Information on requests for information from visitors to your website (Article 15 GDPR)

Introduction

If you have created a website using Jimdo products, personal data from your visitors will be collected on your website. If visitors to your website contact you and request information in accordance with Art. 15 GDPR, you are obliged to comply with this request and provide the information within 30 days.

As the website operator, you are not only responsible for the content of your website, but also for the correct processing of data. Jimdo cannot take over the processing of the request for information for you. For requests for information in accordance with Art. 15 GDPR, we strongly recommend that you consult a data protection expert or specialist lawyer. Under no circumstances should you ignore such requests, as this may result in legal consequences.

We have put together some helpful information on this page to assist you in processing the request. Please note that this information does not constitute legal advice.

Rights of Data Subjects Under Article 15 of the GDPR

As a website operator collecting and processing personal data, you are required to provide information if a data subject makes a request under Article 15 of the GDPR. The data subject has the right to receive the following information from you:

• Purpose of Data Processing: You must state the purpose for which the personal data is processed, e.g., for processing orders or responding to inquiries.
• Categories of Data Involved: You must clearly disclose what types of personal data are being processed, such as contact details, payment information, or IP addresses.
• Recipients or Categories of Recipients: You are obliged to disclose to whom the personal data has been or will be transferred, for example, to payment service providers or other service providers.
• Storage Duration: You must provide information about how long the personal data will be stored or what criteria are used to determine the storage duration.
• Rights to Rectification, Deletion, Restriction, or Objection: You must explain to the data subject that they have the right to request the correction of inaccurate data, deletion of data, restriction of processing, or object to processing.
• Source of the Data: If the personal data did not originate from the data subject directly, you must indicate the source of this data.

As a website operator, you are responsible for providing this information fully and within the 30-day timeframe to meet the GDPR’s legal requirements.

Differences in Jimdo Products

Please note that there are differences in data processing depending on the Jimdo product. We have created information pages that can provide you with guidance on what data is collected or processed on your website, to whom this data is transferred, and how long it is stored:

• Example texts for the privacy policy of a Jimdo Creator website.
• Example texts for the privacy policy of a Jimdo website.

Frequently Asked Questions

What Server Log Information Does Jimdo Store?

When visiting a Jimdo site, the Jimdo servers automatically store certain information sent by the browser. This data includes:

• the request
• the IP address
• the browser type
• the browser language
• the date
• the time
• the visited website

This information is used to ensure the technical operation of our servers and networks, as well as for analysis and abuse prevention. It is deleted after 7 days. The processing of this data is based on Article 6(1)(f) of the GDPR, reflecting our legitimate interest in improving the stability and functionality of our website.

What Data Is Stored When Using the Contact Form?

The information that your customer or visitor has sent you can be viewed in the form archive on Jimdo Creator websites. To do so, go to Menu > Settings > Form Archive. Here you can see the email address, the page from which the inquiry came, and the date or time when the inquiry was sent to you. IP addresses of messages sent via the contact form are not stored by us.

What Data Is Stored When Using the Store?

The data transmitted and stored in the context of a shop order can be viewed on Jimdo Creator websites under Menu > Shop > Orders.

IP addresses of shop orders are not stored by us. Payment data is not stored by Jimdo. These data are stored by the respective payment service provider.

I Have Enabled Statistics. What Data Is Processed?

The statistics feature on Jimdo and Jimdo Creator websites is based on an analytics software developed by Jimdo and collects data solely for statistical analysis and technical optimization of the website offering. More information about the function can be found here. The statistics feature can be disabled at any time by the website operator.

The following data is collected:

• Referrer (the previously visited website)
• Requested website or file
• Browser type and version
• Operating system used
• Device type used
• Access time
• IP address in anonymized form

Which Service Providers Do You Share Data With?

If you create a website with us, your data and the data of your website users are processed by the following subcontractors:

• Jimdo – List of Subcontractors

Please note that depending on the website’s functionality and its use, the data recipients may vary. For more information, see the section Differences between Jimdo and Jimdo Creator.

Where Are Jimdo's Servers Located?

To ensure the highest possible security and availability of your website, we use the cloud-based solution from Amazon Web Services (AWS) for data storage. The data centers of this provider are located in Ireland and are therefore subject to EU law.

For the provision of your website, we also use a Content Delivery Network (CDN) with servers worldwide. This ensures that your website is always quickly and reliably accessible everywhere.

Do You Use Google Fonts, and Can I Disable Them?

Jimdo uses Google Fonts, and these are an integral part of our website builder and unfortunately cannot be disabled. But don’t worry, we have implemented a privacy-compliant integration of Google Fonts, with the fonts hosted on our CDN servers, so no IP addresses are transmitted to Google.

What Is the Purpose of the Prefetch and Preconnect Code in the Source Code?

The code for Prefetch and Preconnect resolves the server addresses of the specified services. This means it checks if the service is reachable and what the server’s IP address is. This speeds up data loading.

Typically, you will find these links in the source code of your Jimdo Creator or Jimdo website:

Jimdo Creator:

• https://u.jimcdn.com/
• https://assets.jimstatic.com/
• https://image.jimcdn.com/
• https://fonts.jimstatic.com/

Jimdo:

• https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/
• https://jimdo-storage.freetls.fastly.net/
• https://fonts.jimstatic.com/

These addresses are services or data sources hosted on the servers of the CDN provider we use. These resources are essential for operating a Jimdo website.

Further Information

On the following pages, you can find more important information on data processing on Jimdo websites and how Jimdo handles user data:

• Jimdo – Product Data Protection Notice
• Jimdo – Data Processing Agreement
• Jimdo – Technical and Organizational Measures for Data Protection and Information Security

Do You Have Further Questions?

If you or your legal advisor have questions or need additional information, feel free to send us an email at datenschutz@jimdo.com. If you are a Jimdo user, please send the message from the email address you used to create your account or website. This way, we can easily assign your request and process it faster.