General Data Protection Regulation

Below we disclose our subcontractors and summarise the most important information about the GDPR in relation to your incert e-commerce systems and loyalty solutions.

On the safe side with incert

  • Server (subcontractor) in Germany
  • Contract for commissioned according to DSGVO 
  • Internal data protection officer
  • Data centre certified according to: ISO 27001:2013 and "PCI DSS compliance" 
  • Technical & organisational measures

Data processing order

For us as a service provider of a SaaS solution (Software as a Service), it is not possible to agree on customer-specific commissioned data processing contracts. We therefore provide a legally valid and audited commissioned data processing contract on our part when you use our systems. This ready-made contract regulates and documents the data processing between you as the data controller and us as the data processor and serves as the legally prescribed basis for the cooperation with incert.

our sub contractor Logo

dogado GmbH

Glashütter Str. 53
01309 Dresden

Hetzner Online GmbH

Industriestr. 25
91710 Gunzenhause

etracker Logo

etracker GmbH

Erste Brunnenstraße 1
20459 Hamburg

Brevo Logo


Köpenicker Straße 126
10179 Berlin

For incert customers who use the "Lettershop" feature for the automated printing and dispatch of vouchers & tickets, the following sub-processor is also active:

G.A. Service GmbH

Siezenheimer Straße 39
5020 Salzburg

For incert customers who use the loyalty system with the "communication tool", in addition to the above the following sub contractor is active:

Amazon Web Services, Inc.

Burlington Plaza Burlington Rd
Dublin 4

Notification of your data protection officer

Please let us know directly in your new incert back-end who we may list as your company's data protection officer.
In the new menu item "Contact data" you can decide yourself who we contact in case of important questions or problems!

We will inform the data protection officer named by you by e-mail in the event of a change to the listed sub-processors or in the event of DSGVO-relevant information regarding incert.


General information on the GDPR

The EU General Data Protection Regulation (GDPR) is a European Union regulation that harmonises the rules on the processing of personal data by private companies and public bodies throughout the EU. On the one hand, this is intended to ensure the protection of personal data within the European Union and, on the other hand, to guarantee the free movement of data within the European Single Market.

The EU General Data Protection Regulation applies in all EU Member States since 25 May 2018.


The EU General Data Protection Regulation applies to all individuals and companies that process personal data. Processed in this sense means the transmission, storage or handling of personal data.

Personal data are all data that determine or make determinable a natural person. The name, date of birth and address are therefore all personal data that determine a person and their privacy. According to a court ruling, the IP address is also personal data. Although it does not directly determine a person, the person can be determined by comparing it with the data of the internet provider. The IP address XYZ can therefore be assigned to a specific person. To ensure that privacy is not restricted, personal data enjoys special protection. This protection of privacy and personal data is defined by the Basic Data Protection Regulation.

We offer our customers a contract for commissioned data processing that has been drawn up and complies with the law. This also forms the basis for the use of our SaaS solution (Software as a Service) and services. Please understand that we cannot review and agree on customer-specific data processing contracts.

If you have any questions regarding the processing of your personal data, please contact our data protection officer. You can contact him as follows:

Leonfeldner Straße 328, A-4040 Linz, Austria
E-mail: privacy(at)

Start your own
project with us

Get started now

or inquire directly