Privacy Policy

8.1 Google Tag Manager

We use Google Tag Manager on our website to control the delivery of services.

Purpose: Google Tag Manager allows us to manage website tags via an interface without having to change the website code. The service itself does not store any personal data, but only controls the delivery of configured services.

Processed data: When the service is accessed, your IP address is transmitted to Google.

Third country transfer: Google is certified under the EU-US Data Privacy Framework.

• EU-US Data Privacy Framework
• Google Privacy Policy

8.2 Google Analytics 4

We use Google Analytics 4, a web analysis service, to analyse and improve the use of our website.

Purpose: Analysis of user behaviour, creation of reports on website activities, optimisation of our web offering.

Processed data:

• IP address (anonymised)
• Visited pages
• Time spent
• Device and browser information
• Referrer URL
• Approximate location (based on IP address)

IP anonymisation: We have activated IP anonymisation. As a result, your IP address is shortened within member states of the EU or EEA before being transmitted to Google servers.

Google Consent Mode V2: We use Basic Consent Mode. Google Analytics is only loaded after you give your consent.

Cookies: _ga, _ga_*, _gid (storage period: up to 2 years)

Third country transfer: Google is certified under the EU-US Data Privacy Framework.

Opt-out:

• Browser add-on to deactivate Google Analytics
• Via our cookie settings

Data Processing Agreement: We have concluded a data processing agreement with Google.

• Google Privacy Policy
• Google Analytics Terms of Service

8.3 Microsoft Clarity

To improve the user-friendliness of our website, we use Microsoft Clarity.

Purpose: Analysis of user behaviour through session recordings and heatmaps to improve the usability of our website and identify problems.

Processed data:

• Movements and clicks of the mouse
• Scroll behaviour
• Visited pages
• Device and browser information
• IP address (anonymised)

Third country transfer: Microsoft is certified under the EU-US Data Privacy Framework.

• Microsoft Privacy Statement
• Clarity Documentation

8.4 HubSpot Analytics

As part of our use of HubSpot, we also utilise analysis functions.

Purpose:

• Analysis of user behaviour on the website
• Tracking of page views and interactions
• Lead scoring and conversion tracking

Processed data:

• Visited pages
• Time spent
• Click behaviour
• Referrer information
• Device and browser information

Third country transfer: HubSpot, Inc. is certified under the EU-US Data Privacy Framework.

Further information: HubSpot Privacy Policy

9.1 Google Ads and Conversion Tracking

We use Google Ads to display advertising on external websites and to measure the effectiveness of our advertising campaigns.

Purpose:

• Placing advertisements on Google and partner sites
• Measuring advertising effectiveness (conversion tracking)
• Remarketing (re-targeting website visitors)

Processed data:

• IP address
• Cookie ID
• Conversion data (which actions were performed after clicking on an advert)

Cookies & Local Storage: _gcl_*, gclid (URL parameter), _gcl_ls (local storage, unlimited storage), _gcl_au

Third country transfer: Google is certified under the EU-US Data Privacy Framework.

Opt-out:

• Google Ads Settings
• Network Advertising Initiative

9.2 Google Ads remarketing

We use Google's remarketing function to present visitors to our website with interest-based advertising on other websites in the Google Display Network.

Purpose: Addressing users who have already visited our website with personalised advertisements.

Processed data:

• Cookie ID
• Pages visited on our website
• Interactions with advertisements

Opt-out: https://www.google.com/settings/ads

9.3 Leadfeeder / Dealfront

We use Leadfeeder (Dealfront) for B2B lead generation.

Website: https://www.dealfront.com
Privacy Policy: https://www.dealfront.com/privacy/

Purpose: Identification of companies that visit our website for business-to-business sales purposes.

Processed data:

• IP address
• Pages visited
• Time spent
• timestamp
• Referrer URL
• Browser and device information

Used domains: lfeeder.com

Cookies: _lfa (1 year), _lfa_consent (2 years), _lfa_test_cookie_stored (session)

Cookieless mode: Leadfeeder also functions without cookies (without recognising returning visitors).

Note: Leadfeeder is only activated on our website after your active consent. The interest in protecting your data outweighs our legitimate interest in lead generation.

Data transmission: Germany/EU, NO third country transfer

• Dealfront Privacy Policy
• Tracker Documentation

Opt-out: Leadfeeder opt-out

9.4 LinkedIn Insight Tag and LinkedIn Ads

We utilise the LinkedIn Insight Tag and LinkedIn Ads advertising and analysis functions.

Purpose:

• Placing personalised advertisements on LinkedIn
• Analysis of advertising effectiveness
• Retargeting (re-targeting website visitors)
• Conversion tracking

Processed data:

• LinkedIn User ID (Cookie ID)
• Anonymised IP address
• Website visit metadata (browser type, pages visited)

Third country transfer: LinkedIn is certified under the EU-US Data Privacy Framework.

