General Data Protection Regulation

Below we announce our sub-processors and summarize the most important information about the GDPR in relation to your incert eCommerce systems and loyalty solutions.

On the safe side with incert

  • Server (sub-processor) in Germany
  • Contract for commissioned data processing in accordance with GDPR
  • Internal data protection officer
  • Data center certified according to: ISO 27001:2013 and “PCI DSS compliance”
  • Technical & organizational measures

Order for data processing

As a service provider of a SaaS solution (Software as a Service), it is not possible for us to agree customer-specific order data processing contracts. We therefore provide you with a legally valid and audited contract data processing agreement when you use our systems. This ready-made contract regulates and documents the data processing between you as the data controller and us as the data processor and serves as the legally prescribed basis for cooperation with incert.

Our subcontracted processors

dogado GmbH

Glashütter Str. 53
01309 Dresden
GERMANY

Hetzner Online GmbH

Industriestr. 25
91710 Gunzenhausen
GERMANY

etracker GmbH

Erste Brunnenstraße 1
20459 Hamburg
GERMANY

Brevo

Köpenicker Straße 126
10179 Berlin
GERMANY

For incert customers who use the “Lettershop” feature for the automated printing and dispatch of vouchers & tickets, the following sub-processor is also active:

G.A. Service GmbH

Siezenheimer Strasse 39
5020 Salzburg
AUSTRIA

For incert customers who use the loyalty system with “communication tool”, the following sub-processor is also active:

Amazon Web Services, Inc.

Burlington Plaza Burlington Rd
Dublin 4
IRELAND

Notification of your data protection officer

Please let us know directly in your new incert back-end who we may list as your company’s data protection officer.
In the new menu item“Contact details” you can decide for yourself who we contact in case of important questions or problems!

We will inform the data protection officer named by you by e-mail in the event of a change to the listed sub-processors or in the event of GDPR-relevant information regarding incert.

FAQs

General information on the GDPR

What is the EU GDPR?

The General Data Protection Regulation has governed the protection of personal data in the EU since May 25, 2018.

Who does the GDPR apply to?

For all organizations that process the personal data of EU citizens – including tourism businesses and their service providers.

What is personal data?

Any information relating to an identified or identifiable person – e.g. name, email or booking ID.

How does the regulation with incert work?

Via an audited standard contract for commissioned data processing (AVV), including documented TOMs. Hosting takes place in Germany, all sub-processors are listed transparently.

When will additional subprocessors be added?

Only if you activate additional functions such as the lettershop or the loyalty communication tool. IN this case you will be informed automatically.

TEst

Let’s get to know each other,
in just 15 minutes.

What can you expect with incert?

  • Personal advice that lasts
  • Brand-fit instead of standard
  • Industry expertise & know-how
  • Hands-on mentality & technology that simplifies

Let’s talk! Short, concrete, non-binding.

Arrange a consultation