40, 82049 Pullach im Isartal

Owner contact email: info@loopid.com

2. Scope

This privacy policy applies to the LoopID DPP Scanner Application and to all websites under the domain *.loopid.com.

3. Types of Data Collected

Among the types of Personal Data that this Application collects, either directly or through third parties, are:

  • Trackers
  • Usage Data
  • Country information

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to Data collection.
Personal Data may be freely provided by the User, or— in the case of Usage Data—collected automatically when using this Application.Unless specified otherwise, all Data requested by this Application is mandatory. Failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies—or of other tracking tools—by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.Users are responsible for any third-party Personal Data obtained, published or shared through this Application.

4. Mode and Place of Processing the Data

Methods of Processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT-enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases the Data may be accessible to certain types of persons in charge of the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. An updated list of these parties may be requested from the Owner at any time.

Place

The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. For more details on the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

Retention Time

Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose for which they have been collected and may be retained longer due to applicable legal obligations or based on the Users’ consent.

5. The Purposes of Processing

The Data concerning the User is collected to allow the Owner to:

  • Provide its Service.
  • Comply with its legal obligations.
  • Respond to enforcement requests.
  • Protect its rights and interests (or those of its Users or third parties).
  • Detect any malicious or fraudulent activity.

Additionally, the Data is processed for the following purposes:

  • Analytics
  • Heat Mapping and Session Recording
  • Hosting and Database Management

For specific information about the Personal Data used for each purpose, please refer to the section “Detailed information on the processing of Personal Data” below.

6. Detailed Information on the Processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

A. Analytics

  1. MixPanel (MixPanel, Inc.)
    MixPanel is an analytics service provided by Mixpanel Inc.
    • Personal Data processed: Trackers; Usage Data
    • Place of processing: European Union – Privacy Policy
    • Category of Personal Information collected according to the CCPA: Internet or other electronic network activity information
  2. Aptabase (Aptabase Inc.)
    Aptabase is an analytics service provided by Aptabase Inc.
    • Personal Data processed: Trackers; Usage Data
    • Place of processing: Depending on your location, data may be processed in the United States or other jurisdictions. Please refer to Aptabase’s Privacy Policy. for more details.
    • Category of Personal Information collected according to the CCPA: Internet or other electronic network activity information

B. Heat Mapping and Session Recording

  1. PostHog Session Replay (PostHog, Inc.)
    PostHog session replay is a session recording service provided by PostHog, Inc.
    • Personal Data processed: Country information
    • Place of processing: Germany –  Privacy Policy.
    • Category of Personal Information collected according to the CCPA: Identifiers

C. Hosting and Database Services

  1. Microsoft Azure (Microsoft Corporation)
    Microsoft Azure is a cloud hosting service provided by Microsoft Corporation, used to host and manage data and application infrastructure.
    • Personal Data processed: Usage Data; System logs; Other data necessary for hosting, infrastructure management, and service performance
    • Place of processing: Data may be processed in various regions globally. Please refer to Microsoft Azure’s Privacy Policy for details.
  2. Stardog Database (Stardog, Inc.)
    Stardog Database is a data management service provided by Stardog, Inc. used for storing, managing, and querying data for the Application.
    • Personal Data processed: Data stored in our database, including Trackers; Usage Data; and related information
    • Place of processing: Data may be processed in various regions globally. Please refer to Stardog’s Privacy Policy for further details.

7. Cookie Policy

This Application uses Trackers. For more information, Users may consult the Cookie Policy.

8. Further Information for Users

Legal Basis of Processing

The Owner may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes.
  • Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof.
  • Processing is necessary for compliance with a legal obligation to which the Owner is subject.
  • Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner.
  • Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will gladly help clarify the specific legal basis that applies to the processing and, in particular, whether the provision of Personal Data is a statutory or contractual requirement or a requirement necessary to enter into a contract.Retention Time – Further Details

  • For contractual purposes: Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • For legitimate interests: Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Specific information regarding these legitimate interests can be found in the relevant sections of this document or by contacting the Owner.
  • Upon consent: The Owner may retain Personal Data for longer if the User has given consent, provided that consent is not later withdrawn.
  • For legal obligations: The Owner may be obliged to retain Personal Data for a longer period when required by law or upon the order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification, and the right to data portability cannot be enforced after expiration of the retention period.

