Privacy Policy

Privacy Policy Summarize.One

Summarize.One is a privacy-by-design chat extension developed in Germany. As your service provider, we constantly work hard to protect your information: We are financially independent with source of revenue from our subscribers – we do not sell, rent, loan or lease ANY of your personal information. This Privacy Policy helps you understand what information we collect, why we use it and how you can manage and delete your information.

For purposes of this Privacy Policy, the terms “we”, “us” and “our” refer to Tasler IT Inh. Thomas Tasler. The terms “Summarize.One”, “service” and “software” refers to our chat summarization and transcription software Summarize.One. “You” refers to you, as a user of the Application or visitor to the website, as applicable.

This Privacy Policy is effective as of the date last modified, as listed at the bottom of the privacy policy.

1. Responsible Contact

The responsible contact according to the Federal Data Protection Act is Tasler IT Inh. Thomas Tasler. If you have any questions concerning privacy policy matters, please contact: [email protected]. By contacting this email address, you can inquire into privacy issues and review, change, or delete your personal information stored by us.

2. Reasons for collection of information

We may use the information we collect from Summarize.One and our website to provide, maintain, protect and improve Summarize.One and to communicate with you about your use of the Application.

3. Personal data

Personal data is any individual information about the personal or material circumstances of a specified or identifiable natural person. Personal data primarily includes details such as a person’s name, postal address or e-mail address.

4. Processing and use of personal data

4.1 Registration information

In order to register a Summarize.One account we require and store your email address and password.

4.2 Order and payment information

In order to process orders we require all relevant personal information, such as your name, address, email address, company name, VAT ID and information concerning the payment method you have chosen. Payments are handled securely by our payment providers Paypal and Stripe. These partner companies have their own data protection policies. We encourage you to read these policies thoroughly before using the Service, and check that you agree with them. To enable payments to be processed and invoiced, the partner company stores references to payment details. The actual payment details (including credit card and bank details) do not pass through Summarize.One servers and systems.

4.3 Summarize.One information

In order to guarantee full functionality of all Summarize.One features and to deliver high level of customer service for you we may collect and store

  • (a) your e-mail address. We process this type of personal data in order to sell and market our Services to you, to create an account for you and to provide you our Services. We process this type of Personal Data based on the consent you expressly grant to us at the time we collect such personal data. We do not sell, rent, loan, or lease your contact information or any other data to others, unless we are required by law or litigation to disclose your personal information.
  • (b) certain technical information about your device, including device hardware model, operating system details, unique device identifiers. We process this type of Personal Data in order to provide you our Services. We process this type of Personal Data for our legitimate interests in providing the Services.
  • (c) certain information about your Summarize.One usage, including date and time when you used a Summarize.One feature. We process this type of data in order to show you usage analytics in your dashboard and to provide you our Services. We process this type of Personal Data for our legitimate interests in providing the Services.
  • (d) certain information about the recipient ID (RFC 2392), recipient name, message content and message ID (RFC 2392) when you use the Summarize.One feature for summarization & transcriptions. We process this type of data in order to faciliate summarizations & transcriptions and display the recipient name next to it when enabling private summarizations. We don't allow message content of your chats to be read in any case by humans. Furthermore message content is never stored or collected by us - only temporarily cached soley for data processing purposes and never beyond your custom settings in the web interface of Summarize.One to enable the provision of our service. We process this type of Personal Data for our legitimate interests in providing the Services.
  • (e) authentication information of your chat application when connecting Summarize.One. We use industry-standard session cookies for user authentication which gives us access to your account without letting us know your password. We only collect and store this information as long as this feature is active. We process this type of Personal Data in order to provide you our Services. We process this type of Personal Data for our legitimate interests in providing the Services.

5. Summarize.One’s Summarization & Transcription Features

5.1 How does Summarize.One’s Summarization & Transcription Features Work?

Summarize.One enables you to summarize & transcribe, your own, your contacts, your groups chat-/and voice messages based on configured settings concerning minimum length and extend. As soon as a message is received in your chat application, Summarize.One sends the Summarization or Transcription directly below the relevant message or in your private group chat - depending on the configured settings.

5.2 What data is collected?

In order to guarantee full functionality of Summarize.One’s Summarization & Transcription features, we may collect and process certain information about the recipient ID (RFC 2392), recipient name, message content and message ID (RFC 2392). We process this type of data in order to faciliate summarizations & transcriptions and display the recipient name next to it when enabling private summarizations. We don't allow message content of your chats to be read in any case by humans. Furthermore message content is never stored or collected by us - only temporarily cached soley for data processing purposes and never beyond your custom settings in the web interface of Summarize.One to enable the provision of our service. We process this type of Personal Data for our legitimate interests in providing the Services. Summarization & transcriptions are performed by artifical intelligence. For that we we may send relevant content from to the service OpenAI. This includes the contact's name and the relevant content of the message.

