Information, we collect
Most of the personal information we collect is provided directly by our users when they register and use our Services. Other data is collected by recording interactions with our Services.
Account and contact details: When you register on our website to use or download one of our products or subscribe to one of our services (parcel box service, ERP software, etc.) or fill out one of our contact forms, you voluntarily provide us with certain information. This typically includes your name, company name, email address and sometimes your telephone number, postal address (if an invoice or delivery is required), your industry and your interest in BookaBox and a personal password.
We never collect or store our customers' credit card information and always rely on trusted third-party PCI-DSS compliant payment processors for credit card processing, including for processing recurring payments.
Application details: When you apply for a job on our website or through an employment agency, we typically collect your contact information (name, email, phone) and any information you provide to us in your letter of introduction and CV. If we decide to send you a job offer, we will also ask you to provide additional personal information necessary to comply with our legal obligations and human resources management requirements.
We will not ask you to provide information that is not required for the recruitment process. In particular, we will never collect information about your racial or ethnic origin, political opinions, religious beliefs, trade union membership or your sexual life.
Browser data: When you visit our website and access our online services, we recognize and store your browser language and geolocation to tailor your experience to your country and language preference. Our servers also passively record a summary of the information sent by your browser for statistical, security and legal purposes: your IP address, time and date of your visit, your browser version and platform, and the web page that referred you to our website .
Your browser may also be used to store your current session data using a session cookie (see also Cookiesection for more details).
Form protection: Some forms on our website may be protected by Google reCAPTCHA. This technology relies on heuristics based on technical characteristics of your browser and device and may also use certain Google cookies. See also Google's privacy policy and terms of use in the section Drittanbieter-Dienste further down.
Customer databases: If you subscribe to a BookaBox service, any information or content you submit or upload to our database is your own and you have full control over it.
This data often includes personal information, for example: your employee list, your contacts and/or customers, your messages, images, videos, etc. We only ever collect this information on your behalf, and you always retain ownership and full control over this data.
How we protect your privacy
on bookabox.com and when you use our services
BookaBox.com and its affiliates offer many services to help you store your belongings, including a booking and inventory management platform. In providing these services, we collect information about you and your business. This data is not only essential to the operation of our Services, but is also critical to the security of our Services and all of our users.
This policy explains what information is collected, why it is collected and how we use it.
How we use this information
Account and contact details: We use your contact information to provide our services, respond to your inquiries, and for billing and account management purposes. We may also use this information for marketing and communications purposes (our marketing communications always provide you with the opportunity to unsubscribe at any time). We also use this data in aggregated/anonymized form to analyze service trends.
If you have registered to attend an event posted on our website, we may share your name, email address, telephone number and company name with our local event organizer and sponsors for both direct marketing purposes and to facilitate the event Pass on event Preparation and booking for the event.
For this purpose, if you have expressed an interest in using BookaBox.com or otherwise requested to be contacted by a BookaBox service provider, we may also provide your name, email address, telephone number and company name to one of our official Share BookaBox partners in your country or region to contact you to offer your local support and services.
Application data: We only process this information for our recruitment process, to assess and track your application, and in the course of preparing your contract if we decide to send you a job offer. You can contact us at any time to request deletion of your data.
Browser data: This automatically collected data is evaluated anonymously to maintain and improve our services. Google reCAPTCHA may also be used for security purposes to prevent misuse of our services. In this case, we only process the anonymous score that reCAPTCHA determines based on your browser and device.
We will only associate this information with your personal information if required to do so by law or for security reasons if you have violated our Acceptable Use Policy.
Customer database: We collect and process this data only on your behalf to carry out the services you have subscribed to and based on the express instructions you provided when registering or configuring your service and our BookaBox database. Our help desk staff and technicians may access this information on a limited and appropriate basis to resolve problems with our Services, or in response to your express request for support purposes or as required by law, or to maintain the security of our Services Violation of our Acceptable Policy Use to keep our services secure.
Access, update or delete your personal information
Account and Contact Information: You have the right to access and update personal information that you have previously provided to us. You can do this at any time by logging into your personal account bookabox.com connects. If you would like to permanently delete your account or personal information for legitimate reasons, please contact our help desk to request this. We will take all reasonable steps to permanently delete your personal data, unless we are legally required to retain it (typically for administration, billing and tax reporting purposes).
Application Data: You can contact us at any time to request access, updates or deletion of your application data. The easiest way is to reply to the last message you exchanged with our HR staff.
Customer database: You can view all the data contained in your bookabox.com collected from customer locations at any time using your administrator credentials, including changing or deleting any personal information stored therein. You can export a complete backup of your database at any time via our control panel to transfer it or manage your own backups/archives. You are responsible for processing this data in compliance with all data protection regulations. You can also request that all of your data be deleted at any time via your control panel in the HelpDesk.
