Privacy Policy

This is a convenience translation. The German version is the legally binding one.

Protecting your personal data matters to us. We process your data exclusively on the basis of the statutory provisions (the Datenschutz-Grundverordnung (GDPR), the BDSG and the TDDDG). In this privacy policy we inform you about the most important aspects of data processing on this website.

1. Controller

2. Your rights

Under the GDPR you have, in principle, the following rights: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to processing (Art. 21). You can withdraw any consent you have given at any time with effect for the future (Art. 7(3)). To do so, please use the contact details given above.

You also have the right to lodge a complaint with a supervisory authority. The competent authority is:

3. Hosting

This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. When you visit the website, technically necessary data (see server log files) are processed. The legal basis is our legitimate interest in providing the site securely and efficiently (Art. 6(1)(f) GDPR). Data are transferred to the USA on the basis of appropriate safeguards (EU standard contractual clauses or the EU-US Data Privacy Framework). Privacy notice: vercel.com/legal/privacy-policy.

4. Server log files

When you visit the website, information that your browser transmits is recorded automatically: browser type and version, operating system used, referrer URL, time of the request and the (truncated) IP address. These data serve the technical provision, security and stability of the site and are not merged with other data sources. Legal basis: Art. 6(1)(f) GDPR.

5. SSL/TLS encryption

For security reasons, this site uses TLS encryption. You can recognise an encrypted connection by the padlock symbol and the “https://” prefix in your browser’s address bar.

6. Enquiries via the contact form (start-up check / Gründungs-Check)

If you send us an enquiry via the form, we process the data you provide (name and email address as required fields, plus optionally your phone number, company, the services you selected and your founding stage) exclusively to handle your enquiry and for any follow-up questions.

The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding). The data are deleted as soon as they are no longer required to fulfil this purpose and no statutory retention obligations stand in the way.

Storage (Supabase): Your enquiry data are stored for processing in a database operated by Supabase (Supabase, Inc., USA). Hosting takes place in the EU region (Frankfurt am Main, Germany). A data processing agreement (Auftragsverarbeitungsvertrag, AVV) is in place with the provider.

Notification (Resend): To notify us internally about your enquiry, an email may additionally be sent via the service Resend (Resend, Inc., USA); in this case the form data are transmitted to Resend (a third-country transfer to the USA on the basis of the EU standard contractual clauses and a data processing agreement). Legal basis for both processing operations: Art. 6(1)(b) or (f) GDPR. Your data are not passed on to third parties for advertising purposes.

7. Appointment booking (Calendly)

To book an initial consultation, we link to the service Calendly (Calendly LLC, USA). Only when you actively click the link are you redirected to Calendly, where data are processed (e.g. name, email, appointment time). The service is not embedded on this site. Legal basis: Art. 6(1)(b)/(f) GDPR. Privacy notice: calendly.com/privacy.

8. Contact via WhatsApp

We offer contact via WhatsApp (WhatsApp Ireland Ltd., Meta Platforms) as a link. Only when you click it do you yourself establish a connection to WhatsApp; from that point on, the privacy terms of WhatsApp/Meta apply. Legal basis: Art. 6(1)(f) GDPR.

9. Map display (OpenFreeMap)

To display our location, we use the MapLibre GL map library with map tiles from OpenFreeMap. When the map loads, your browser establishes a connection to the OpenFreeMap servers, which transmits your IP address. No API key and no tracking are used. Legal basis: Art. 6(1)(f) GDPR (an appealing presentation of our location).

10. 3D content (Spline)

On powerful desktop devices, an interactive 3D scene may be loaded via the service Spline (Spline, Inc., USA). In the process, your IP address is transmitted to Spline. On mobile devices, and when data-saver mode or reduced-motion settings are enabled, a local graphic is shown instead, without any external connection. Legal basis: Art. 6(1)(f) GDPR.

11. Fonts

The fonts used (Poppins, Open Sans) are served locally from our own server (self-hosted). No connection to Google Fonts or other third-party servers is established.

12. Cookies & web analytics (Microsoft Clarity)

By itself, this website only processes technically necessary data. To improve the site, we use Microsoft Clarity (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland), a web analytics service. Using cookies and similar technologies, Clarity records anonymised usage data, for example heatmaps and session recordings with masked inputs, to understand how the site is used.

Clarity is loaded only with your consent. On your first visit, we ask for your consent via a cookie banner. Without consent, no Clarity cookies are set and no data are transmitted to Microsoft. The legal basis is your consent (Art. 6(1)(a) GDPR, § 25 Abs. 1 TDDDG). You can withdraw it at any time with effect for the future, via “Cookie settings” in the footer or by deleting the website data in your browser.

In the process, data may be transferred to the USA; Microsoft is certified under the EU-US Data Privacy Framework. Further information is available in the Microsoft privacy statement.

13. Changes to this privacy policy

We will update this privacy policy whenever changes to the website or to our data processing make it necessary. The current version published here always applies.

Note: This privacy policy reflects the actual data processing on this website and will be updated whenever the services or processing operations used change.