We are based in Munich, Germany.
The GDPR differs between the data controller and the data processor. For you, it is mandatory to know who is the data controller. The data controller is your main contact if you want to access or update your data.
MOO-XOO licenses services to multiple companies („Client “ or “Clients”).
Clients are the data controller. Clients are responsible for deciding how personal data is entered, processed, used, and disclosed.
MOO-XOO is the data processor. MOO-XOO and the client have signed a term of use and data processing contract.
We are totally committed to the GDPR, we think data protection is the ultimate path.
We only save and process the minimum amount of data needed.
For a successful usage of our service, our clients store and process two types of personal data.
The personal data saved and processed in our services is legitimate based on Art. 6 GDPR 1 a,b,f.
Personal data is only saved and processed when it is necessary for the performance of a contract to which the clients´partners, are part or in order to take steps at the request of the clients´partners prior to entering into a contract.
However, we can only guarantee how MOO-XOO handles private data. If your personal data is in the duty and in control of our client and it becomes subject to the clients’ privacy practices.
Furthermore to improve our services we may automatically process user data (user´s email, web browser, operating system and public IP address) about your usage when you use our services and only if you experience an error. Nevertheless, conclusions on personal data are not possible for us with it and also are not intended.
We save and process only data that is communicated directly to our clients via our services.
The data from our clients´partners is saved and used for providing and improving the management of marketing and sales workflow services. Data is used by our clients for:
MOO-XOO does not share information with a third party. However, if your personal data is shared with another company, it is in the duty and control of our client and becomes subject to the clients’ privacy practices.
We mainly process personal data within the European Economic Area. Being the data processor, MOO-XOO relies on a limited number of sub-processors to perform well-defined elements of its services. Some of these sub-processors may be located outside of the EEA. They have been selected carefully.
We only engage subcontractors, parent or subsidiary companies which adhere to equivalent rules on the protection of personal data in line with EU regulations.
The security, and confidentiality of your data are extremely important to us. We have implemented technical, administrative, and physical security measures that are designed to protect personal data from unauthorized access, disclosure, use, and modification. MOO-XOO uses industry-standard firewalls, secure web protocols (https), data encryption and authentication procedures, among other techniques, to maintain the security of your data.
We regularly review our security procedures. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable.
You can request access to your personal data. You may also request rectification of inaccurate personal data, or to have incomplete personal data completed and/or deleted.
An individual who seeks access, or who seeks to update or delete data should direct their query to the MOO-XOO`s client (the data controller).
This is effective for all requests regarding customers partners data.
Clients can update, anonymize or delete data or take other appropriate steps.
Any personal data submitted while using the service belongs to the client.
We appointed a Data Protection Office to manage and supervise the fulfillment of all GDPR requirements, and assist any inquiries from individuals. The DPO can be reached at firstname.lastname@example.org