Web Privacy Policy

Notice: This privacy policy only applies to our homepage and the Styles & Themes website.
If you are looking for the privacy policy of our app, please follow this link.

Introduction

At Ulysses, we respect your privacy. We believe that the less we know about you, the better; that is why we aim to limit the information we collect to the minimum necessary. The purpose of this privacy policy (“Privacy Policy”) is to inform you in detail what personally identifiable information or personal information we collect from you when you use our website, how we use such information, and the choices you have regarding our use of, and your ability to review and correct, the information.

We reserve the right to change this policy, which we will do through online posting. We use your data solely to provide you with services in which you enroll.

For purposes of this Privacy Policy, the terms “Ulysses”, “we,” “us” and “our” refer to the company Ulysses GmbH & Co. KG; the term “website” refer to the Ulysses website and related services; and “you” refers to you, as a user of the website as applicable.

Who We Are

Ulysses GmbH & Co. KG is a German company located in Peterssteinweg 10, 04107 Leipzig. We comply with the European law for Data Protection (“GDPR”).

What Information We Collect and How We Use It

We collect solely information that is necessary to provide you with our services and to improve our website. We do not share these data with third party services (e.g., Google or Facebook) for the purpose of advertising.

Styles & Themes Account Information. To allow the users of our app to exchange Ulysses styles and themes, we offer a website called Styles & Themes. If you want to upload a style or a theme on this website, you need to create an account. To manage your Styles & Themes account, we store the email address or social media handle you used for sign-in, as well as associated credentials like passwords or authentication tokens. – Legal basis Art. 6(1)(b) GDPR

Website Analytics (Optional). To improve our website, we use the web analytics software Matomo to collect pseudonymized data about the time of your visit, the pages you visit, as well as the device and browser you are using. – Legal basis Art. 6(1)(f) GDPR

Loading …

Website Diagnostics (Anonymized). To improve our websites and quickly identify problems we collect anonymized data about client and server side errors. This includes the time, the browser and diagnostic data on the cause of the error. – Legal basis Art. 6(1)(f) GDPR

Email Newsletter Subscription (Optional). To inform you about new features, releases and blog posts, we offer a newsletter for which you can subscribe with your email address. We use MailJet to manage and send our newsletter. Your email address is stored by MailJet as long as you are subscribed to our newsletter. You can unsubscribe from our newsletter by clicking on the unsubscribe link provided at the end of the newsletter. You can also contact us to unsubscribe or to update your email address. – Legal basis Art. 6(1)(a) GDPR.

Cookies. We use cookies for the following purposes:

• Website Analytics to identify you as a visitor.
• Website Analytics Consent to store your consent regarding the analytics tracking.
• Styles & Themes Authentication to check your login status.

Email, Social Media and App Store/Setapp Reviews. We offer several channels for contacting us: The contact form on our website, our company mail addresses, our accounts on social media services and reviews on the App Store or on Setapp. When contacting us, your message will be forwarded and stored by our customer support systems. We store your messages for further reference for two years – Legal basis Art. 6(1)(f) GDPR. Additionally, we are legally required to archive all emails for ten years without having direct access to them – Legal basis Art. 6(1)(c) GDPR. Please also refer to the privacy statement of any involved third-party service, such as social media services, the App Store or Setapp.

Mastodon. Whenever you mention one of our accounts via Mastodon, our server will store your message as well as some public information from your Mastodon profile and timeline – Legal basis Art. 6(1)(b) GDPR. Direct messages on Mastodon are also not end-to-end encrypted and can be accessed publically. We will forward your mentions and direct messages as an email to our customer support mailbox – Legal basis Art. 6(1)(f) GDPR. See section “Email, Social Media and App Store/Setapp Reviews” for further details.

Where We Store Your Data

Style & Themes Content and Account information. Your Styles & Themes content is stored on our servers hosted by Hetzner and can be viewed and downloaded on the Styles & Themes website. If you would like to delete your account you can go to your profile settings and press the „Delete Account“ button.

Website Analytics (Optional). The usage data and device information are stored with a pseudonymized cookie ID on our own servers hosted by Melting Mind. If you want us to delete all tracked data, please send a message to help@ulysses.app.

Website Diagnostics (Anonymized). The anonymized data about client and server side errors is sent to Sentry.

