Privacy Policy

Privacy Policy

We, the ZIPPYDOC GmbH (hereinafter “we”) are pleased about your interest in our company and services. We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter “GDPR”) and further applicable regulations.

With this privacy policy, we inform you, as our customer (hereinafter “you” or the “customer”), about the processing of personal data submitted by you in relation to our products and services referred to as “ZIPPYDOC for Excel”(“ZIPPYDOC”) and about your corresponding rights as a data subject. Please also note our privacy policy with respect to our website shall apply exclusively with respect to any personal data generated via our website.

This privacy policy applies to any processing of personal data submitted by you about yourself (if you, as the customer, are a natural person) or about your managing directors and employees for the purposes of performing the agreement regarding the use of ZIPPYDOC with us (if you, as the customer, are a company or other legal entity).

If you, when using ZIPPYDOC, submit other personal data which are governed by a data processor agreement between you and us, this privacy policy does not apply to such processing of your personal data on your behalf in our role of a processor, including in cases where we offer various add-on products and services to our customers through which our customers (or their affiliates): (i) create their own add-in and applications that run on our platforms or (ii) otherwise collect, use, disclose or process personal data through our products and services. In this respect, you, as the customer, act as a data controller and must ensure that the processing of such data is performed in accordance with the provisions of applicable data protection law.

1. Name And Contact Details Of The Controller

This privacy policy shall apply to data processing activities by the following controller:


Neue Mainzer Straße 66,

60311 Frankfurt am Main,


Legal representatives: Jonathan Schöck, to be reached under the above contact details.

2. Subject Matter Of Data Protection

The subject matter of data protection is personal data. This means any information relating to an identified or identifiable natural person (“data subject”). These include e.g. information such as name, postal address, e-mail address or telephone number.

Specific information on the personal data processed by us can be found below in detail in the data processing operations listed.

3. Collection And Storage Of Personal Data As Well As The Nature And Purpose Of Its Processing

ZIPPYDOC can be used largely without entering personal data besides an email address. However, different rules may apply to certain services or subscriptions. While using ZIPPYDOC, we may require you to provide us with certain personal data, including but not limited to name, email address or payment transaction details information. The information that we request is will be retained by us and used as described in this privacy policy the following personal data are collected and stored:

a. Personal Data Collected During The Download

When downloading ZIPPYDOC, certain personal data required for this purpose will be transmitted to the corresponding store.

In particular, the email address, the user name, the customer number of the downloading account, the individual device identification number, payment information and the time of the download will be transmitted to the store during the download.

We have no influence on the collection and processing of this personal data, which is carried out ex-clusively by the store owner selected by you. Accordingly, we are not responsible for this collection and processing.

b. Personal Data Collected During The Use

We can only provide you with the benefits of ZIPPYDOCif we collect certain personal data about you that is required for the operation.

We only collect this personal data if this is necessary for the performance of the contract between you and us (Article 6 (1) (b)GDPR) or, if you are a managing director or employee of a customer, between said customer and us (Article 6 (1) (f)GDPR). Furthermore, we collect this personal data if this is necessary for the functionality of ZIPPYDOC and your interest in the protection of your personal data does not outweigh this (Article 6 (1) (f) GDPR).

c. When Using Our Contact Form And Email Contact

If there are any questions, we offer the option of contacting us using a form provided on our website. A valid email address must be indicated there so that we will know where the query comes from and to answer such. Further information can be provided freely.

Alternatively, contact via the provided email address is possible. In such a case, your personal data transmitted in the email will be stored.

The legal basis for data processing for the purpose of data processing activities for the purpose of contacting is article 6(1)(1)(f) GDPR. If the purpose of the contract is to conclude a contract, the additional legal basis for the processing is Article 6(1)(1)(b) GDPR.

The personal data collected by us shall be erased automatically after the completion of the request submitted by you.

4. Transferring Data

We shall only pass on your personal data to third parties (recipients) if we are entitled to do so under the provisions of data protection law. Below we inform you about the circumstances in which this may be the case:
We can pass on your personal data to third parties (recipients), if:

  • you have explicitly given consent to such for one or more specific purposes (Article 6(1)(1)(a) GDPR);
  • processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Article 6(1)(1)(b) GDPR);
  • processing is necessary for compliance with a legal obligation to which we are subject (Article 6(1)(1)(c) GDPR);
  • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Article 6(1)(1)(f) GDPR).