Summarize.One uses OpenAI’s artificial intelligence technology to help transcripe and summarize emails. By using our service, you acknowledge and agree that your email content and subject line may be shared with OpenAI to provide the service. OpenAI’s use of your data is subject to their own privacy policy, which you can review at https://openai.com/privacy-policy/.

Summarize.One uses the customers access to Whats App Web for the sole provison of Summarize.One's services. This is limited to sending summaries & transcriptions as well as reading incoming messages & voice messages restricted to the scope set in the settings. Whats App's use of your data is subject to their own privacy policy, which you can review at https://urlis.net/wmeen0my

8. Cookies

We use cookies on our website. These are small text files stored on your computer. We use both permanent cookies and session cookies so that we can offer you the best service possible. The data saved in the cookies make the use of our services as comfortable as possible for you, not only for your current use of the respective service but also beyond it. If you don’t want to allow permanent cookies, you can select the option to deactivate permanent cookies in your browser. The data stored in session cookies are only valid for the current visit to our online offers and serve to provide you with an unrestricted use of our services and to make the use of our offers and services as comfortable as possible for your current visit. If you deactivate session cookies, we cannot guarantee that you will be able to use all of our services without limitations.

9. Cookies of third party providers and tracking

We use the services of other companies to optimize our websites and our services. You will receive an overview of the services we use in the following section.

9.1 Matomo Analytics

We have integrated Matomo Analytics on our websites. Matomo Analytics is a web analytics service which provides us with usage data (see section III, 3). Matomo is a Google Analytics alternative that protects your data and privacy. By using Matomo instead of Google Analytics, we have 100% data ownership and the power to protect user’s privacy. Matomo runs locally on our servers (in this case in Germany) and the data is not shared with Matomo or to any third party without our direct intervention. We have configured Matomo Analytics in the way that it provides the IP address of visitors in an abridged and therefore anonymized form, in our case the recommended two last bytes. Matomo Analytics also places a cookie on your device. A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Most browsers support cookies, but you can set your browsers to decline them and can delete them whenever you like.The cookie enables Matomo to analyze the use of our websites. According to their website and wikipedia, it’s recommended and used by various public administrations including CNIL, the European Commission and the Italian government. You can prevent the setting or the use of cookies through the following means. Whenever you visit our websites, you have to expressly give us consent to use cookies. Until you do, any analytics will not be functional. Your browser allows you to delete cookies already on your system and allows you to configure your browser so that it prevents the setting and use of cookies.Further information as well as the data protection provisions of Matomo: https://matomo.org/100-data-ownership/?footer https://matomo.org/gdpr-analytics/?footer https://matomo.org/privacy-policy/?footer

9.2 Google Remarketing

Our websites use Google’s remarketing technology. This technology enables users who have already visited our online services and shown interest in our services to see targeted advertising on the websites of the Google partner network. Likewise users that are similar to the visitors of our websites can be addressed. The advertising will be displayed using cookies. These are small text files saved on the user’s computer. The information generated by the cookie about the website use will be transmitted to and stored on servers in the United States by Google. In the event that the IP address is transferred, it will be reduced by the last 3 digits. Using cookies, the user behavior on a website can be analyzed and subsequently utilized to provide targeted product recommendations and advertising based on the user’s interests.

If you would prefer to not receive any targeted advertising, you can deactivate the use of cookies for these purposes through Google by visiting the website: https://www.google.com/settings/ads/. Alternatively, users can deactivate the use of cookies by third party providers by visiting the Network Advertising Initiative’s deactivation website (http://www.networkadvertising.org/choices/). Please note that Google has its own data protection policy which is independent of our own. We assume no responsibility or liability for their policies and procedures. Please read Google’s privacy policy before using our websites (https://www.google.com/intl/en/policies/privacy/).

9.3 Facebook Tracking Pixel

With your permission, our website utilizes the Tracking Pixel service of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This tool allows us to follow the actions of users after they are redirected to a provider’s website by clicking on a Facebook advertisement. We are thus able to record the efficacy of Facebook advertisements for statistical and market research purposes. The collected data remain anonymous. This means that we cannot see the personal data of any individual user. However, the collected data are saved and processed by Facebook. We are informing you on this matter according to our information at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook’s Data Use Policy found under: https://www.facebook.com/about/privacy/. Facebook Tracking also allows Facebook and its partners to show you advertisements on and outside Facebook. In addition, a cookie will be saved onto your computer for these purposes.