Security
We understand how important and sensitive your personal data is and take numerous measures to ensure that this information is processed, stored securely and protected from data loss and unauthorized access. Our technical, administrative and organizational security measures are in our Sicherheitsrichtlinie described in detail.
Third party service providers/sub-processors
To support our operations, we rely on several service providers. They help us with various services such as payment processing, web audience analysis, cloud hosting, marketing and communication, etc.
Whenever we share data with these service providers, we ensure that they use it in accordance with data protection laws and that the processing they carry out for us is limited to our specific purpose and covered by a specific data processing agreement.
Below you will find a list of the service providers we currently use, why we use them and what type of data we share with them.
In-App Purchases (IAP): The list of third parties for each IAP service is available on the IAP Privacy Policy page. These third parties process data for BookaBox.com the controller or processor is on behalf of BookaBox.com.
A. Subprocessors
Important: Due to the wide variability in resources and services provided by these sub-processors, Odoo customers cannot choose the sub-processor used to process their data. However, you can choose your main hosting region (see Data Location section).
|
Subprocessors
|
Zweck |
Shared data |
|
Datenschutz und Sicherheit of OVHCloud SAS |
Infrastructure and hosting from bookabox.com (Production + Backups), BookaBox SaaS (Production + Backups), DDOS Protection. |
Currently hosted by OVHCloud : production data from https://bookabox.com/ and its associated services, including customer databases, which are currently being updated; Backup data for all BookaBox cloud services. Data Center Certifications: ISO 27001, SOC 1 TYP II, SOC 2 TYP II, PCI-DSS, CISPE, SecNumCloud, CSA STAR . |
|
Datenschutz und Sicherheit of Google Cloud EMEA Ltd |
bookabox.com infrastructure and hosting (production + backups), DDOS protection. |
Currently hosted by Google : production data from https://bookabox.com/ and its associated services, customer databases, including customer databases currently being updated; Backup data for all BookaBox cloud services. Data Center Certifications: ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC3, PCI-DSS, HIPAA, CISPE, CSA STAR . |
|
FullStory Security & Privacy GDPR Info Cookie Policy |
Temporary free trial recordings for users who agree to the UX improvement program. |
Shared with FullStory: Video-like recording of your screen during the first 2 hours of your free trial session + FullStory cookie. |
B. Processors and those responsible for service providers
These third parties process data for which Odoo is a controller as processors on behalf of Odoo or they receive such data as controllers for the specific purpose of providing the services for which they have been engaged.
|
Payment processing on bookabox.com |
Shared with Paypal : Order details (amount, description, reference), customer name and email. |
|
|
Ingenico Payment Services |
Payment processing on bookabox.com |
Shared with Ingenico: Order details (quantity, description, reference), customer name and email. |
|
Payment processing on bookabox.com |
Shared with Stripe: Order details (amount, description, reference), customer name and email. |
|
|
Payment processing on bookabox.com |
Shared with Twikey : Order details (amount, description, reference), customer name and email. |
|
|
OneSignal- |
Push notifications in the browser for visitors to Odoo.com. |
Shared with OneSignal: Non-personal browsing data, geolocation information, language (non-identifiable information). |
|
Datenschutz und Sicherheit von Google Analytics |
Anonymous website audience analysis. |
Shared with Google Analytics: Non-personal browsing data, anonymized IP, geolocation information, language (non-identifiable information). |
|
Datenschutz und Sicherheit von Google reCAPTCHA |
Form protection |
Used by Google reCAPTCHA: browser and device characteristics, Google cookies. |
|
Acuity Scheduling |
Planning of Demo/Meeting on bookabox.com. |
Shared with Acuity: All personal information entered by the user in the scheduling form: name and contact information, reason for request, etc. |
|
Clearbit |
Obtaining business information for prospecting purposes. |
Retrieved from Clearbit for EU company visitors: name, industry, estimated size, estimated revenue, website, social media and general contact information. |
|
CloudFlare - Sicherheits- und Datenschutz -Cookie Policy |
Distributed caching of static resources and images from bookabox.com. |
Used by CloudFlare: Browser and device properties, CloudFlare cookies. |
| GoDaddy - Sicherheits- und Datenschutz -Cookie Policy | Domainhosting | Used by GoDaddy : Browser and device properties, GoDaddy cookies. |
| Odoo.com | Database hosting, ERP system | Currently hosted by https://odoo.com/ : Production data from https://bookabox.com/ and its associated services, including customer databases, which are currently being updated; Backup data for all BookaBox cloud services. Data Center Certifications: ISO 27001, SOC 1 TYP II, SOC 2 TYP II, PCI-DSS, CISPE, SecNumCloud, CSA STAR . |
Data retention
Account and Contact Data: We will only retain this data for as long as is necessary for the purpose for which it was collected as set out in this Policy, including any statutory retention periods, or for as long as is necessary to carry out legitimate and appropriate marketing our products and services.
