Privacy Policy

NHe4a GmbH – Privacy policy

Last modified: 15 March 2023

By using the myexchange.rocks website and making use of a NHe4a GmbH Account (the “Account”) and all connected client protocols (the “Services”), you understand that your data in relation with your use of our Services is processed according to the following privacy policy and its product-specific privacy policies (together, the “Privacy Policy”). The Privacy Policy states (i) what data we collect through your access and uses of the Services; (ii) the use we make of such data; and (iii) the safeguards put in place to protect your data.

  1. Legal framework

The Services are operated by NHe4a GmbH (the “Company”, “We”), a German company registered at the Chamber of commerce Ulm HRB 745650. It is therefore governed by the laws and regulations of Germany.

  1. Data NHe4a GmbH collects from you, and how we use it

Our overriding policy is to collect as little user information (personal data included) as possible to ensure a private user experience when using the Services. We do not have the technical means to access the content of your encrypted emails, files, and calendar events.

Data collection is limited to the following:

2.1 Visiting NHe4a GmbH website: We use Google analytics for our websites.

2.2 Communicating with NHe4a GmbH: Your communications with us, such as support requests, bug reports, or feature requests may be saved by our staff. The legal basis for processing is our legitimate interest to troubleshoot more efficiently and to improve the quality of our Services.

2.3 Payment information: We rely on third parties to process credit card and PayPal transactions and must therefore share payment information with them. The legal basis of this processing is the necessity to the execution of the contract to provide the Services.

2.4 Native applications: When you use our native applications, we (or the mobile app platform providers) may collect certain information. We may use mobile analytics software, app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting) to send crash information to our developers in order to rapidly fix bugs. Some platforms, such as Google’s Play Store or Apple’s App Store may also collect aggregate, anonymous statistics, which may be governed by their respective privacy policies and terms and conditions. Such statistics can include most commonly used devices and operating systems, total number of installs and uninstalls, and the total number of active users.

Our own applications do not access or track any location-based information from your device.

2.5 Social Media: We are active on Facebook, Instagram, Linkedin, Twitter, Reddit, and Mastodon. Any information, communication, or material you submit to us via social media platforms is done at your own risk without any guarantee of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.

  1. Data subprocessors

To provide the Services, we rely on different data subprocessors, which process different categories of data. Processors never store data outside of the scope of their specific purpose. Notably, they do not store data in relation with the general day-to-day use of your Account and Services, which is exclusively processed by the Company. Subprocessors are as follow:

Third-party subprocessors

Stripe, Inc.

  • Purpose: Provide services in relation with the processing of payment data (section 2.6)
  • Data processing location: United States

PayPal group

  • Purpose: Provide services in relation with the processing of payment data (section 2.6)
  • Data processing location: United States, Singapore
  1. Data disclosure

We will only disclose the limited user data we possess if we are legally obligated to do so by a binding request coming from the competent German authorities. We may comply with electronically delivered notices only when they are delivered in full compliance with the requirements of German law. Under no circumstances can NHe4a GmbH decrypt encrypted message content and disclose decrypted copies.

  1. Your privacy rights at NHe4a GmbH

Through your Account interface, you can directly access, edit, delete, or export personal data processed by the Company in your use of the Services.

  1. Modifications to Privacy Policy

Within the limits of applicable law, the Company reserves the right to review and change this Privacy Policy at any time. As long as you are using the Services, you are responsible for regularly reviewing this Privacy Policy. Continued use of the Services after such changes are performed shall constitute your consent to it.