Privacy Policy of Amber Light GmbH
Last Updated: 2024.11.26
At Amber Light ("we," "us," or "our"), we are committed to protecting your privacy and ensuring that your personal data is handled securely and responsibly. This Privacy Policy outlines how we collect, use, store, and disclose your personal data when you use our services, including our website, user dashboard, and any related applications (collectively, the "Services"). We operate worldwide and comply with global data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
1. Introduction
2. Definitions
3. Data Controller Contact Information
4. Information We Collect
4.1 Personal Data
4.2 Non-Personal Data
5. How We Collect Your Information
6. Legal Basis for Processing
7. How We Use Your Information
8. Cookies and Similar Technologies
8.1 Types of Cookies We Use
8.2 Managing Cookies
9. Data Sharing and Disclosure
10. International Data Transfers
11. Data Security Measures
12. Data Retention
13. Your Rights
14. Children's Privacy
15. Third-Party Links
16. Automated Decision-Making
17. Changes to This Privacy Policy
18. Contact Us
19. Supervisory Authority
20. Obligation to Provide Personal Data
21. Data Processing Agreements
22. Conclusion
1. Introduction
Amber Light provides data processing services such as render farms, remote desktop solutions, and cloud computing. We operate worldwide and are committed to complying with global data protection regulations, including the GDPR and the CCPA.
2. Definitions
- Personal Data: Any information relating to an identified or identifiable natural person.
- Processing: Any operation performed on personal data (e.g., collection, storage, use).
- Data Controller: The entity that determines the purposes and means of processing personal data.
- Data Processor: The entity that processes personal data on behalf of the Data Controller.
3. Data Controller Contact Information
Amber Light
Saalburgallee 39-41, 60385 Frankfurt am Main, Hessen, Germany
Email: legal@amber-light.de
Phone: +49 1523 7712306
EU Representative:
Mikhail Talalaevskiy, Saalburgallee 39-41, 60385 Frankfurt am Main, Hessen, Germany, reachable via +49 1523 7712306
4. Information We Collect
4.1 Personal Data
We may collect and process the following personal data:
- Contact Information: Name, email address, postal address, and phone number.
- Account Information: Username, password, and other credentials used to access our Services.
- Billing Information: Credit card details, billing addresses, and payment information processed via Stripe.
- Usage Data: Information about how you interact with our Services, including service orders, feedback, access times, and pages viewed.
- Geolocation Data: Country information for pricing and tax purposes.
- Marketing Preferences: Your choices regarding receiving marketing communications.
4.2 Non-Personal Data
- Technical Data: IP addresses, browser type, operating system, device information, and other technical details collected via cookies and similar technologies.
- Aggregated Data: Statistical or demographic data derived from personal data but not revealing your identity.
5. How We Collect Your Information
- Directly from You: When you create an account, place an order, fill out forms, or contact customer support.
- Automatically: Through cookies and tracking technologies like Google Analytics when you use our website or dashboard.
- Third-Party Platforms: Information from Teamhood and Jira regarding client interactions and support tickets.
- Public Sources: Information available publicly about your company or professional role.
6. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent (Art. 6 para. 1 lit. a GDPR): When you have given explicit consent for specific purposes, such as marketing communications.
- Contract Performance (Art. 6 para. 1 lit. b GDPR): Processing necessary to perform a contract with you or to take steps at your request before entering into a contract.
- Legal Obligation (Art. 6 para. 1 lit. c GDPR): Compliance with legal obligations, such as tax laws.
- Legitimate Interests (Art. 6 para. 1 lit. f GDPR): Processing necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests. This includes improving our Services and direct marketing.
- CCPA Compliance: For California residents, we process personal data in accordance with the CCPA requirements.
7. How We Use Your Information
We use your personal data for the following purposes:
- Service Provision: To provide, maintain, and improve our Services.
- Billing and Payments: To process transactions through Stripe.
- Customer Support: To respond to your inquiries, provide support, and troubleshoot issues.
- Marketing and Promotions: To send you promotional materials, updates, and special offers (with your consent).
- Service Improvement: To analyze usage data and feedback to improve our Services and develop new features.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
- Security: To protect against unauthorized access, fraud, and other illegal activities.
8. Cookies and Similar Technologies
8.1 Types of Cookies We Use
- Essential Cookies: Necessary for the functionality of our Services, such as user authentication and security.