Opt-out: LinkedIn retargeting opt-out

• LinkedIn Privacy Policy
• LinkedIn Cookie Policy

10.1 Bunny CDN and Bunny Stream

We use the content delivery network Bunny CDN and the video streaming service Bunny Stream on our website.

Website: https://bunny.net
Privacy Policy: https://bunny.net/privacy/

Purpose:

• Accelerated delivery of website content
• Video hosting (Bunny Stream)
• Reducing server load
• Improved loading times worldwide

Server location: Bunny.net uses cloud storage in Germany, which is directly integrated into the CDN.

Used domains:

• b-cdn.net: CDN delivery
• mediadelivery.net: CDN delivery
• metrics-bunny.net: Streaming metrics

Note: These domains are automatically used by Bunny CDN and Bunny Stream. No separate cookie storage or user tracking takes place.

Processed data:

• IP address
• Date and time of access
• Requested pages/files
• Browser information

11.1 HubSpot

We use the integrated HubSpot software solution for our marketing, lead generation, sales processes and customer service purposes.

Website: https://www.hubspot.com
Privacy Policy: https://legal.hubspot.com/privacy-policy

HubSpot includes:

• CMS: Content management system for websites, blog posts and landing pages
• Email marketing: Sending newsletters and automated mailings
• Social media: Publishing and advertising management
• Forms: Contact forms, newsletter registration, event registrations
• CRM: Contact management, user segmentation, sales and support
• Analytics: Reporting and analysis of all collected data

Server location: Content is hosted in data centres at the EU Frankfurt location.

Processed data:

• Contact details (name, email, telephone number)
• Company information
• Website interactions
• Email interactions
• Form entries

Data Processing Agreement: We have concluded a data processing agreement with HubSpot.

Third country transfer: HubSpot, Inc. is certified under the EU-US Data Privacy Framework.

Sub-processors: A list of HubSpot sub-processors can be found at: https://legal.hubspot.com/sub-processors-page

• HubSpot Privacy Policy
• Data Processing Agreement
• Trust Centre

12.1 Contact via email

You can contact us via email. In this case, the personal data transmitted with the email will be stored.

Processed data:

• Email address
• Name (if provided)
• Message content
• Date and time of the message

Storage period: The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended.

12.2 Contact Form

If you contact us via the contact form on our website, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions.

Processed data:

• Name
• Email address
• Message content
• Date and time of the message
• IP address (for security purposes)

Storage period: The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case when the respective conversation with the user has ended.

12.3 Email sending via Mailjet (FluentSMTP)

For sending transactional emails and newsletters, we use Mailjet. The connection to the Mailjet SMTP server is established via the WordPress plugin FluentSMTP.

Website: https://www.mailjet.com / https://fluentsmtp.com
Privacy Policy: Mailjet Privacy Policy

Purpose: Sending transactional emails and newsletters.

Processed data:

• Email address
• Name
• Opening and click behaviour

Note: FluentSMTP is a local WordPress plugin that establishes the connection to the SMTP server. The actual email delivery is handled by the configured SMTP service (Mailjet).

Data Processing Agreement: We have concluded a data processing agreement with Mailjet.

13.1 TranslatePress

To provide our website in multiple languages, we use the WordPress plugin TranslatePress.

Website: https://translatepress.com
Privacy Policy: https://translatepress.com/privacy-policy/

Purpose: Multilingual provision of website content, storage of language preference.

Processed data: Selected language setting (cookie)

Note: TranslatePress stores translations locally in our WordPress database. No data is transmitted to external translation services.

14.1 WordPress.org / Automattic

Our WordPress installation automatically establishes connections to WordPress.org.

Website: https://wordpress.org
Privacy Policy: https://wordpress.org/about/privacy/

Purpose:

• Checking for updates for WordPress core, themes and plugins
• Security updates
• Block directory for the block editor

Processed data:

• WordPress version
• PHP version
• Plugins and themes installed
• Website address
• Server IP address

Third country transfer: Automattic is certified under the EU-US Data Privacy Framework.

14.2 Elementor

We use the Elementor page builder to design our website.

Website: https://elementor.com
Privacy Policy: https://elementor.com/about/privacy-policy/

Purpose: Visual design and editing of website content.

Note: Elementor primarily operates locally on our servers. Certain functions (e.g. template library) may establish connections to Elementor servers.

Third country transfer: Israel has an adequacy decision from the EU Commission.

15.1 Wordfence

To protect our website from attacks and security threats, we use the Wordfence security plugin.

Website: https://www.wordfence.com
Privacy Policy: https://www.wordfence.com/privacy-policy/

Purpose:

• Firewall to protect against attacks
• Malware scanner
• Login security
• Defence against threats in real time

Processed data:

• IP addresses of visitors
• Login attempts
• Suspicious activities
• Request patterns

Third country transfer: Wordfence uses a Threat Defence Feed that exchanges threat data with servers in the USA. This is necessary for the security function.

16.1 PayPal

We offer the option to process the payment via the payment service provider PayPal.