9. The Rights of Users Based on the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding their Data processed by the Owner. In particular, to the extent permitted by law, Users have the right to:

  • Withdraw their consent at any time.
  • Object to processing of their Data if the processing is carried out on a legal basis other than consent.
  • Access their Data to know if Data is being processed by the Owner, obtain disclosure regarding aspects of the processing, and receive a copy of the Data undergoing processing.
  • Verify and seek rectification of inaccurate Data.
  • Restrict processing of their Data. In this case, the Owner will only store the Data.
  • Obtain deletion or removal of their Data.
  • Receive and have their Data transferred to another controller in a structured, commonly used, and machine-readable format.
  • Lodge a complaint with the relevant data protection authority.

Users are also entitled to learn about the legal basis for Data transfers abroad (including to any international organization governed by public international law or set up by two or more countries, such as the UN) and about the security measures taken by the Owner to safeguard their Data.How to Exercise These RightsAny requests to exercise these rights should be directed to the Owner using the contact details provided in this document. Such requests are free of charge and will be answered as early as possible, but always within one month. Any rectification or erasure of Personal Data or restriction of processing will be communicated by the Owner to each recipient, if any, to whom the Personal Data has been disclosed (unless this proves impossible or involves disproportionate effort). Upon request, the Owner will also inform the User about those recipients.

10. Further Information for Users in Switzerland

This section applies to Users in Switzerland and, for such Users, supersedes any other possibly divergent or conflicting information contained in the privacy policy.

Users in Switzerland have the following rights regarding their Data:

  • The right of access to Personal Data.
  • The right to object to the processing of their Personal Data (including restricting processing, deletion, or specific disclosures).
  • The right to receive their Personal Data and have it transferred to another controller (data portability).
  • The right to request correction of incorrect Personal Data.

To exercise these rights, Users in Switzerland should contact the Owner using the contact details provided in this document. Requests will be answered as early as possible and without charge.

11. Further Information for Users in the United States

This part of the document supplements the rest of the privacy policy and is provided by the business running this Application and, where applicable, its parent, subsidiaries, and affiliates (collectively referred to as “we”, “us”, or “our”). The information contained in this section applies to all Users who are residents of the following states:
California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Nevada, Delaware, Iowa, New Hampshire, New Jersey, Nebraska, and Montana.

For these Users, this section supersedes any other possibly divergent or conflicting provisions contained in the privacy policy. This part of the document uses the term “Personal Information.”

Notice at Collection

The following notice provides timely information about the categories of Personal Information collected or disclosed in the past 12 months so that you can exercise meaningful control over our use of that Information.

  • Internet or other electronic network activity information
    • Collected or disclosed Personal Information: Trackers, Usage Data
    • Purpose: Analytics
    • Retention period: For the time necessary to fulfill the purpose
    • Sold or Shared: No
    • Targeted Advertising: No
    • Third-parties: MixPanel, Inc.; Aptabase Inc.
  • Identifiers
    • Collected or disclosed Personal Information: Country
    • Purpose: Heat mapping and session recording
    • Retention period: For the time necessary to fulfill the purpose
    • Sold or Shared: No
    • Targeted Advertising: No
    • Third-parties: PostHog, Inc.

For further definitions, please refer to the “Definitions and Legal References” section below.To learn more about your rights, please refer to the “Your Privacy Rights Under US State Laws” section of this privacy policy.We will not process your Personal Information for unexpected purposes or for purposes that are not reasonably necessary and compatible with those originally disclosed, without your consent.Sources of Personal InformationWe collect the above-mentioned categories of Personal Information either directly or indirectly from you when you use this Application.
For example, you may provide Personal Information directly when submitting requests via any forms on this Application, or indirectly when navigating the Application as Personal Information is automatically collected. We may also collect your Personal Information from third parties that work with us in connection with the Service or the functioning of this Application.Your Privacy Rights Under US State LawsYou may exercise certain rights regarding your Personal Information. In particular, to the extent permitted by applicable law, you have:

  • The Right to Access Personal Information: Request confirmation of whether we are processing your Personal Information and, if so, obtain a copy.
  • The Right to Correct Inaccurate Personal Information: Request correction of any inaccurate Personal Information we maintain about you.
  • The Right to Request Deletion: Request that we delete any of your Personal Information.
  • The Right to Obtain a Copy: Receive your Personal Information in a portable and usable format.
  • The Right to Opt Out of the Sale of Personal Information: We will not discriminate against you for exercising your privacy rights.
  • The Right to Non-Discrimination: Ensure that you are not treated unfairly for exercising your privacy rights.

