Privacy policy

Last updated: March 20, 2025
Please read these Privacy policy carefully before using Our Service.

Privacy Overview

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website or use our SaaS application absentify. Personal data refers to any data that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy listed below.

Data Collection on This Website and Through Our Services

Who is responsible for data collection on this website?
Data processing on this website and within the SaaS application absentify is carried out by the website operator. You can find the contact details of the website operator in the “Information on the Responsible Party” section of this privacy policy.

How do we collect your data?
As a SaaS application, we collect your data in various ways:

  • Through your input: Data you actively provide to us, e.g., by entering information into forms on our website or in absentify, via email, or during registration for our services.

  • Automatically during use: Technical data (e.g., internet browser, operating system, IP address, time of access) is automatically collected by our IT systems when you visit our website or use absentify. This collection occurs as soon as you access the website or log into the application.

  • Via your Microsoft account: When registering for absentify via your Microsoft account, we automatically receive certain data such as your name, profile picture, and email address, which are necessary to provide the service.

  • Usage data: During your use of absentify, additional data (e.g., interactions with the application) may be collected to ensure functionality and optimize the application.

What do we use your data for?
Some data is collected to ensure the error-free provision of the website and our SaaS application. Other data may be used to analyze your usage behavior to improve our services.

What rights do you have regarding your data?
You have the right at any time to request information free of charge about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke it at any time with effect for the future. Additionally, under certain circumstances, you have the right to request the restriction of the processing of your data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time with questions about data protection.

In addition, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to be informed: You have the right to be informed about the collection and use of your data.

  • Right of access: You can request access to the personal data we hold about you and how it is processed.

  • Right to erasure: You can request the deletion of your data (“right to be forgotten”).

  • Right to restriction of processing: Under certain conditions, you can request that the processing of your data be restricted.

  • Right to data portability: You can receive your data in a structured, commonly used format and have it transferred to another controller.

  • Right to object: You can object to the processing of your data under certain circumstances.

  • Rights regarding automated decision-making and profiling: We do not engage in automated decision-making or profiling that produces legal effects concerning you.

Third-Party Analytics Tools

When visiting this website or using absentify, your behavior may be statistically evaluated, particularly through analytics programs. Detailed information on this can be found in the privacy policy below.

Hosting

We host the content of our website and the SaaS application absentify with the following provider:

Microsoft Azure
The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter “Microsoft Azure”). Your personal data is processed exclusively on servers in Northern Europe (Ireland and Denmark) when you use our website and SaaS application. The use of Microsoft Azure is based on Art. 6(1)(f) GDPR (legitimate interest in the reliable provision of our services). When using absentify as a customer, Art. 6(1)(b) GDPR (contract fulfillment) also applies. For more information, see Microsoft’s privacy policy: Microsoft Privacy Statement.

Data Processing Agreement
We have concluded a Data Processing Agreement (DPA) with Microsoft Azure, ensuring that your data is processed only according to our instructions and in compliance with the GDPR.

General Information and Mandatory Disclosures

Data Protection

The operators of this website and the SaaS application absentify take the protection of your personal data very seriously. We treat your data confidentially and in accordance with statutory data protection regulations and this privacy policy. When you use this website or absentify, various personal data is collected that can identify you personally. This privacy policy explains what data we collect, what we use it for, and how this happens. Please note that data transmission over the internet (e.g., via email) may have security vulnerabilities, and complete protection against third-party access is not possible.

Information on the Responsible Party

The responsible party for data processing is:
BrainCore Solutions GmbH
Panoramaweg 1, 8274 Tägerwilen, Switzerland
Phone: +49 251 9811573777
Email: support@absentify.com

The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

Retention Period

Unless a specific retention period is stated in this privacy policy, we store your data until the purpose of processing no longer applies. Upon a legitimate request for deletion or revocation of your consent, your data will be deleted. Note that our backups may retain data for up to 14 days before it is permanently deleted, in compliance with the GDPR.

  • Consent: If you have given consent, we process your data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (special categories of data). For data transfers to third countries with consent, Art. 49(1)(a) GDPR applies. Consent can be revoked at any time.

  • Contract fulfillment: For the fulfillment of a contract or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR.

  • Legal obligation: For legal obligations, we rely on Art. 6(1)(c) GDPR.

  • Legitimate interest: Processing may be based on our legitimate interest under Art. 6(1)(f) GDPR.

The applicable legal basis is specified in the following sections.

