We reserve the right to change this policy, which we will do through online posting. We use your data solely to provide you with services in which you enroll.
Who We Are
Ulysses GmbH & Co. KG is a German company located in Peterssteinweg 10, 04107 Leipzig. We comply with the European law for Data Protection (“GDPR”).
What Information We Collect and How We Use It
We collect solely information that is necessary to provide you with our services and to improve our website. We do not share these data with third party services (e.g., Google or Facebook) for the purpose of advertising.
Styles & Themes Account Information. To allow the users of our app to exchange Ulysses styles and themes, we offer a website called Styles & Themes. If you want to upload a style or a theme on this website, you need to create an account. To manage your Styles & Themes account, we store the email address or social media handle you used for sign-in, as well as associated credentials like passwords or authentication tokens. – Legal basis Art. 6(1)(b) GDPR
Website Analytics (Optional). To improve our website, we use the web analytics software Matomo to collect pseudonymized data about the time of your visit, the pages you visit, as well as the device and browser you are using. – Legal basis Art. 6(1)(f) GDPR
Website Diagnostics (Anonymized). To improve our websites and quickly identify problems we collect anonymized data about client and server side errors. This includes the time, the browser and diagnostic data on the cause of the error. – Legal basis Art. 6(1)(f) GDPR
Email Newsletter Subscription (Optional). To inform you about new features, releases and blog posts, we offer a newsletter for which you can subscribe with your email address. We use MailJet to manage and send our newsletter. Your email address is stored by MailJet as long as you are subscribed to our newsletter. You can unsubscribe from our newsletter by clicking on the unsubscribe link provided at the end of the newsletter. You can also contact us to unsubscribe or to update your email address. – Legal basis Art. 6(1)(a) GDPR.
- Website Analytics to identify you as a visitor.
- Website Analytics Consent to store your consent regarding the analytics tracking.
- Styles & Themes Authentication to check your login status.
Email, Social Media and App Store/Setapp Reviews. We offer several channels for contacting us: The contact form on our website, our company mail addresses, our accounts on social media services and reviews on the App Store or on Setapp. When contacting us, your message will be forwarded and stored by our customer support systems. We store your messages for further reference for two years – Legal basis Art. 6(1)(f) GDPR. Additionally, we are legally required to archive all emails for ten years without having direct access to them – Legal basis Art. 6(1)(c) GDPR. Please also refer to the privacy statement of any involved third-party service, such as social media services, the App Store or Setapp.
Mastodon. Whenever you mention one of our accounts via Mastodon, our server will store your message as well as some public information from your Mastodon profile and timeline – Legal basis Art. 6(1)(b) GDPR. Direct messages on Mastodon are also not end-to-end encrypted and can be accessed publically. We will forward your mentions and direct messages as an email to our customer support mailbox – Legal basis Art. 6(1)(f) GDPR. See section “Email, Social Media and App Store/Setapp Reviews” for further details.
Where We Store Your Data
Style & Themes Content and Account information. Your Styles & Themes content is stored on our servers hosted by Hetzner and can be viewed and downloaded on the Styles & Themes website. If you would like to delete your account you can go to your profile settings and press the „Delete Account“ button.
Website Analytics (Optional). The usage data and device information are stored with a pseudonymized cookie ID on our own servers hosted by Melting Mind. If you want us to delete all tracked data, please send a message to firstname.lastname@example.org.
Website Diagnostics (Anonymized). The anonymized data about client and server side errors is sent to Sentry.
Email, Social Media and App Store/Setapp Reviews. All messages sent to us are stored by Melting Mind and Front. Additionally, we are legally required to archive all emails for ten years without having direct access to them. This archive is stored by Melting Mind.
Volume Licensing (License Holders). The following applies to volume license holders only: Your account is stored on our servers hosted by Heroku. Your account contains your name, email address, postal code, details of your selected payment method, status of running and past subscriptions as well as invoices and the email addresses and device type and device identifiers of your seat users. This information is also stored and processed by our billing provider Paddle. - Legal basis Art. 6(1)(b) GDPR
How Long We Store Your Data For
We store your data for as long as German law requires, or as is necessary for the fulfillment or the initiation of a contract, or as long as we claim legitimate interests. After the expiration of that period, the corresponding data is routinely deleted or completely anonymized. We have detailed some of the deletion periods under “Where We Store Your Data” and “What Information We Collect and How We Use It”. When not stated otherwise, statistical and diagnostic data is generally never deleted.
We clarify that the provision of personal data is partly required by law (e.g., tax regulations) or can result from contractual provisions (e.g., information on the contractual partner).
Depending on the usage of our services your personal data might be processed by the following services:
Newsletter service provided by MailJet, France.
Personal Data: Email address of newsletter subscribers
Location of Data Processing: EU, USA
Help desk software provided by FrontApp, Inc.
Personal Data: Support emails
Location of Data Processing: USA
Email and web server hosting company.
Personal Data: Email traffic
Location of Data Processing: Germany
Web server hosting company.
Personal Data: Styles & Themes account data; Mastodon messages
Location of Data Processing: Germany
Error tracking service.
Personal Data: Error messages (anonymized)
Location of Data Processing: USA
Billing service (volume licensing only).
Personal Data: Name, e-mail-address, invoices, subscription status, payment details (credit card number or PayPal account)
Location of Data Processing: United Kingdom
Hosting service provided by Heroku, Inc.
Personal Data: Account data for volume licensing
Location of Data Processing: EU
Your Privacy Rights (Under GDPR)
Right to Access. You can request Ulysses to provide you with information on how we collect, use, and store your personal information, and to provide you with a copy of your personal information we store.
Right of Rectification. You can request that we correct inaccurate information about you.
Right to Delete. You can request that we delete information collected about you, given that we are not required by law to preserve it, that it is not necessary for contract fulfillment, and that we can still identify your records.
Right to Object. You can object to the processing of your information in certain cases, as well as request that Ulysses does not use your personal information for direct marketing purposes.
Right to Data Portability. If requested, we will provide you all data under our control in common, machine-readable formats. If requested, we will provide you with instructions to obtain your data, in cases where we do not have direct access.
Responsible Body for Data Privacy
Responsible body for the processing of personal data within the meaning of the law. Art. 4 (7) GDPR:
Ulysses GmbH & Co. KG
Data Protection Officer
Jan Marschner, LL.M.
We may use your contact information to communicate with you about our product, diagnostic data and error reports, provide support, and send you other information such as product updates and announcements. You can opt out of news and announcements by unsubscribing from our newsletter.
If the confidentiality of customer data is breached, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the events without undue delay. At a bare minimum, we must inform the applicable supervisory authorities as required by law and regulation.
Consent for Underage Enrollment
Those under the age of 16 may not use the services without the consent or authorization of their parent or legal custodian.
Ulysses (or sometimes “we”, “us” or “our”) refers to the company Ulysses GmbH & Co. KG.
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to an identified or identifiable natural person without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Last updated: May 12th, 2023