Email, Social Media and App Store/Setapp Reviews. All messages sent to us are stored by Melting Mind and Front. Additionally, we are legally required to archive all emails for ten years without having direct access to them. This archive is stored by Melting Mind.

Volume Licensing (License Holders). The following applies to volume license holders only: Your account is stored on our servers hosted by Heroku. Your account contains your name, email address, postal code, details of your selected payment method, status of running and past subscriptions as well as invoices and the email addresses and device type and device identifiers of your seat users. This information is also stored and processed by our billing provider Paddle. - Legal basis Art. 6(1)(b) GDPR

If you are using Ulysses through volume licensing seat, please refer to our App Privacy Policy for details.

How Long We Store Your Data For

We store your data for as long as German law requires, or as is necessary for the fulfillment or the initiation of a contract, or as long as we claim legitimate interests. After the expiration of that period, the corresponding data is routinely deleted or completely anonymized. We have detailed some of the deletion periods under “Where We Store Your Data” and “What Information We Collect and How We Use It”. When not stated otherwise, statistical and diagnostic data is generally never deleted.

We clarify that the provision of personal data is partly required by law (e.g., tax regulations) or can result from contractual provisions (e.g., information on the contractual partner).

Data Processors

Depending on the usage of our services your personal data might be processed by the following services:

MailJet

Newsletter service provided by MailJet, France.

Personal Data: Email address of newsletter subscribers
Location of Data Processing: EU, USA

Front

Help desk software provided by FrontApp, Inc.

Personal Data: Support emails
Location of Data Processing: USA

Melting Mind

Email and web server hosting company.

Personal Data: Email traffic
Location of Data Processing: Germany

Hetzner

Web server hosting company.

Personal Data: Styles & Themes account data; Mastodon messages
Location of Data Processing: Germany

Sentry

Error tracking service.

Personal Data: Error messages (anonymized)
Location of Data Processing: USA

Paddle

Billing service (volume licensing only).

Personal Data: Name, e-mail-address, invoices, subscription status, payment details (credit card number or PayPal account)
Location of Data Processing: United Kingdom

Heroku

Hosting service provided by Heroku, Inc.

Personal Data: Account data for volume licensing
Location of Data Processing: EU

Your Privacy Rights (Under GDPR)

Right to Access. You can request Ulysses to provide you with information on how we collect, use, and store your personal information, and to provide you with a copy of your personal information we store.

Right of Rectification. You can request that we correct inaccurate information about you.

Right to Delete. You can request that we delete information collected about you, given that we are not required by law to preserve it, that it is not necessary for contract fulfillment, and that we can still identify your records.

Right to Object. You can object to the processing of your information in certain cases, as well as request that Ulysses does not use your personal information for direct marketing purposes.

Right to Data Portability. If requested, we will provide you all data under our control in common, machine-readable formats. If requested, we will provide you with instructions to obtain your data, in cases where we do not have direct access.

Responsible Body for Data Privacy

Responsible body for the processing of personal data within the meaning of the law. Art. 4 (7) GDPR:

Ulysses GmbH & Co. KG
Peterssteinweg 10
04107 Leipzig
Germany

Email: privacy@ulysses.app

Data Protection Officer

Jan Marschner, LL.M.
Markt 9
04109 Leipzig
Germany
E-Mail: jm@datenschutzbeauftragter-leipzig.de

Contacting You

We may use your contact information to communicate with you about our product, diagnostic data and error reports, provide support, and send you other information such as product updates and announcements. You can opt out of news and announcements by unsubscribing from our newsletter.

Breach Notification

If the confidentiality of customer data is breached, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the events without undue delay. At a bare minimum, we must inform the applicable supervisory authorities as required by law and regulation.

Consent for Underage Enrollment

Those under the age of 16 may not use the services without the consent or authorization of their parent or legal custodian.

Updates to Our Privacy Policy

At our discretion, we may make changes to this Policy and note the date of the last revision. You should check here frequently if you need to know of updates to our Privacy Policy. We maintain the right to inform you of substantive changes via email. Previous versions of this page will be made available.

Glossary

Ulysses

Ulysses (or sometimes “we”, “us” or “our”) refers to the company Ulysses GmbH & Co. KG.

Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to an identified or identifiable natural person without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Last updated: May 12th, 2023