Only users over 13 years of age may give their permission. If you are younger than this age, please consult your legal guardians. Please click here if you would like to revoke your permission:https://www.facebook.com/ads/website_custom_audiences/.

9.4 TikTok Tracking Pixel

We use the TikTok Pixel on our website. The TikTok Pixel is a TikTok advertiser tool from the two providers: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom (both hereinafter collectively referred to as “TikTok”). The TikTok Pixel is a snippet of JavaScript code that allows us to understand and track visitor activity on our website. The TikTok Pixel collects and processes information about the creators of our website or the devices they use (so-called event data). The event data collected via the TikTok Pixel is used to target our ads and to improve ad delivery and personalized advertising. For this purpose, the event data collected on our website using the TikTok pixel is transmitted to Facebook TikTok. Some of this event data is information that is stored in the device you are using. In addition, cookies are also used via the TikTok Pixel, via which information is stored on the device you are using. Such storage of information by the TikTok pixel or access to information that is already stored in your end device only takes place with your consent. The legal basis for the collection and transmission of personal data by us to TikTok is therefore Article 6 (1) (a) GDPR. You can revoke your consent at any time via our consent management tool. This collection and transmission of the event data is carried out by us and TikTok as joint controllers. We have entered into a processing agreement with TikTok as joint controllers, which sets out the distribution of data protection obligations between us and TikTok. In this Agreement, we and TikTok have agreed, among other things, that we are responsible for providing you with all information pursuant to Art. 13, 14 GDPR on the joint processing of personal data; that TikTok is responsible for enabling the rights of data subjects in accordance with Art. 15 to 20 GDPR with regard to the personal data stored by Facebook Ireland after joint processing. You can read the agreement between us and TikTok: https://ads.tiktok.com/i18n/official/article?aid=10004832.

TikTok is solely responsible for the processing of the transmitted event data that follows the transmission. For more information on how TikTok processes personal data, including the legal basis on which TikTok relies and how you can exercise your rights against TikTok, see TikTok’s data policy.

9.5 Fonts - Bunny Fonts

Bunny Fonts wird über den Datenverarbeiter Bunny net dem CDN Dienst bunny.net mit Sitz in der Slowakei (EU) zur verfügung gestellt! Bunny Fonts sind von BunnyWay doo – einem in der EU ansässigen Unternehmen – entwickelt und gehostet und sind vollständig DSGVO-konform. Es werden keine Protokolle oder Daten gesammelt und an Dritte weitergegeben. Weitere Informationen zu Bunny Fonts finden Sie unter: Adresse BunnyWay doo, Cesta komandanta Staneta 4A, 1215 Medvode, Slowenien https://bunny.net/

9.6 Google Analytics

Diese Website benutzt Google Analytics, einen Webanalysedienst der Google Inc. (''Google''). Google Analytics verwendet sog. ''Cookies'', Textdateien, die auf Ihrem Computer gespeichert werden und die eine Analyse der Benutzung der Website durch Sie ermöglicht. Die durch den Cookie erzeugten Informationen über Ihre Benutzung dieser Website (einschließlich Ihrer IP-Adresse) wird an einen Server von Google in den USA übertragen und dort gespeichert. Google wird diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die Websiteaktivitäten für die Websitebetreiber zusammenzustellen und um weitere mit der Websitenutzung und der Internetnutzung verbundene Dienstleistungen zu erbringen. Auch wird Google diese Informationen gegebenenfalls an Dritte übertragen, sofern dies gesetzlich vorgeschrieben oder soweit Dritte diese Daten im Auftrag von Google verarbeiten. Google wird in keinem Fall Ihre IP-Adresse mit anderen Daten der Google in Verbindung bringen. Sie können die Installation der Cookies durch eine entsprechende Einstellung Ihrer Browser Software verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht sämtliche Funktionen dieser Website voll umfänglich nutzen können. Durch die Nutzung dieser Website erklären Sie sich mit der Bearbeitung der über Sie erhobenen Daten durch Google in der zuvor beschriebenen Art und Weise und zu dem zuvor benannten Zweck einverstanden.

9.7 Microsoft Clarity

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

10. Third party websites and services

Our website and service provides links to other websites and services, we do not review these sites and services, and therefore this Privacy Policy does not apply to third party websites and services. Please read their Privacy Policy before submitting any private information.

11. Data Processing (GDPR / DSGVO)

For European individuals, GDPR expands their data privacy rights and gives them more power to control their data. GDPR also requires compliance from companies that process the personal data of these European individuals. Ensuring our users’ data privacy and security has always been top priority to Summarize.One’s product development and business. As your service provider to enhance your email experience, we make sure to evaluate all our practices to safeguard your information as effectively as possible. As a German company, Summarize.One will be fully GDPR compliant. If you have any questions about GDPR or our data practices generally, please contact our data protection officer Tobias Knobl ([email protected]).