Job Application Data: If we do not hire you, we may retain the information you provided for up to 3 years to contact you again about new job opportunities, unless you ask us not to. If we employ you, your personal data will be retained for the duration of your employment contract with us and thereafter for the applicable legal retention period applicable in the country in which we employed you.
Browsing data: We may retain this data for a maximum of 12 months, unless we need to retain it in connection with a legitimate concern related to the security or performance of our Services, or as required by law. All server-side session information is only stored for 3 months if actively used, otherwise it is discarded after 7 days.
Customer database: We only retain this data for as long as necessary to provide you with the services you have subscribed to. For databases hosted on the BookaBox Cloud, if you cancel the service, your database will be kept disabled for 3 weeks (the grace period during which you could change your mind) and then destroyed.
Security retention period: As part of our security policy, we always try to protect your data from accidental or malicious deletion. As a result, after we delete your personal information (account and contact information) from our database at your request, or after you delete personal information from your database (customer database), or if we do not delete your entire database immediately from our backup systems deleted, which are secured and immutable. The personal data may remain stored in these backups for up to 12 months until they are automatically destroyed.
We agree not to use these backup copies of the deleted data for any purpose other than to maintain the integrity of our backups, unless you or the law requires it.
Physical Data Location / Data Transfers
Hosting Services: Hosting Locations: Customer databases are hosted in the Odoo Cloud region closest to their location and can request a region change (subject to availability):
America (Canada, United States)
Asia (Singapore, Taiwan)
Europe (France, Belgium)
Backup Locations: Backups are replicated across multiple continents to meet our disaster recovery objectives and are located in the following countries, regardless of the original hosting region:
Canada + France + Belgium
Note: It is not possible to select or limit the backup locations, backups are replicated to all locations. Hosting data only within the EU is not supported.
For more details about our hosting services, see our Cloud Hosting SLA.
BookaBox database upgrade locations: Customer databases are upgraded at their current hosting locations (see above) or on an upgrade server in France or Belgium
For customers with concerns about EU data protection regulations, countries with a mark in the above lists are in the EU or are currently subject to an adequacy decision by EU authorities.
Third Party Disclosure
Except as expressly stated above, we do not sell, trade or otherwise transfer your personal information to third parties. We may share or disclose aggregated or anonymized information for research purposes or to discuss trends or statistics with third parties.
Cookies
Cookies are small pieces of text that are sent from our servers to your computer or device when you access our Services. They are stored in your browser and later sent back to our servers so that we can provide contextual content. Without cookies, using the Internet would be a much more frustrating experience. We use them to support your activities on our website, such as your session (so you don't have to log in again) or your shopping cart.
Cookies are also used to help us understand your preferences based on previous or current activity on our website (the pages you visit), your language and your country, which allows us to provide you with improved services. We also use cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
We also use third-party services such as Google Analytics, which set and use their own cookies to identify visitors and provide their own contextual services. For more information about these third parties and their cookie policy, please see the relevant references in the “
Drittanbieter Here is an overview of the cookies that may be stored on your device when you visit our website:
|
Cookie category
|
Purpose
|
Example |
|
Session & Security |
Authenticate users, protect user data and enable the website to provide the services users expect, such as: B. maintaining the contents of your shopping cart or allowing file uploads. The website will not function properly if you reject or discard these cookies. |
session_id (Odoo) |
|
Preferences |
Remember information about how you prefer the website to look or behave, such as: B. Your preferred language or region. Your experience may be affected if you reject these cookies, but the website will continue to function. |
frontend_lang (Odoo) |
|
Interaction History |
Used to collect information about your interactions with the website, the pages you visit, and specific marketing campaigns that brought you to the website. We may not be able to provide you with the best service if you reject these cookies, but the website will function. |
in_livechat_previous_ |
|
Advertising & Marketing |
Used to make advertising more engaging to users and more valuable to publishers and advertisers, such as providing more relevant ads when you visit other websites that display ads or to improve reporting on ad campaign performance. Note that some third-party services may install additional cookies on your browser in order to identify you. You may opt-out of a third-party's use of cookies by visiting the Network Advertising Initiative opt-out page. The website will still work if you reject or discard those cookies. |
__gads (Google) |
You can choose to have your computer warn you each time a cookie is being sent, or to turn off all cookies. Every browser is a little different. Therefore, take a look at your browser's help menu to learn how to correctly change your cookies. We do not currently support Do Not Track signals as there is no industry standard for compliance.
Policy update
We may update this privacy policy from time to time to clarify it, reflect changes to our website or comply with legal obligations. The “Last Updated” mention at the top of the Policy indicates the last revision, which is also the effective date of those changes. We will provide you with access to archived versions of this Policy so you can review any changes.
Contact us
If you have any questions about this Privacy Policy or your personal information, please contact BookaBox Helpdesk or contact us by email at datenschutz@bookabox.com or contact us by post BookaBox Service GmbH - privacy / An der Meisenburg 22 45133 Essen