Website: https://www.paypal.com
Privacy Policy: https://www.paypal.com/privacy

Purpose: Processing online payments.

Processed data:

• Payment details
• Contact details
• Order data
• IP address

16.2 Klarna

We offer various payment options from Klarna (e.g. purchase on account, instalment purchase).

Website: https://www.klarna.com
Privacy Policy: https://www.klarna.com/privacy/

Purpose: Processing payments via purchase on account, instalment purchase or instant transfer.

Processed data:

• Contact details (name, address, email)
• Order data
• Information regarding payment
• For credit checks: data from credit agencies

Credit check: Klarna performs a credit check for certain payment methods.

17.1 Links to social media profiles

This website contains links to our profiles on social media platforms. These are simple links, not social media plugins. When you click on these links, you will be redirected to the respective platforms. Only then do the privacy policies of the respective providers apply.

LinkedIn

Website: https://www.linkedin.com
Privacy Policy: https://www.linkedin.com/legal/privacy-policy

YouTube

Website: https://www.youtube.com
Privacy Policy: YouTube Privacy

Facebook

Website: https://www.facebook.com
Privacy Policy: https://www.facebook.com/privacy/

Instagram

Website: https://www.instagram.com
Privacy Policy: Instagram Privacy

17.2 Facebook social plugins

We use Facebook social plugins to effectively inform and support our customers and prospects.

Purpose: Integration of Facebook functions such as the Like button, Share button or comment functions.

Processed data:

• IP address
• Browser information
• Facebook user ID (if logged in)

Third country transfer: Meta is certified under the EU-US Data Privacy Framework.

Further information: Facebook Privacy Policy

18.1 Google Maps

We embed maps from Google Maps on our website.

Purpose:

• Display of interactive maps
• Location display
• Address validation

Processed data:

• IP address
• Location information
• Search queries
• Device and browser information

Third country transfer: Google is certified under the EU-US Data Privacy Framework.

19.1 Google Reviews API

We display reviews from Google on our website.

Purpose: Display of Google reviews on the website.

Processed data:

• IP address when accessing the API
• Review data (publicly available)

Third country transfer: Google is certified under the EU-US Data Privacy Framework.

• Google Places API
• Google Privacy Policy

19.2 ReviewForest Integration

We use ReviewForest to display aggregated reviews from various platforms.

Purpose: Aggregated display of reviews (Google, ProvenExpert, etc.)

Processed data:

• IP address
• Review data (publicly available)

Note: Provider details will be added as soon as they are available.

If you order goods or services from us, we collect and process personal data only to the extent necessary to fulfil your order, process your payment and deliver goods or services.

Processed data:

• Name and address
• Email address
• Telephone number (if necessary)
• Information regarding payment
• Order data (products, quantities, prices)

Data transfer to third parties: To fulfil the contract, your data may be passed on to the delivery company commissioned with the delivery and the credit institution commissioned with payment processing. The specific companies depend on your selected delivery and payment method.

Storage period: After complete processing of the contract and full payment, your data will be blocked for further use and deleted after expiry of tax and commercial retention periods (generally 10 years).

Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial retention periods); in the latter case, deletion takes place after these reasons no longer apply.

Under the applicable data protection law, you have comprehensive rights vis-à-vis us regarding your personal data. If you would like to exercise these rights, please contact us at the address given in Section 1 or contact our data protection officer.

22.1 Right to information (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information about this personal data and to the information specified in Art. 15 GDPR.

22.2 Right to rectification (Art. 16 GDPR)

You have the right to request from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request that incomplete personal data be completed, including by means of a supplementary statement.

22.3 Right to Erasure (Art. 17 GDPR)

You have the right to request that we delete personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.

22.4 Right to restriction of processing (Art. 18 GDPR)

You have the right to request that we restrict processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of our examination.

22.5 Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transmitted to a third party.

22.6 Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 para. 1 lit. f GDPR (data processing for the purposes of our legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

22.7 Right to withdraw consent (Art. 7 para. 3 GDPR)

If you have given us consent to process your data, you may revoke this at any time with effect for the future. The lawfulness of data processing carried out on the basis of the consent until revocation is not affected by this.

22.8 Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.

We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

Technical and organisational measures include:

• SSL/TLS encryption of data transmission
• Regular security updates and patches
• Firewall and intrusion detection systems (Wordfence)
• Contrôles d'accès et mécanismes d'authentification
• Regular backups
• Employee training on data protection

We only pass on your personal data to third parties if:

• You have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR,
• The disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.,
• There is a legal obligation for disclosure according to Art. 6 para. 1 lit. c GDPR, and
• This is legally permissible and, according to Art. 6 para. 1 lit. b GDPR, is necessary for the processing of contractual relationships with you.

For questions regarding data protection or to exercise your rights as a data subject, please contact:

Or contact our external data protection officer:

We reserve the right to change this privacy policy at any time with effect for the future. A current version is always available on this page. Please check the privacy policy regularly for updates.

This privacy policy is currently valid and dated 4 December 2025.