Additional rights may be available for Users residing in specific states. Please refer to the detailed sections above for more information.Exercising Your RightsTo exercise any of the above rights, please contact us using the contact information provided above. We may require you to verify your identity before processing your request. We do not charge a fee to process or respond to your request unless the request is manifestly unfounded or excessive, in which case a reasonable fee may be charged.For additional instructions on opting out (for example, via Global Privacy Controls), please use the privacy choices link provided on this Application.

12. Additional Information About Data Collection and Processing

Legal Action

The User's Personal Data may be used for legal purposes by the Owner in court or in the stages leading to possible legal action arising from improper use of this Application or its related Services. The User acknowledges that the Owner may be required to reveal Personal Data upon request by public authorities.

Additional Information About Personal Data

In addition to the information contained in this privacy policy, the Application may provide additional contextual information concerning particular Services or the collection and processing of Personal Data upon request.

System Logs and Maintenance

For operation and maintenance purposes, this Application and any third-party services may collect files that record interactions with the Application (system logs) or use other Personal Data (such as IP addresses) for maintenance purposes.

Information Not Contained in This Policy

More details concerning the collection or processing of Personal Data may be requested from the Owner at any time using the contact information provided at the beginning of this document.

13. Changes to This Privacy Policy

The Owner reserves the right to change this privacy policy at any time by notifying Users on this page, within the Application, and/or—where technically and legally feasible—via any contact information available to the Owner. We strongly recommend that you check this page often and refer to the date of the last modification listed below.

Should changes affect processing activities performed on the basis of your consent, the Owner will collect new consent from you where required.

14. Definitions and Legal References

  • Personal Data (or Data) / Personal Information (or Information):
    Any information that directly, indirectly, or in connection with other information—including a personal identification number—allows for the identification or identifiability of a natural person.
  • Sensitive Personal Information:
    Any Personal Information that is not publicly available and reveals information considered sensitive under applicable privacy laws.
  • Usage Data:
    Information collected automatically through this Application (or third-party services employed in this Application), which may include IP addresses, domain names, Uniform Resource Identifiers (URI), the time of requests, methods utilized, file sizes, server response codes, country of origin, browser features, operating system details, visit durations, navigation paths, and other related parameters.
  • User:
    The individual using this Application, who—unless otherwise specified—coincides with the Data Subject.
  • Data Subject:
    The natural person to whom the Personal Data refers.
  • Data Processor (or Processor):
    A natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller.
  • Data Controller (or Owner):
    The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing Personal Data, including security measures regarding the operation and use of this Application. Unless otherwise specified, the Data Controller is the Owner of this Application.
  • This Application:
    The means by which Personal Data is collected and processed.
  • Service:
    The service provided by this Application as described in the relevant terms (if available) and on this site/application.
  • Sale:
    Any exchange of Personal Information by the Owner to a third party for monetary or other valuable consideration as defined by applicable US state law. (Note that the exchange of Personal Information with a service provider under a written contract that meets applicable legal requirements does not constitute a Sale.)
  • Sharing:
    Any sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a consumer's Personal Information to a third party for cross-context behavioral advertising, whether for monetary or other valuable consideration. (Note that such sharing pursuant to a written contract that complies with applicable California privacy laws does not constitute Sharing.)
  • Targeted Advertising:
    Displaying advertisements to a consumer where the ad is selected based on Personal Information obtained from the consumer’s activities over time and across nonaffiliated websites or online applications to predict their preferences or interests, as defined by applicable US state law.
  • European Union (or EU):
    Unless otherwise specified, all references made within this document to the European Union include all current member states of the European Union and the European Economic Area.
  • Cookie:
    Trackers consisting of small sets of data stored in the User’s browser.
  • Tracker:
    Any technology (e.g., cookies, unique identifiers, web beacons, embedded scripts, e-tags, fingerprinting) that enables the tracking of Users, for example by accessing or storing information on the User’s device.
  • Legal Information:
    This privacy statement has been prepared based on the provisions of multiple legislations.

This privacy policy relates solely to this Application and the website *.loopid.com, unless stated otherwise within this document.

Latest Update: February 06, 2025

This document was created with the iubenda Privacy and Cookie Policy Generator. For more details, please see the Terms and Conditions Generator. iubenda hosts this content and only collects the Personal Data strictly necessary for it to be provided.

Pages
Home
Contact us
Impressum
Designed in Munich, build in Europe, deployed worldwide.
© 2025 LoopID. All rights reserved.