11.1 Authorized employees

We ensure that all authorized employees who can access personal data are made aware of the confidential nature of personal data and have executed confidentiality agreements that prevent them from disclosing or otherwise processing, both during and after their engagement with Summarize.One, any personal data except in accordance with their obligations in connection with the Services. We don’t allow humans to read message, voice, contact and non-public account data and any other user data created in Summarize.One unless doing so is necessary for security purposes such as investigating abuse or to comply with applicable law.

11.2 Authorized subcontractors

Summarize.One may engage authorized Subcontractors to access and process personal data in connection with the Services and from time to time engage additional third parties for the purpose of providing the Services, including without limitation the processing of personal data. At least ten (10) days before enabling any third party other than authorized subcontractors to access or participate in the processing of personal data, Summarize.One will add such third party to the List.

  • OpenAI
  • AWS Webservices

11.3 Duration of Processing

We retain personal data about you for as long as you have an open account with us. In some cases we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation.

11.4 Security of personal data

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of Processing Personal Data.

11.5 Access personal data

You can request more information about the personal data we hold about you and request a copy of such personal data by contacting us via email [email protected]

11.6 Erase personal data

You can request that we erase some or all of your personal data from our systems.

11.7 Portability of personal data

You can ask for a copy of your personal data in a machine-readable format. You can also request that we transmit the data to another service.

11.8 Data processing agreement

If you are using Summarize.One as a customer and have agreed to our terms of service, you do not need to sign an additional Data Protection Agreement. If you are a partner or a customer who needs further documentation of compliance with Summarize.One acting as a Processor, Summarize.One offers Data Processing Agreements (DPAs) to users upon request. Please email us for more information [email protected]

Please note that our DPA has been tailored to the way Summarize.One provides its service.

12. Protecting your information

We take the security of your personal information very seriously and have implemented policies and procedures, including technical measures, that are designed to help safeguard it. While we strive to use best practices to protect your personal information, the Internet and computer technology are not 100% secure and we cannot absolutely ensure the security of any personal information that you provide to us. In line with this philosophy, we try to get as little information from you as possible.

13. Reasons for information disclosure

We do not sell, rent, loan, or lease your contact information to others, unless we have your specific permission to do so or we are required by law or litigation to disclose your personal information. We may also find it necessary to disclose information about you if we determine that it is an issue concerning national security, law enforcement, or other issues of public importance.

14. Vulnerability Disclosure

If you have discovered an issue which you believe is an in-scope security vulnerability, please email [email protected] including:

The website or service in which the vulnerability exists. A brief description of the class (e.g. “XSS vulnerability”) of the vulnerability. Please avoid including any details which would allow reproduction of the issue at this stage. In accordance with industry convention, we ask that reporters provide a benign (i.e. non-destructive) proof of exploitation wherever possible. This helps to ensure that the report can be triaged quickly and accurately whilst also reducing the likelihood of duplicate reports and/or malicious exploitation for some vulnerability classes (e.g. sub-domain takeovers). Please ensure that you do not send your proof of exploit in the initial, plaintext email if the vulnerability is still exploitable. If you are in any doubt or have any question, please email [email protected] for advice. In response to your initial email to [email protected] you will receive an acknowledgement reply email from the Summarize.One Security Team, this is usually within 24 hours of your report being received. The acknowledgment email will include a ticket reference number which you can quote in any further communications with our Security Team. Following the initial contact, our Security Team will work to triage the reported vulnerability and will respond to you as soon as possible to confirm if further information is required. From this point, necessary remediation work will be assigned to the appropriate Summarize.One teams and/or supplier(s). Priority for bug fixes and/or mitigations will be assigned based on the severity of impact and complexity of exploitation. Vulnerability reports may take some time to triage and/or remediate. Our Security Team will notify you when the reported vulnerability is resolved and will ask you to confirm that the solution covers the vulnerability adequately.

15. Changes to this data protection policy

Summarize.One reserves the right to adapt its security and data protection measures, provided this is necessary as a result of technical or legal developments. In these cases, we will also update our data protection information accordingly. Please make sure, therefore, that you always use the latest version of our data protection declaration.

16. Privacy questions and contact

If you do not want us to keep you up to date with our news, you are free to contact us at any time and have your e-mail address removed from our mailing list. We do not target any information towards children. If you have any comments or concerns about our Privacy Policy, please contact us ([email protected]).

We reserve the right to change this policy, which we’ll do through online posting.

Last updated: 26th May, 2023