Privacy Policy

Last updated: November 06, 2024

Privacy Policy of data cybernetics ssc GmbH

The protection of your personal data is very important to us. In this privacy policy, you will find all information about the registration process, including the collection and processing of your personal data when visiting our website and subscribing to our newsletter.

1. Controller

We, data cybernetics ssc GmbH (in the following “we” or “us”), are the controller and therefore responsible for the data processing activities in connection with the registration process:

data cybernetics ssc GmbH, a company registered at the Local Court of Augsburg (Amtsgericht Augsburg) und HRB 36687,

with a registered address at Martin-Kolmsperger-Str 26, 86899 Landsberg am Lech, Germany.

If you have any question regarding the processing of personal data in context of the registration process or if you want to exercise your rights pursuant to section 6 of this privacy policy, please contact us via e-mail under privacy@data-cybernetics.com.

2. Personal Data we Process & Legal Basis for Processing

2.1 Website

When you visit our website, we collect technical usage data such as IP-addresses, time and date of the visit, time spent on the website, and which content you watched, and by which way you got to us. Purpose of processing is to analyse the visits on our website so we can improve and optimize the functionality and stability of it.

Legal basis for processing is our legitimate interest to continuously improve and work on our website functionality, Art. 6 (1) (f) GDPR (General Data Protection Regulation, „GDPR“).

2.2 Newsletter

If you wish to subscribe to our newsletter, we offer a double opt-in process to ensure your explicit consent and data protection. When you enter your email address in our newsletter registration form, you will first be asked to check a consent checkbox that is not pre-selected. This checkbox confirms your understanding and agreement to receive our newsletter. Immediately after submission, a confirmation email will be sent to the provided email address. Only after you click the verification link in this confirmation email will you be added to our newsletter distribution list. This two-step process ensures that:

  • Only the actual email address owner can confirm subscription
  • You have a clear opportunity to verify your intent to receive newsletters
  • Your email address is protected from unauthorized registration

You can withdraw your newsletter consent at any time by clicking the unsubscribe link in any newsletter or by sending a withdrawal request to our data protection contact privacy@data-cybernetics.com. We will immediately remove your email address from our newsletter list upon receipt of your withdrawal.

The legal basis for this newsletter processing is your explicit consent which you provide through the double opt-in procedure, according to Art. 6 (1) (a) GDPR (General Data Protection Regulation, „GDPR“).

3. Retention

In general, we will only process your personal data to the extent necessary to fulfil its purpose. When we no longer need the data to fulfil our contractual or legal obligations, the data will be removed from our systems and records and/or measures will be taken to anonymise your personal data so that it is no longer identifiable.

4. Recipients of Personal Data

4.1 We only share your personal data to other third parties:

  • insofar as this is necessary or useful for the provision, performance, processing of the registration process,
  • insofar as we have been given the consent by you to do so,
  • to the extent that we commission service providers to operate the website or to provide the registration process, who process personal data on our behalf and in accordance with our instructions, or
  • insofar as this is required by mandatory legal provisions.

4.2 We use the below listed external technical or other service providers to provide IT and other administrative support for the provision of our website and the registration process. These service providers may have access to your personal data to the extent necessary to provide such services. Any access to your personal data is limited to those who need the information to complete our or your requests.

4.3 Purpose of processing and transferring your personal data to these service providers is the performance of our contract with you or the implementation of pre-contractual measures.

Legal basis for these data transfers is Art. 6 (1) (b) GDPR.

To the extent necessary, the service providers engaged by us process your personal data as data processors in accordance with our instructions for the purposes stated in this privacy policy. They are contractually obliged to comply with the applicable statutory data protection provisions and our instructions (pursuant to Art. 28 GDPR). The same applies to any subprocessors to the extent that our processors use such with our prior consent.

4.4 We use the following service providers:

4.4.1 Amazon Web Services. We use Amazon Web Services EMEA SARL (“AWS”), 38 avenue John F. Kennedy, L-1855 Luxembourg, for hosting services. AWS may have access to your personal data to the extent necessary to provide its services. We have chosen that the data is processed and stored on a server in the European Union; however, we have no impact whether your personal data is transferred to other countries outside the EU. AWS relies inter alias on the EU Standard Contractual Clauses to ensure an adequate level of data protection.

For more information, please refer to the privacy note of AWS.

4.4.2 Slack. We use Slack Technologies Limited, Salesforce Tower, 60 R801, North Dock, Dublin, Ireland, for relaying messages from the contact form. Slack may have access to your personal data to the extent necessary to provide its services. Slack relies inter alias on the EU Standard Contractual Clauses to ensure an adequate level of data protection.

For more information, please refer to the privacy note of Slack.

4.4.3 NextCloud by RackSpeed GmbH. We use a NextCloud Server, provided by rackSPEED GmbH, Reisholzer Werftstraße 31b, 40589 Düsseldorf for storage of documents like offers, quotes and contracts. rackSPEED provides a hosting service based in Germany. RackSPEED may have access to your personal data to the extent necessary to provide the service.

For more information, please refer to rackSPEED’s privacy policy here.

4.4.4 Google Workspace. We use Google Workspace, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for handling e-mails, including the newsletter. Google may have access to your personal data to the extent necessary to provide its services. We have chosen that the data is processed and stored on a server in the European Union; however, we have no impact whether your personal data is transferred to other countries outside the EU.

For more information, please refer to Google Workspace privacy policy here.

4.4.5 Hetzner Online GmbH. We use a Hetzner Cloud Services, provided by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, for storing and processing the mailing list for the newsletter. Hetzner provides a hosting service based in Germany. Hetzner may have access to your personal data to the extent necessary to provide the service.

For more information, please refer to Hetzner’s privacy policy here.

5. Transfer of Personal Data

We do not intend to transfer your personal data outside the European Union. However, as mentioned above, we have no control whether the engaged service providers may transfer your personal data in other countries outside the European Union.

For some countries, such as the Unites States of America, Switzerland and Israel, the EU Commission has issued an adequacy decision that provides the same data protection level as the EU. Based on the adequacy decision, there is no need for an extra agreement or approval for the data transfer.

In other countries, a comparable data protection level does not exist.

If we or the engaged service provider may transfer your personal data outside the European Union, we will ensure before transferring it either that an adequate level of data protection exists at the recipient (by agreeing so-called EU standard contractual clauses with the recipient or binding internal data protection regulations within the meaning of Art. 47 GDPR) or that you have given your explicit consent.

6. Your Rights as Data Subject

6.1 Right of access

You can request information pursuant to Art 15 GDPR about your personal data processed by us. In this case, we ask you to specify your request in order to make it easier for us to compile the necessary data.

6.2 Right to rectification

If your personal data is not or no longer accurate, you can request a rectification in accordance with Art 16 GDPR. If your data is incomplete, you can request to complete it.

6.3 Right to erasure

You can request the deletion of your personal data under the conditions of Art 17 GDPR. Your right to erasure depends on whether your personal data is still needed to fulfil our legal duties.

6.4 Right to restriction of processing

Within the framework of the requirements of Art 18 GDPR, you can request a restriction of the processing of your personal data.

6.5 Right to data portability

You can request to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format under the requirements of Art 20 GDPR.

6.6 Right to object

In accordance with Art 21 GDPR, i.e., where the processing is based on our legitimate interest, you can object to the processing of your personal data at any time on grounds relating to your particular situation. However, we cannot always comply with this, e.g., if legal provisions oblige us to process in order to fulfil our legal duties.

6.7 Right to complain

If you think that we have not complied with data protection regulations when processing your data, you can lodge a complaint with us or with a data protection authority.