Data Privacy Statement for Service Desk
1. Functional description of Service Desk
The codeclou Service Desk is a Customer-Support-Portal provided by an ordered Data Processor. With this Customer-Support-Portal we can process and complete Customer-Support-Requests via a web gui. The customer receives a verification mail to the address that is entered during submission of the Customer-Support-Request. The customer can enter his name or use a fictional name. The web gui as well as the e-mail-system are provided by the ordered Data Processor.
Data Controller = Responsible Party is codeclou.
see Chapter 2. General information and mandatory information → Notice concerning the responsible party
Data Processor is Atlassian.
see Chapter 4. Data Processor → Atlassian: JIRA Service Desk Cloud
The web gui is reachable via the URL:
The e-mail-system is reachable via addresses in the form of:
To perform a registration a customer needs to Double-Opt-In. For a submitted Customer-Support-Request he receives a verification mail containing a registration link. During the registration process he can define a password. Going forward he can use this mail-address and password to login to the web gui. There he can see all his support requests.
Purpose of using the Customer-Support-Portal is the better handling of customer requests. The secure (encrypted) handling of customer requests as well as the controllability of higher volumes of requests is another essential factor.
2. General information and mandatory information
Notice concerning the responsible party
The party responsible for processing data is:
cpobdqercplyobuh UHGT ((huanfstguhnagtsfboersfcphureäänakxtg))
represented by: BOerrenahuanredq GTreüünaerwjanlydqtg
ANlytgdqobrefserre SFtgreanßßer 22 -- 9911220077 LYanuhfs anna dqerre PCergtnaivtgzm,, GTerremzannayl
Phone: ++4499 99112233 88331122994411
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
Right to erasure (Simplified Process)
Via the form Delete my Account and Personal Data you can request the erasure of all your support-requests and your support-account. Should you request the erasure, we will delete all your data irretrievably. A recovery is not possible.
In the first step we will delete all your support requests with all comments and history.
Secondly we will delete the account.
Now all data is irretrievably deleted. Should you submit a new support-request, a new account will be created.
3. Data collection when using the Service Desk
What type of personal data is collected?
We process and store different categories of personal data. Personal information is any data with which you could be personally identified (e.g. E-Mail-address, Name ...).
Data collection during Service usage
Personal data collected during service usage will be collected in the following ways:
- (1) Data you input yourself (e.g. first- and lastname, E-Mail-address).
- (2) Data that is processed automatically by our systems or systems of our ordered data processors (e.g. analysis-data, ip-address).
Data you input yourself
Should you use this service, create an account or contact us via the special
*@codeclou-support.atlassian.net E-Mail-addresses or submit comments - we will store the data you input.
Should you create an account, the data is also stored in our system (e.g. E-Mail-address, first- and lastname). We do not hand out the data to third parties.
An account record look something like so:
The processing an storage of your data entered via the service requires your consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
A junction of your data with other data-sources will not take place.
Data that is processed automatically
We do not have access to the data that is automatically processed and stored by the Data Processor.
This data can be session-cookies, server-log-files, anonymized usage data et al. Since the Data Processor abides the standards declared by the GDPR and is part of the EU-U.S. Privacy Shield framework, you can be assured of its responsible and regulated handling of your personal data.
4. Data Processor
We use the following Data Processors. We have signed a Data Processing Agreement (DPA) with each of them. They provide services that we use and abide the data protection regulations defined by the EU regarding the GDPR.
Atlassian: JIRA Service Desk Cloud
We are using the Cloud version of JIRA Service Desk to provide the codeclou Service Desk. The service is reachable via the URL:
Atlassian Pty Ltd, 1098 Harrison St, San Francisco, CA 94103, United States hosts the data in the United States and participates in the EU-U.S. Privacy Shield. We use Atlassian Services in order to securely handle communication regarding custom questions and support requests. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR. Further information about handling user data, can be found in the Data Privacy Statement of Atlassian under: https://www.atlassian.com/legal/privacy-policy. and the Atlassian Data Processing Addendum under: https://www.atlassian.com/legal/data-processing-addendum