- Analytics Cookies: Used to collect information about how users interact with our Services (e.g., Google Analytics).
- Marketing Cookies: Used to deliver personalized advertisements and track the effectiveness of our marketing campaigns.
- Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences.
8.2 Managing Cookies
You can manage your cookie preferences through:
- Cookie Consent Popup: Adjust your settings when you first visit our website.
- Browser Settings: Configure your browser to refuse cookies or alert you when cookies are being sent.
- Opt-Out Links: For specific third-party cookies, you can opt-out using the provided links (e.g., Google Analytics Opt-Out).
Note: Disabling cookies may affect the functionality and availability of certain features of our Services.
9. Data Sharing and Disclosure
We may share your personal data with:
- Service Providers: Third parties who perform services on our behalf, such as:
- Stripe: For payment processing.
- Teamhood and Jira: For project management and customer support.
- Google Analytics: For website analytics.
- Legal Obligations: Government authorities or legal entities when required by law or to protect our rights.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred.
Third-Party Processors:
We have Data Processing Agreements (DPAs) with all third-party processors to ensure they comply with data protection regulations.
Note: We do not sell or rent your personal data to third parties for marketing purposes.
10. International Data Transfers
As we operate globally, your personal data may be transferred to and processed in countries outside your jurisdiction, including countries that may not provide the same level of data protection as your home country.
Safeguards in Place:
- Standard Contractual Clauses (SCCs): We use SCCs approved by the European Commission to ensure adequate data protection.
- Data Protection Agreements: Contracts with third-party processors include data protection obligations.
- Encryption and Secure Protocols: We use SSL encryption for data in transit.
11. Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption: Secure transmission of data using SSL/TLS protocols.
- Access Controls: Restricted access to personal data to authorized personnel only.
- Data Storage Security: Regular security assessments and adherence to best practices.
- Third-Party Security: Ensuring our service providers have robust security measures in place.
12. Data Retention
We retain your personal data as follows:
- Personal Data: Retained indefinitely for marketing purposes unless you request deletion.
- Technical and Project Data: Deleted as soon as the client allows or when no longer necessary for the purposes for which it was collected.
- Compliance with Legal Obligations: Certain data may be retained to comply with legal requirements, resolve disputes, or enforce our agreements.
13. Your Rights
Under applicable data protection laws, you have the following rights regarding your personal data:
- Right to Access: Request confirmation of whether we process your personal data and access to that data.
- Right to Rectification: Request correction of inaccurate or incomplete personal data.
- Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data under certain conditions.
- Right to Restrict Processing: Request limiting the processing of your personal data under certain circumstances.
- Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object: Object to processing your personal data based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: Withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Exercising Your Rights:
- Contact Us: Send your request to legal@amber-light.de.
- Verification: We may need to verify your identity before processing your request.
- Response Time: We aim to respond to all legitimate requests within one month.
14. Children's Privacy
Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, please contact us at legal@amber-light.de to request deletion.
15. Third-Party Links
Our Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
16. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.
17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.
Notification of Changes:
- Significant Changes: We will notify you via email or through a prominent notice on our website.
- Continued Use: Your continued use of our Services after changes signifies your acceptance of the updated policy.
18. Contact Us
For questions or concerns about this Privacy Policy or our data practices, please contact us at:
- Email: legal@amber-light.de
- Phone: +49 1523 7712306
- Postal Address:
Amber Light GmbH
Saalburgallee 39-41,
60385 Frankfurt am Main,
Hessen, Germany
19. Supervisory Authority
If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority in your country of residence.
20. Obligation to Provide Personal Data
Providing your personal data is necessary to:
- Enter into a Contract: We require certain personal data to provide our Services to you.
- Legal Obligations: Comply with legal and regulatory requirements.
Consequences of Not Providing Data:
- Failure to provide necessary personal data may result in our inability to offer you certain Services.
21. Data Processing Agreements
We have Data Processing Agreements in place with all third-party processors, including:
- Stripe: For payment processing.
- Teamhood and Jira: For project management and customer support.
These agreements ensure that your personal data is processed in compliance with applicable data protection laws.
22. Conclusion
Your privacy is important to us at Amber Light. We are committed to being transparent about how we handle your personal data and to safeguarding your information.