Furthermore, we work together with service providers, so-called processors, to whom we transfer your personal data and who process your data for us on our behalf and in accordance with our instructions in compliance with Article 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected. Specifically, please find below a list of our service providers:

  • Microsoft Corporation
  • q.beyond AG

In addition, certain ZIPPYDOCtasks can, for example, include third party services such as DeepL a service provided by DeepL GmbH. However, this service provider only processes the personal data that you provided when using the respective ZIPPYDOCtask.

5. Cookies

We would like to provide you with a pleasant experience with ZIPPYDOCand use cookies for this purpose within the framework Article 6(1)(1)(f) GDPR.

For this purpose, we may use cookies to ensure the functionality of ZIPPYDOC and to make the ZIPPYDOC as informative and user-friendly as possible for you. It is important to us that you surf comfortably on our ZIPPYDOC and therefore the constant optimization of ZIPPYDOC is of great importance to us.

A cookie is a small file that is stored in the browser of the end device when ZIPPYDOC is accessed. Cookies can be used, for example, to identify the respective terminal device or to ensure the complete and correct display of ZIPPYDOC.

Depending on their function and purpose, cookies can be divided into five categories: Technically re-choired cookies, performance cookies, functional cookies, analysis cookies and cookies for marketing purposes.
We may use only technically required cookies. These cookies are mandatory to move around within ZIPPYDOC, to use basic functions and to ensure the security of ZIPPYDOC. The legal basis for the use of technically required cookies is Article 6(1)(1)(f) GDPR.

Any use of cookies that is not absolutely technically necessary constitutes data processing that is only permitted with your explicit and active consent pursuant to is Article 6(1)(1)(a) GDPR. This applies in particular to the use of advertising, targeting or sharing cookies. Furthermore, we will only pass on your personal data processed by cookies to third parties if you have given your express consent to do so in accordance with Article 6(1)(1)(a) GDPR.

6. Rights Of The Data Subject

You have the right:

  • to demand information in accordance with Article 15 GDPR regarding the processing of your personal data by us. In particular, you may request information on the purposes of the processing, the categories of personal data, the categories of recipient to whom your personal data have been or are disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the source of your personal data to the extent that these were not collected at our site, and the existence of automated decision-making, including profiling and any meaningful information on its details;
  • in accordance with Article 16 GDPR, obtain the rectification of any inaccurate personal data stored by us or completion of such personal data without undue delay;
  • in accordance with Article 17 GDPR, obtain the erasure of your personal data stored by us, to the extent that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with article 18 GDPR, obtain the restriction of processing of your personal data, to the extent that the accuracy of the personal data is contested by you, the processing is unlawful, but you oppose erasure and we no longer need the personal data, but you still require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 GDPR;
  • in accordance with Article 20 GDPR, demand to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • in accordance with Article 7(3) GDPR, to withdraw your consent once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future and
  • in accordance with Article 77 GDPR, lodge a complaint with a supervisory authority. Usually, you may contact the supervisory authority at your habitual residence or place of work or our registered office for this.

7. Right To Object

As far as your personal data are processed based on legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, to the extent that there are grounds relating to your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.

If you want to exercise your withdrawal right or right to object, simply send us an email to

8. Further Information

In accordance with Article 13(2)(e) GDPRwe would like to inform you about the following:
The provision of personal data is neither a statutory nor contractual requirement nor a requirement necessary to enter into a contract. You are not obliged to provide personal data. There are no consequences resulting from failure to provide such personal data.

In accordance with Article 13(2)(f) GDPRwe would like to inform you about the following:

We do not process your personal data for the purpose of automated decision-making.

In accordance with Article 13(1)(f), GDPRwe would like to inform you that we intend to transfer the personal data to a third country or an international organization. A transfer of personal data to a third country always takes place in accordance with Article 44 GDPR.

9. Data Security

Apart from this, we use appropriate technical and organisational security measures in order to protect your personal data from accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.

10. Topicality And Changes Of This Privacy Policy

This privacy policy is currently valid as of May 2021.

Further development of ZIPPYDOCand services through it or changed statutory or authority specifications may require changes to this privacy policy.