EU Representative under Art. 27 GDPR

Our EU representative is:
MPH-GL GmbH
Reichenaustrasse 11a, 78467 Konstanz, Germany
Phone: +49 251 9811573777
Email: support@absentify.com

Data Protection Officer

Our Data Protection Officer is:
BrainCore Solutions GmbH
Data Protection Officer
Panoramaweg 1, 8274 Tägerwilen, Switzerland
Email: privacy@absentify.com

Note on Data Transfers to the USA and Other Third Countries

We use tools from companies based in the USA or other third countries with lower data protection standards. When these tools are active, your data may be transferred to these countries and processed there. In such countries, a data protection level comparable to the EU cannot be guaranteed. For example, US companies may be required to disclose personal data to security authorities without the possibility for affected individuals to take legal action. We have no influence over these processing activities.

Many data processing operations require your explicit consent. You can revoke your consent at any time. The legality of processing carried out prior to revocation remains unaffected.

Right to Object under Art. 21 GDPR

If processing is based on Art. 6(1)(e) or (f) GDPR, you may object to the processing of your data for reasons arising from your particular situation. We will cease processing unless compelling legitimate grounds override your interests, rights, and freedoms, or the processing serves legal claims. For direct marketing, you can object at any time, and your data will no longer be used for such purposes.

Right to Lodge a Complaint with a Supervisory Authority

In case of GDPR violations, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your habitual residence, workplace, or the place of the alleged violation. This right exists without prejudice to other remedies.

Right to Data Portability

You have the right to receive data we process automatically based on your consent or for contract fulfillment in a machine-readable format, or to have it transferred to a third party, if technically feasible.

Access, Deletion, and Correction

You have the right to free information about your stored data, its origin, recipients, and purpose, as well as the right to its correction or deletion. Contact us at any time for this purpose.

Restriction of Processing

You may request the restriction of processing your data, e.g., if you dispute its accuracy, the processing is unlawful, or you object under Art. 21 GDPR. During review, the data may only be processed with your consent or for specific purposes.

SSL or TLS Encryption

This website and absentify use SSL or TLS encryption for security reasons and to protect confidential content. You can recognize an encrypted connection by “https://” and the lock icon in the browser’s address bar.

Encrypted Payment Transactions

Payment data is transmitted encrypted for payment processing (“https://” and lock icon).

ISO 27001 Certification and Information Security

We place great importance on protecting your data and are certified under ISO 27001. This includes regular risk assessments, security controls, training, and continuous improvements. Contact our Data Protection Officer with any questions.

Data Collection on This Website and Our Services

Cookies

Our website and absentify use cookies, which may be temporary (session cookies) or permanent (persistent cookies). Third-party cookies may also be used. Technically necessary cookies (e.g., for application functionality) are based on Art. 6(1)(f) GDPR. You can manage cookies in your browser settings.

Server Log Files

Server log files (e.g., browser, operating system, IP address) are automatically collected (Art. 6(1)(f) GDPR) to technically optimize the website and absentify.

Registration on This Website

When registering for absentify, we use your data to provide the services (Art. 6(1)(b) GDPR). Data is deleted upon termination, with backups retained for up to 14 days.

Registration with Microsoft

Registration for absentify occurs via Microsoft (Microsoft Ireland Operations Limited, Ireland). We receive your name, profile picture, and email address (Art. 6(1)(b) GDPR).

Newsletter (Sendinblue)

For newsletters, we use Sendinblue (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany) with your consent (Art. 6(1)(a) GDPR). Data is stored until you unsubscribe.

Crisp

For support, we use Crisp (Crisp IM S.A.S., 2 Boulevard de Launay, 44100 Nantes, France) based on Art. 6(1)(f) GDPR. Data remains stored until deleted or the purpose ceases.

PostHog

For product analytics and user behavior analysis, we use PostHog (PostHog GmbH, Rosenthaler Straße 72 A, 10119 Berlin, Germany) based on Art. 6(1)(f) GDPR (legitimate interest in optimizing our services). All data is hosted exclusively in the EU (Frankfurt, Germany).

E-Commerce and Payment Service Providers

Processing of Customer and Contract Data

Data is processed for contract fulfillment (Art. 6(1)(b) GDPR) and deleted after contract termination and statutory retention periods.

Payment Services

Payments are processed exclusively via Paddle (Paddle.com Market Limited, 18-29 Mora Street, Judd House, London EC1V 8BT, UK) as a merchant and payment and contract service provider upon subscription. Your payment data is processed by Paddle (Art. 6(1)(b) GDPR). Data transfers to the United Kingdom are based on the EU Commission’s adequacy decision. More information: Paddle Privacy.

Subprocessors

Information about the subprocessors we use can be found in our Data Processing Agreement (DPA) and on our subprocessors page: https://absentify.com/en/subprocessors. We have concluded Data Processing Agreements (DPAs) with all subprocessors, ensuring that your data is processed only according to our instructions and in compliance with the GDPR.